Trends
CrowdStrike update likely skipped checks, outages widespread
Experts suggest that CrowdStrike’s recent software update, which caused a global tech outage, likely skipped crucial quality checks.
Headline
Experts suggest that CrowdStrike’s recent software update, which caused a global tech outage, likely skipped crucial quality checks.
Context
OUR TAKE CrowdStrike’s recent software update failure highlights the vulnerabilities in automated security solutions. The irony is glaring—software designed to protect against breaches ends up crippling systems. This incident, which disrupted critical infrastructures globally, emphasises the need for rigorous manual quality checks and robust software development. –Jasmine Zhang, BTW reporter CrowdStrike ‘s recent software update caused a major global tech outage, crashing clients’ systems, including banks, airlines, hospitals, and government offices.
Evidence
Pending intelligence enrichment.
Analysis
Security experts criticised the lack of adequate quality checks before deploying the Falcon sensor software update, meant to enhance cybersecurity against hacking threats. Faulty code in the update led to one of the most widespread outages in recent years for companies using Microsoft’s Windows operating system. CrowdStrike provided a fix, but experts noted that manual removal of the flawed code would take time. The issue, identified by security researcher Patrick Wardle, stemmed from a configuration or signature file error. The update quickly resulted in “blue screens of death” on numerous systems, highlighting the critical need for more rigorous code vetting processes in cybersecurity updates. Also read: Chaotic scenes as global IT outage hits airports, banks and media Also read: Alphabet plans to acquire cybersecurity startup Wiz for $23B
Key Points
- Experts suggest that CrowdStrike’s recent software update, which caused a global tech outage, likely skipped crucial quality checks.
- Faulty code in the update led to widespread “blue screens of death,” prompting a manual fix and calls for stricter quality checks in cybersecurity updates.
Actions
Pending intelligence enrichment.
