CrowdStrike crash Windows BSOD - Hashtechwave
ComputingNews

Uncovering the Truth: How CrowdStrike Update Broke Windows

Syed Safwan Abbas
By Syed Safwan Abbas - Full Stack Web Developer 6 Min Read

On the 19th of July 2024, an update of CrowdStrike caused a worldwide outage of all Windows-based systems, affecting hundreds of organizations across all industries. The problem lay within an update made to the CrowdStrike Falcon Cybersecurity platform, where it introduced a bug that eventually caused out-of-bounds memory read errors for the systems, ultimately crashing with the infamous Blue Screen of Death.

Contents
CrowdStrike Overview and Connection with MicrosoftCrowdStrike’s Connection with MicrosoftThings that lead Windows Crash on FridayPreventive Measures and Future SafeguardsFraud to Teammates and Partners: UberEats Gift Card
- Advertisement -
George Kurts Tweet
Source (Twitter X)

George Kurt (CEO, CrowdStrike Falcon) simply posted on his Twitter (X) handle by addressing issue that “It is identified, isolated and a fix patch is deployed“. Although it affected less than 1% of Windows devices, it grounded over 6% of flights and disrupted surgeries, broadcasts, money transfers, 911 call centers, and more.

CrowdStrike Overview and Connection with Microsoft

CrowdStrike, which is a leading US based cybersecurity company that holds a significant global market share. Their software “Falcon” offers advance threat detection and response capabilities by leveraging artificial intelligence and behavioural analysis to protect against malware, ransomware and other cyber threats.

- Advertisement -
CrowdStrike Major outbreak in Mumbai
Mumbai Station Footage, Where Microsoft System is facing BSOD

Read Also: GPT-4o: Hype or Hope? Explore Latest Conversational AI

CrowdStrike’s Connection with Microsoft

CrowdStrike’s Falcon platform is closely integrated with Microsoft Windows, as it provides endpoint protection for Windows-based systems. This integration means that any updates or changes to the Falcon platform can directly impact Windows machines.

- Advertisement -

It is a lightweight agent that installs on Windows computers, continuously monitoring for threats and providing real-time detection and response capabilities. The integration with Windows allows Falcon to leverage deep system hooks to identify and mitigate threats effectively. However, this close integration also means that issues with Falcon updates can have significant repercussions for Windows users, as seen in the recent outage​

CrowdStrike website informing customers about the Windows crashes related to Falcon.
CrowdStrike website informing customers about the Windows crashes related to Falcon.

More Read

World’s First 18 inch 4K laptop with 120Hz - hashtechwave msi raider 18
Know-How On MSI Raider 18 HX Insider Secret Tips & Tutorial
MSI Raider 18 HX A14V Ultimate Power Review & 18″ 4K Display
Is Gigabyte G6 KF (2024) Gaming Beast or Just Hype? Review
Apple MacBook Pro M4 Specs, Performance and Pricing: in 2024
HP Victus 15 AMD 5 Ryzen 8650HS or Intel Core i5 12450H? What to Choose in 2024

Things that lead Windows Crash on Friday

CrowdStrike frequently updates their Falcon sensor with Rapid Response Content which includes the updated data on newly discovered hacking techniques. This Sensor then utilizes this information to monitor the installed device for any signs of breaches.

- Advertisement -

On a recent Friday morning, CrowdStrike released two updates. Despite being checked by an internal tool called the Content Validator which is supposed to automatically detect and block faulty updates, one problematic update slipped through and was released. This failure in the validation process led to the subsequent system crashes.

When the Falcon sensors received the update they tried to execute it using a built-in component called the Content Interpreter. This process threw “out-of-bounds” memory read error which occurs when a program tries to access an unauthorized section of the computer’s memory. This error was the root cause of the crashes experienced by the affected Windows systems.

- Advertisement -

Preventive Measures and Future Safeguards

Following the 19th July 2024 incident, CrowdStrike has outlined a series of measures to prevent similar occurrences in the future

  • Enhanced Scanning: CrowdStrike plans to bolster its error detection processes by implementing more rigorous scanning of Rapid Response Content updates. Multiple software testing techniques include fault injection, where errors are intentionalized to test the robustness and recoverability in the software.
  • Upgraded Content Validator System: The company will upgrade its Content Validator, the system responsible for checking the reliability of updates before their release. New validation features will be added to detect errors similar to the one that caused the recent Windows crashes
  • Phased Rollout of Updates: Rather than deploying updates to all devices at once, CrowdStrike will adopt a phased rollout strategy. Updates will initially be released to a smaller group of devices, known as a “canary” group. If no issues are detected within this subset, the update will then be gradually rolled out to the broader user base. This staged approach allows for early detection of problems, minimizing the risk of widespread disruptions​
  • Improved Falcon Sensor Features: The Falcon sensor, the core component installed on customer devices, will receive enhancements to improve its ability to recover from faulty updates. Additionally, customers will be given more flexibility in how and when they choose to download and install updates.

Fraud to Teammates and Partners: UberEats Gift Card

After crash of millions of computers with careless update, CrowdStrike offered $10 Uber Eats gift card to the administrative team and partners for their effortless services to fix the bug. To apologize with their partners, Falcon creators sent them an email “To express their gratitude”.

- Advertisement -
Crowd Strike Uber Eats Voucher
Image Credit: TechCrunch

Many of people who received this email, went to redeem this voucher but unfortunately they received error from Uber Ear in which they said “Voucher has be cancelled issuing party and is no longer valid”.

TAGGED:
Share This Article
By Syed Safwan Abbas
Full Stack Web Developer
Follow:
Syed Safwan Abbas is the owner of HashBitStudio, a digital solutions agency specializing in web development, branding, and digital marketing. He also runs HashTechWave, a popular blog focused on tech and entertainment. As a full-stack developer with expertise in MERN, Next.js, and a wide range of web technologies, Safwan is passionate about creating innovative digital experiences. Before founding HashBitStudio and HashTechWave, he gained extensive experience in both frontend and backend development, refining his skills across various roles. When he's not building cutting-edge websites or writing insightful blog posts, Safwan enjoys exploring the latest tech trends, experimenting with new frameworks, and working on creative projects.
Previous Article Meta quest 3 - hashtechwave Meta Quest 3 Blends Virtual and Real Worlds with Meta AI
Next Article Samsung Galaxy Ring Features on HashTechWave Samsung Galaxy Ring: Is This the Best Next-Gen Health & Fitness Tracker 2024

Find Us on Socials

Trending Posts

pushpa 2 Alu Arjun new look
Pushpa 2: The Rule – Cast, Leaks, Release Date & Much More
Entertainment
NYT Connections hints of 21 nov 2024 - hashtechwave
Today NYT Connections Hints & Answers of November 22, 2024
Gaming
NYT Strands 21 Nov 2024 - what is it, spangrams rules and how to play - hashtechwave
Today’s NYT Strands hints, spangram with answer: Nov 22, 2024
Gaming
Apple iPad 8th Generation Review- hashtechwave
Should You Buy Apple iPad 8th Generation in 2024 For Gaming?
Mobile
- Advertisement -