CrowdStrike hires outside help to track down cause of global outages as it reveals first findings

0
9

As CrowdStrike and its enterprise customers recover from the recent outage catastrophe, and it already being public knowledge that a pushed update caused the problem, the company has hired two security firms to look further into the issue.

The external code review was announced in a root causes analysis (PDF), while it was already known in the course of a post-incident review that a system designed to validate content (a ‘Content Validator’) failed to kick in, allowing a faulty IPS Template Instance intended to detect attacks to validate, causing crashes due to out-of-bounds memory reads.

LEAVE A REPLY

Please enter your comment!
Please enter your name here