CrowdStrike blames test software for taking down 8.5 million Windows machines
CrowdStrike identifies a bug in test software for crashing 8.5 million Windows systems and vows to improve testing and error handling.
CrowdStrike released a detailed post-incident review of a buggy update that caused 8.5 million Windows machines to crash. They identified the issue as a 40KB Rapid Response Content file, which passed validation despite containing problematic data.
CrowdStrike admitted that insufficient testing on the Rapid Response Content led to the error. They plan to enhance local developer testing, stress testing, fuzzing, and fault injection to ensure more robust validation.
Additionally, CrowdStrike will update its Content Validator and improve error handling in its Falcon sensor. They will also implement staggered deployments to avoid widespread issues from future updates.