Technology
Danish Kapoor
Danish Kapoor

CrowdStrike’s faulty update affected 8.5 million Windows devices worldwide

Last Friday, an update released by CrowdStrike caused serious issues on 8.5 million Windows devices worldwide. Although Microsoft says that number accounts for less than one percent of all Windows devices, the technical glitches have caused widespread problems in industries including retail, banking, and aviation.

CrowdStrike released a technical statement following the incident, detailing the cause of the problem and why so many systems were affected. The problem centers on the configuration files used in the Falcon sensor’s behavioral protection mechanisms.

CrowdStike problem source: Configuration files

According to CrowdStrike, the main cause of this problem was the configuration files that determine how the Falcon sensor evaluates certain operations in the operating system. These files are updated several times a day by CrowdStrike in response to new tactics, techniques and procedures. However, a sensor configuration update released on July 19, 2024 at 07:09 UTC triggered a logic error, causing a system crash and a Blue Screen of Death (BSOD) error.

The issue was widespread. Systems running Windows 7.11 and above were subject to this crash if they downloaded this update between 07:09 and 08:27 UTC. This update was pushed to all computers despite having settings in place to prevent automatic updates.

Security researcher and Objective See founder Patrick Wardle, in his analysis of this issue, stated that the file named “C-00000291” caused a logic error and caused the operating system to crash. According to Wardle, this crash, which occurred through the CSAgent.sys file, caused one of the critical components of the Windows operating system to malfunction.

CrowdStrike quickly intervened to try to fix the problem to prevent users from encountering such issues. However, this situation has shaken the trust of companies and individuals in digital security systems. Especially in sectors where sensitive data is present, such technical glitches can have serious consequences, such as large companies and financial institutions.

Danish Kapoor