- CrowdStrike has hired external firms to investigate the cause of a global outage linked to a faulty update.
- The company plans to stagger updates and improve internal testing to prevent future incidents.
- Legal challenges arise, including lawsuits from shareholders and Delta Airlines over the outage’s impact.
CrowdStrike, a leading cybersecurity company, is navigating the aftermath of a significant outage that disrupted its services worldwide.
As the dust settles, the company is taking steps to understand the root causes of the issue that impacted its enterprise customers.
To prevent future occurrences, CrowdStrike has brought in two external security firms to thoroughly investigate what went wrong.
The Problem at Hand
The recent outage at CrowdStrike was traced back to a pushed update that caused major disruption across its network. The issue was linked to a system known as the “Content Validator,” designed to ensure content integrity before it goes live.
Unfortunately, this system failed to function as expected, allowing a faulty IPS Template Instance—used to detect potential cyber threats—to be validated.
This error led to crashes across numerous systems due to out-of-bounds memory reads, a technical term for when a program tries to access memory it shouldn’t.
Steps Toward a Solution
In response to the incident, CrowdStrike has outlined several measures to prevent similar issues in the future.
One of the key strategies involves staggering the deployment of templates across devices. This approach is designed to reduce the risk of a single faulty update causing widespread disruption.
Additionally, the company has updated its content validator to include runtime bounds, which will help prevent the kind of memory issues that triggered the recent outages.
CrowdStrike also plans to implement more rigorous internal testing procedures. While these measures are a step in the right direction, only time will tell if they will be sufficient to prevent future incidents.
Legal Repercussions and Corporate Backlash
The fallout from the outage has not been limited to technical challenges. CrowdStrike is also facing legal action from shareholders who have filed a class-action lawsuit.
The shareholders allege that the company failed to implement a phased update rollout system, which could have mitigated the impact of the faulty update.
In a separate legal battle, Delta Airlines has sued CrowdStrike for lost revenue during the six-day outage. CrowdStrike, however, disputes the claim, arguing that Delta’s losses were not solely due to the outage.
Despite these legal challenges, CrowdStrike remains confident in its position. The company has stated that it believes the shareholder lawsuit lacks merit, pointing out that the responsibility for implementing a rolling patch system lies squarely with the company. Whether or not this defense will hold up in court remains to be seen.
