It was not an attack, but an error in the update, CrowdStrike explains the causes of the giant IT outage

It was not an attack, but an error in the update, CrowdStrike explains the causes of the giant IT outage

Lupa.cz
 »

It was not an attack, but an error in the update, CrowdStrike explains the causes of the giant IT outage

Autor: screenshot, Lupa.cz

One of the biggest (if not the biggest) IT system outages worldwide was caused by a bug in updating the software used to protect computers and servers. This was confirmed by CrowdStrike, the company behind the application.

“This issue is not the result of a cyber attack, nor is it related to any attack,” CrowdStrike wrote in a statement.

A number of computers running the Falcon Sensor cybersecurity software were unable to boot on Friday due to the bug. The screens repeatedly displayed a prompt to repair the system and the machines rebooted endlessly.

“19. Jul 2024 at 4:09 UTC (6:09 a.m. our time, editor’s note) we have released a sensor configuration update for Windows systems. These updates are an ongoing part of the Falcon platform’s protection mechanisms. This update introduced a logic error that resulted in a system crash and a blue screen of death (BSOD) on affected systems,” CrowdStrike described. At 5:27 UTC (7:27 a.m. our time, editor’s note) According to the company, the error has been corrected.

According to the company, the bug in the update affected clients running Windows 7.11 and above whose computers were online between 04:09 UTC and 05:27 UTC and downloaded the update.

According to the company, updating the configuration is a normal part of Falcon’s operation and sometimes takes place several times a day. In layman’s terms, it can be compared to when an antivirus on a computer downloads information regarding new threats.

Falcon similarly downloads data on newly identified procedures for a specific type of attack, in this case on threats attempting to use the so-called named pipes (process used for communication between individual processes in the system). It then monitors these processes and tries to recognize possible attack activities in them.

“The update focused on newly observed malware named pipes used in common cyber attacks. A configuration update caused a logic error that caused the operating system to crash,” CrowdStrike added. Although the configuration file had a faulty .sys extension, it was not a system driver, according to the company.

The problem only affected computers with the Windows operating system, machines with Linux or MacOS were not affected.

In its statement, CrowdStrike promised to investigate the exact reasons why the update contained the bug and how it was possible that the offending update was released.

Did you find an error in the article?

It was not an attack, but an error in the update, CrowdStrike explains the causes of the giant IT outage

Editor-in-chief of Lupa.cz and external collaborator of Czech Radio Plus. Formerly editor of IHNED.cz, before Aktuálně.cz and Czech Radio. You can find me at Twitter or on LinkedIn.

`;
if (youtubeIframe !== null && vastUrls.length > 0) {
const re = /embed/(.*)?/;
const youtubeId = youtubeIframe.src.match(re)[1];
const youtubeImg = ‘ + youtubeId + ‘/hqdefault.jpg’;
let thumbWrap = `

`;
thumbWrap += ``
thumbWrap +=“;
youtubeIframe.following(document.createRange().createContextualFragment(thumbWrap));
youtubeIframe.style.display = ‘none’;
const youtubeThumb = document.getElementById(‘ytPrerollThumb’)
let prerollAdInitialized = false;
document.addEventListener(‘DOMContentLoaded’, handleInitScroll, false);
window.addEventListener(‘scroll’, handleInitScroll, false);
function handleInitScroll() {
if (prerollAdInitialized === false) {
const containerOffset = document.getElementById(‘ytPrerollThumb’).getBoundingClientRect();
const windowHeight = window.innerHeight;
if (containerOffset.top 0.0) {
prerollAdInitialized = true;
setTimeout(() => {
youtubeThumb.remove();
playPrerollAd();
}, 2000);
document.removeEventListener(‘DOMContentLoaded’, handleInitScroll, false);
window.removeEventListener(‘load’, handleInitScroll, false);
}
}
}
}
function playPrerollAd() {
youtubeIframe.following(document.createRange().createContextualFragment(videoEl));
const vjsOptions = {
fluid: true
};
const player = videojs(‘iinfo_youtube_preroll’, vjsOptions);
let vastUrlIndex = 0;
let playedAdCounter = 0;
const imaOptions = {
adTagUrl: vastUrls[vastUrlIndex],
numRedirects: 20,
vastLoadTimeout: 20000
};
console.log(“Preroll: Loading first ad – ” + vastUrls[vastUrlIndex]);
player.ima(imaOptions);
player.on(‘adend’, () => {
console.log(‘Preroll: VAST ad ended (adend).’);
playedAdCounter++;
playNext();
});
player.ima.addContentEndedListener(() => {
console.log(‘Preroll: VAST ad ended (content ended).’);
playedAdCounter++;
playNext();
});
player.on(‘adserror’, (e) => {
console.log(‘Preroll: VAST ads error.’);
playNext();
});
let adInitialized = false;
let adPlaying = false;
player.on(‘ads-manager’, () => { // resumeAd needs AdsManager ready
document.addEventListener(‘DOMContentLoaded’, handleScroll, false);
window.addEventListener(‘scroll’, handleScroll, false);
player.muted(true);
player.play();
adInitialized = true;
});
function handleScroll() {
const containerOffset = document.getElementById(‘iinfo_youtube_preroll_wrapper’).getBoundingClientRect();
const windowHeight = window.innerHeight;
if (player.isDisposed() === false) {
if (containerOffset.top 0.0) {
if (adInitialized === false) {
player.muted(true);
player.play();
adInitialized = true;
document.removeEventListener(‘DOMContentLoaded’, handleScroll, false);
window.removeEventListener(‘load’, handleScroll, false);
}
if (adPlaying === false) {
player.ima.resumeAd();
adPlaying = true;
}
} else {
if (adPlaying === true) {
player.ima.pauseAd();
adPlaying = false;
}
}
}
}
function playYtVideo() {
player.dispose();
youtubeIframe.style.display = ‘block’;
youtubeIframe.src += ‘&autoplay=1&mute=1’;
}
function playNextAd() {
if (vastUrlIndex = vastUrls.length – 1 || playedAdCounter >=2) {
playYtVideo();
} else {
playNextAd();
}
}
}

Leave a Replay