Several security issues and process gaps were noted by CrowdStrike to have caused the widespread global IT outage involving a botched update for its Falcon platform, reports SecurityWeek.
Aside from inconsistencies between Content Validator inputs and those received by the Content Interpreter, such an issue was also caused by an out-of-bounds flaw in the Content Interpreter and inadequate testing, according to a root cause analysis issued by CrowdStrike. Widespread system crashes have stemmed from an out-of-bounds memory read over the input data array when Content Interpreter sought to access the 21st input value as it was only supposed to process 20 values, said CrowdStrike. "While this scenario with Channel File 291 is now incapable of recurring, it also informs process improvements and mitigation steps that CrowdStrike is deploying to ensure further enhanced resilience," noted CrowdStrike, which has already moved to enlist independent third-party software security providers to assess Falcon security.
Risk Assessments/Management, Patch/Configuration Management
More details regarding cause of CrowdStrike outage revealed
Share
(Adobe Stock)
Related Terms
British Standard 7799Buffer OverflowBugBusiness Impact Analysis (BIA)Chain of CustodyCompetitive IntelligenceData CustodianDisassemblyDue CareDue DiligenceGet daily email updates
SC Media's daily must-read of the most current and pressing daily news