CrowdStrike claims a bug in an update that allowed its cybersecurity systems to send unauthorized data to millions of customers’ computers caused a global technology outage last week that canceled flights, interrupted television broadcasts and disrupted banks, hospitals and retail stores.
CrowdStrike also outlined measures it is taking to prevent the issue from recurring, including staging the rollout of updates, giving customers more control over when and where updates occur, and providing details about planned updates.
The company on Wednesday published online details of a “preliminary post-mortem investigation” into the outage, which caused disruption to many businesses that pay for the cybersecurity firm’s software services.
The Texas company said the issue was related to an “undetected error” in content configuration updates for the Falcon platform affecting Windows machines.
A bug in its content validation system could have allowed “problematic content data” to be distributed to CrowdStrike customers, which the company said led to an “unexpected exception” that caused the Windows operating system to crash.
As part of its new precautions, CrowdStrike said it was stepping up its internal testing and introducing “new checks” to prevent “this type of problematic content” from being deployed again.
CrowdStrike said a “significant number” of the roughly 8.5 million computers that crashed on Friday, causing global disruption, are back up and running as customers and regulators wait for more details about what happened.
CrowdStrike said it would release a full analysis of the Meltdown once its investigation is complete.
The outage caused widespread technical disruption for days, highlighted how dependent the world is on a few major computing service providers and drew the attention of regulators seeking more details about what happened.
