As millions of Windows computers were left crippled for hours, disrupting the services of airlines, banks, hospitals and stock exchanges worldwide, cyber-security platform CrowdStrike on Saturday tried to explain what actually went wrong at their end.
According to the company which provides third-party security updates to the Satya Nadella-run tech giant, on July 19, at 9.30 a.m. (India time), it released a sensor configuration update to Windows systems.
Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform.
“This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems,” said CrowdStrike.
In a technical blog, the company said the sensor configuration update that caused the system crash was remediated at around 10.57 a.m.
“This issue is not the result of or related to a cyberattack,” it said.
Millions of customers running Falcon sensor for Windows version 7.11 and above that were online were impacted.
“Systems running Falcon sensor for Windows 7.11 and above that downloaded the updated configuration from 9.30 a.m. to 10.57 a.m. -- were susceptible to a system crash,” the company said.
According to it, this is not a new process and the architecture has been in place since Falcon’s inception.
The update that occurred at 9.30 a.m. was designed to target newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks.
The configuration update triggered a logic error that resulted in an operating system crash.
“CrowdStrike has corrected the logic error by updating the content in Channel File 291. No additional changes to Channel File 291 beyond the updated logic will be deployed. Falcon is still evaluating and protecting against the abuse of named pipes,” the company explained.
Systems that are not currently impacted will continue to operate as expected, continue to provide protection, and have no risk of experiencing this event in the future.
“We understand how this issue occurred and we are doing a thorough root cause analysis to determine how this logic flaw occurred. This effort will be ongoing,” said CrowdStrike.
Piyush Goyal meets top execs of Elon Musk's Starlink on firm’s India plans
Commerce and Industry Minister Piyush Goyal held a meeting with top executives of Elon Musk’s Starlink here on Wednesday to discuss the company’s investment plans for India.
Tripura: Two workers killed, two injured after tree collapses
At least two workers, including a woman of MGNREGA, were killed and two more seriously injured when a big tree got uprooted and fell on them in Tripura’s mountainous Dhalai district on Wednesday, officials said.
Finland President dials PM Modi, discusses ongoing collaborations in digitalization, mobility
Prime Minister Narendra Modi and Finland President Alexander Stubb reiterated their commitment to further strengthen and deepen the partnership between the two countries, including in the areas of quantum, 5G-6G, AI and cyber-security during their telephonic conversation, on Wednesday.
Mamata Banerjee’s govt must be dismissed: Shiv Sena on Bengal violence
Shiv Sena MP and Spokesperson Naresh Mhaske on Wednesday launched a fierce attack against West Bengal Chief Minister Mamata Banerjee’s government, demanding the immediate dismissal of her government over its alleged failure to protect Hindus from repeated communal violence.
Herald case: BJP digs out Nehru-Patel's exchange to rebut Cong's charges
BJP MP Sudhanshu Trivedi, addressing a press conference, put up written exchanges between India’s first PM, Nehru and Sardar Patel regarding the Associated Journals Limited (AJL), which controls the National Herald.
National Herald belongs to freedom fighters, not personal property of any family: Rajasthan BJP chief
Rajasthan BJP chief Madan Rathore on Wednesday lashed out at the Congress over the National Herald case, saying that the institution belongs to the freedom fighters, and it is not the personal property of any family.
'Concerned over violence': SC posts further hearing on Waqf (Amendment) Act challenge pleas for tomorrow
During the course of the hearing, the apex court indicated that it would pass an interim order providing that the properties already declared as waqf by court order or otherwise will not be denotified by virtue of the recent amendment.
Were Abdullahs on the same page with PM Modi on Article 370; ex-RAW chief says 'yes'
Former RAW chief, A.S. Dulat in his recent book, ‘The Chief Minister and the Spy’, has generated a storm in the tea cup for the ruling National Conference (NC) in Jammu and Kashmir by writing that the ‘former Chief Minister Dr Farooq Abdullah was secretly on board when Article 370 was removed’.