CrowdStrike routine cybersecurity update caused global computer system crashes on Friday, affecting banks, airlines, hospitals, and government offices. Experts say the faulty code in the Falcon Sensor software update, intended to enhance security against hacking, was not adequately vetted before deployment.
The update led to widespread disruption for companies using Microsoft’s Windows operating system, with users sharing images of “blue screens of death” online. Steve Cobb, Chief Security Officer at Security Scorecard, suggests the update may have bypassed proper sandbox testing.
The issue stemmed from a file containing configuration information or signatures used to detect malware. Frequent updates, common in cybersecurity, likely led to inadequate testing. Similar past incidents include McAfee’s 2010 antivirus update, which affected hundreds of thousands of computers.
CrowdStrike’s dominance in the industry, with its software used by over half of Fortune 500 companies and major government bodies, magnified the impact of this outage. Fixing affected systems will require manually removing the flawed code, a process expected to take time.
