keneci
News • Science & Tech • Comedy
CrowdStrike, Microsoft Release Preliminary Reports Following Disruptive Buggy Software Update That Affected Windows Computers Worldwide
July 29, 2024
post photo preview

Following the cybersecurity company's July 19 software update debacle which affected Windows computers worldwide, and the ensuing disruptions, CrowdStrike has released a Preliminary Post Incident Review(PIR) on the Content Configuration Update Impacting the Falcon Sensor and the Windows Operating System (BSOD). This will be more detailed in the company's full investigation in the forthcoming Root Cause Analysis that will be released publicly, according to CrowdStrike.

"On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques," the company wrote in the preliminary review. "These updates are a regular part of the dynamic protection mechanisms of the Falcon platform. The problematic Rapid Response Content configuration update resulted in a Windows system crash. Systems in scope include Windows hosts running sensor version 7.11 and above that were online between Friday, July 19, 2024 04:09 UTC and Friday, July 19, 2024 05:27 UTC and received the update. Mac and Linux hosts were not impacted. The defect in the content update was reverted on Friday, July 19, 2024 at 05:27 UTC. Systems coming online after this time, or that did not connect during the window, were not impacted."

As to what Went wrong and why? The company writes: "CrowdStrike delivers security content configuration updates to our sensors in two ways: Sensor Content that is shipped with our sensor directly, and Rapid Response Content that is designed to respond to the changing threat landscape at operational speed. The issue on Friday involved a Rapid Response Content update with an undetected error."

The report continues:

"Sensor Content provides a wide range of capabilities to assist in adversary response. It is always part of a sensor release and not dynamically updated from the cloud. Sensor Content includes on-sensor AI and machine learning models, and comprises code written expressly to deliver longer-term, reusable capabilities for CrowdStrike’s threat detection engineers.

"These capabilities include Template Types, which have pre-defined fields for threat detection engineers to leverage in Rapid Response Content. Template Types are expressed in code. All Sensor Content, including Template Types, go through an extensive QA process, which includes automated testing, manual testing, validation and rollout steps.

"The sensor release process begins with automated testing, both prior to and after merging into our code base. This includes unit testing, integration testing, performance testing and stress testing. This culminates in a staged sensor rollout process that starts with dogfooding internally at CrowdStrike, followed by early adopters. It is then made generally available to customers. Customers then have the option of selecting which parts of their fleet should install the latest sensor release (‘N’), or one version older (‘N-1’) or two versions older (‘N-2’) through Sensor Update Policies.

"The event of Friday, July 19, 2024 was not triggered by Sensor Content, which is only delivered with the release of an updated Falcon sensor. Customers have complete control over the deployment of the sensor -- which includes Sensor Content and Template Types."

Microsoft in a blog post, also examined the CrowdStrike outage and provided a technical overview of the root cause.

The computing giant explains why security products use kernel-mode drivers today and the safety measures Windows provides for third-party solutions. And shares how customers and security vendors can better leverage the integrated security capabilities of Windows for increased security and reliability. Microsoft also provides a look into how Windows will enhance extensibility for future security products.

Microsoft also confirms CrowdStrike’s analysis that this was a read-out-of-bounds memory safety error in the cybersecurity developed CSagent.sys driver.


CrowdStrike Software Bug Causes Global IT Outage, Disruptions In Aviation, Other Sectors

A software update from a United States cybersecurity firm CrowdStrike on Friday(July 19), caused a widespread IT outage and 'blue screens of death,' affecting millions of Microsoft Windows devices worldwide. The incident resulted in significant disruptions to various industries, including aviation.

Hundreds of flights were canceled or delayed globally, with Delta Air Lines being particularly affected. The outage impacted airport systems, including baggage handling and security screening, causing long lines and congestion at the airports, as passengers were unable to check in or access flight information.

Many Fortune 500 companies, including airlines, are estimated to have lost up to $5.4 billion in revenues and gross profit due to the outage. The health care and banking sectors were also severely affected, with estimated losses of $1.94 billion and $1.15 billion, respectively.

In the United Kingdom, some hospitals experienced issues with electronic patient records and medical equipment. Flights were canceled or delayed, with British Airways and EasyJet among the airlines affected. Firms relying on CrowdStrike’s cybersecurity services, such as security monitoring and incident response, were also affected. Ambulance and fire services faced difficulties with communication and dispatch systems.

Also impacted in the the UK, are thousands of businesses and organizations using Microsoft products, such as Windows and Office. Amazon Web Services (AWS) users also experienced issues with their cloud services.

The cybersecurity firm has since released a software update to fix the bug.

CrowdStrike CEO George Kurtz faced backlash for his initial response on X, to the debacle. “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” Kurtz wrote Friday. “Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.”

Kurtz initially struggled to provide a timeline for when systems would be restored, leaving customers and regulators in the dark. His response was criticized for being too technical and lacking a personal touch.

Lulu Meservey, chief executive of public relations company Rostra, posted a scathing critique of the statement on social media platform X earning over 15,000 likes as she lambasted Kurtz for using “weapons-grade corpo speak.”

“Let’s be clear. Legalese doublespeak is designed to dodge and obfuscate rather than inform or communicate,” said Meservey. “This statement was obviously written by a committee of lawyers and middle managers whose only goal was to avoid legal risk and threats to their own job security. If you can’t understand what the statement is even saying, it’s working as intended.”

She criticised Kurtz for adopting a “passive voice” and described the statement as “almost comical in its efforts to dodge assigning responsibility,” before pointing out a lack of an apology.

“The first words should be ‘I’m sorry,’” she said. “This outage knocked out 911 call centres and hospitals. People literally might have died. And the company’s CEO is out here playing it down as if it’s not a big deal.”

To make matters worse, CrowdStrike offered a $10 UberEats voucher as a token of apology to its staff and partners. This gesture was widely panned as insufficient and insensitive, particularly given the significant financial losses incurred by affected businesses, estimated to be around $5.4 billion.

Kurtz, in a statement on the company’s website late on Friday afternoon, apologized once again for the outage and said that CrowdStrike was working to help restore systems.

“Nothing is more important to me than the trust and confidence that our customers and partners have put into CrowdStrike,” Kurtz said. “As we resolve this incident, you have my commitment to provide full transparency on how this occurred and steps we’re taking to prevent anything like this from happening again.”

The CEO told NBC’s Today Show in the US that the problem was down to a bug in a single update. “We identified this very quickly and remediated the issue,” he said, adding that CrowdStrike was now “working with each and every customer to make sure that we can bring them back online.”

Kurtz said there had been a “negative interaction” between the update and Microsoft’s operating system, which had then caused computers to crash, sparking the global outage, which remains ongoing.

Asked how one faulty update could cause such global chaos, he said: “We have to go back and see what happened here, our systems are always looking for the latest attacks from adversaries that that are out there.”

He reiterated that there was no possibility it was a cyber-attack. However, although the problem had been identified and a fix issued, Kurtz said “it could be some time for some systems” to return to normal, stressing that they would not “just automatically recover.”

Authorities in the UK and the US Department of Transportation are investigating the incident, and airlines are reviewing their contingency plans to mitigate the impact of future outages. Kurtz is due to testify in a US congressional hearing.

 

community logo
Join the keneci Community
To read more articles like this, sign up and join my community today
0
What else you may like…
Videos
Posts
Articles
SpaceX Starlink Internet Satellites

With Starlink internet, data is continuously being sent between a ground dish and a Starlink satellite orbiting 550km above. Furthermore, the Starlink satellite zooms across the sky at 27,000 km/hr! MORE VIDEOS ON KENECI NETWORK RUMBLE CHANNEL: https://rumble.com/c/Keneci

00:28:08
Elon Musk, DOGE Speak On Waste And Fraud

US Department of Government Efficiency Services (USDS) led by Elon Musk speak on the "mind-boggling" fraud and waste in UInited States federal government

00:00:45
January 17, 2025
SpaceX Launches Starship 7th Test Flight

SpaceX successfully executed its second-ever “chopsticks” catch of a Super Heavy booster (or Booster 14) using the “Mechazilla” launch tower on Thursday(Jan. 16), during the seventh uncrewed test flight of the company's 123-meter Starship rocket. However, the megarocket's upper stage(or Ship 33) was lost approximately 8.5 minutes into the flight in a “rapid unscheduled disassembly(RUD)” or explosion

00:10:30
Welcome to Keneci Network!

Join the conversations!

September 17, 2024
Charges Against Sean 'Diddy' Combs In Grand Jury Indictment

The rapper was charged with racketeering conspiracy, sex trafficking by force, fraud or coercion, and transportation to engage in prostitution in the indictment unsealed Tuesday(Sept. 17)

Combs-Indictment-24-Cr.-542.pdf
"Dear husband"

A Dubai princess took to social media to announce she's divorcing her husband who's worth $40B.

She claims the billionaire is busy with his "other [female] companions"

post photo preview
post photo preview
Ex-FBI Director James Comey Indicted By Grand Jury For Obstruction Of Justice Lying To Congress

A federal grand jury on Thursday,  in Northern Virginia indicted former FBI Director James Comey on two felony counts: one for making false statements to Congress and one for obstruction of justice. Each charge carries a potential penalty of up to 5–10 years in prison.

These charges arise from Comey's testimony before the Senate Judiciary Committee in 2020, during which prosecutors allege he provided misleading information about his handling of the FBI's investigation into contacts between Russia and Donald Trump's 2016 presidential campaign.

The indictment was unsealed late Thursday, marking a significant escalation in the long-simmering feud between Comey and President Trump, who was re-elected in 2024. The trial date has not been set, but it could extend into 2026.

Comey served as FBI Director from 2013 until his abrupt firing by Trump in May 2017, amid the early stages of the Russia investigation. Trump has long accused Comey of orchestrating a "witch hunt" against him, blaming the former director for the appointment of Special Counsel Robert Mueller, whose probe dominated much of Trump's first term.

The charges stem from Comey's 2020 congressional testimony, where he reportedly downplayed the extent of his communications with Trump regarding the Russia probe and his role in leaking memos about those interactions.

The case gained momentum earlier this year when the Secret Service interrogated Comey over a social media post showing seashells arranged as "86 47"—a reference interpreted by Trump allies as a coded assassination threat against the president (the 47th). Comey deleted the post, calling it a "restaurant-themed joke" about removing Trump from office.

Responding in a video message, Comey declared: "I'm not afraid.. I'm innocent. Let's have a trial."

President Trump celebrated the indictment on social media, posting: "Today he was indicted by a Grand Jury on two felony counts for various illegal and unlawful acts. He has been so bad for our Country, for so many years... One of the worst human beings this Country has ever been exposed to." Supporters echoed this sentiment, with conservative commentator Jesse Kelly warning that the trial's location—potentially in Washington, D.C.—could lead to an acquittal due to liberal bias of the jury pool.

Read full Article
post photo preview
'I Control Donald Trump:' Netanyahu Brags To World Leaders -Tucker Carlson

Popular American commentator, journalist and conservative firebrand Tucker Carlson has publicly accused Israeli Prime Minister Benjamin Netanyahu of boasting to foreign leaders that he controls both President Donald Trump and U.S. foreign policy, calling the situation "humiliating" for America.

The Tucker Carlson Show host made these remarks during a recent appearance on the System Update podcast hosted by Glenn Greenwald, where he also criticized U.S. support for Israel's war in Gaza and argued that American leaders are being forced into actions detrimental to the nation's interests.

Carlson stated he has direct knowledge of Netanyahu's claims based on conversations with people who heard him say it, asserting that the Israeli leader is "running around" the Middle East and telling people point blank, "I control the United States. I control Donald Trump."

The conservative firebrand emphasized that his criticism is directed at U.S. leaders who, in his view, are allowing the country to be subjected to a "humiliation ritual" due to foreign influence, arguing that this undermines the fundamental relationship between citizens and their government.

Carlson described Israel's military actions in Gaza as an "expansion" and dismissed accusations of bigotry against him, stating he is not hurt by such labels because he knows he is not a bigot.

The conservative commentator has faced backlash from Jewish Zionists, for his remarks at Charlie Kirk’s memorial service, where he recounted a story likening Kirk’s murder to the crucifixion of Jesus, including a scene of men in a lamplit room eating hummus plotting to kill Lord Jesus Christ. (Matthews 26: 1-5).

Critics, including Jewish groups and Israeli officials, have condemned the speech as an antisemitic dogwhistle, arguing that the reference to hummus—a modern Middle Eastern food—was a deliberate and offensive trope implying Jewish involvement in Kirk’s assassination.

Carlson defended his remarks in the System Update podcast interview., pointing out that he categorically and publicly makes his views about Israel and Netanyahu known, and doesn't need to imply it in a speech about Kirk.

While prominent Zionist and Jewish neoconservative voices criticized the speech, many MAGA-aligned conservative movement’s figures, including Congresswoman Marjorie Taylor Greene and former Congressman and OANN host Matt Gaetz praised Carlson's speech.

The controversy underscores the growing concern on the American right over Israeli influence on U.S. foreign policy especially in the Middle East. Growing number of conservatives -- traditionally allied with the Israeli right -- have started in recent years, started questioning the policies of Netanyahu's government in the region since the break out of the ongoing genocidal war against Palestinians in Gaza. "It is America First, not Israel First," is a common meme on social media among right-leaning critics of Trump's bizarrely submissive pro-Israel policies.

Read full Article
post photo preview
KA-03: ULA Atlas V Launches 27 Amazon Project Kuiper Internet Satellites

A United Launch Alliance (ULA) Atlas V 551 rocket successfully launched 27 Project Kuiper broadband satellites into low Earth orbit on Thursday, Sept, 25, at 1209 UTC from Space Launch Complex-41 at Cape Canaveral Space Force Station in Florida.

The Atlas V 551 rocket, featuring five GEM 63 solid rocket boosters and a single RL10C-1-1 engine on its Centaur upper stage, lifted off on schedule. The launch window was 29 minutes long, and favorable weather conditions, with a 95% chance of acceptable conditions, were confirmed by the U.S. Space Force's 45th Weather Squadron.

The payload fairing, a 23-meter composite shroud, was jettisoned after ascent through the atmosphere. The Centaur upper stage's main engine cutoff (MECO) was confirmed, and the 27 satellites were successfully deployed at an initial altitude of 450 kilometers(km).

The satellites will now be gradually raised to their operational orbit of 630 km by Amazon's mission operations center in Redmond, Washington.

The Kuiper 3 (or KA-03) mission marks the fifth launch for Amazon's Project Kuiper constellation and the third batch of satellites delivered by ULA on the Atlas V rocket. The launch was part of a morning doubleheader, following a SpaceX Falcon 9 launch carrying 28 Starlink satellites just hours earlier.

This launch is the third of nine planned Atlas V missions for Amazon's Project Kuiper constellation, with the remaining five scheduled before transitioning to the next-generation Vulcan rocket.

ULA is delivering more than half of the constellation's 3,200 satellites under the world's largest commercial launch agreement. These spacecraft will be lofted on more than 80 launches performed by a variety of rockets — SpaceX's Falcon 9, Arianespace's Ariane 6, Blue Origin's New Glenn and ULA's Atlas V and Vulcan Centaur.

Thursday's successful launch brings Amazon's total number of in-orbit Project Kuiper satellites to 129. Project Kuiper faces competition from SpaceX's Starlink, which operates the world's largest satellite constellation with over 8,000 satellites as of September 2025.

Read full Article
See More
Available on mobile and TV devices
google store google store app store app store
google store google store app tv store app tv store amazon store amazon store roku store roku store
Powered by Locals