无码中文字幕一Av王,91亚洲精品无码,日韩人妻有码精品专区,911亚洲精选国产青草衣衣衣

Global EditionASIA 中文雙語Fran?ais
World
Home / World / Americas

CrowdStrike update likely skipped checks

Updated: 2024-07-22 09:33
Share
Share - WeChat
Travelers are stranded at George Bush Intercontinental Airport in Houston, Texas, on Saturday, after a global computer outage grounded planes and created chaos at airports. DAVID PAUL MORRIS/GETTY IMAGES

SAN FRANCISCO — CrowdStrike's routine update of its widely used cybersecurity software, which caused clients' computer systems to crash globally on Friday, apparently did not undergo adequate quality checks before it was deployed, security experts say.

The latest version of its Falcon sensor software was meant to make CrowdStrike clients' systems more secure against hacking by updating the threats it defends against. But a faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies using Microsoft's Windows operating system.

Global banks, airlines, hospitals and government offices were disrupted. "We currently estimate that CrowdStrike's update affected 8.5 million Windows devices," Microsoft said in a blog post on Saturday.

CrowdStrike released information to fix affected systems, but experts said getting them back online would take time as it required manually weeding out the flawed code.

"What it looks like is, potentially, the vetting or the sandboxing they do when they look at code, maybe somehow this file was not included in that or slipped through," said Steve Cobb, chief security officer at Security Scorecard in New York, which also had some systems affected by the issue.

Problems came to light quickly after the update was rolled out on Friday and users posted pictures on social media of computers with blue screens displaying error messages.

Patrick Wardle, a security researcher specializing in studying threats against operating systems, said his analysis identified the code responsible for the outage.

The update's problem was "in a file that contains either configuration information or signatures", he said. Such signatures are code that detects specific types of malicious code or malware.

"It's very common that security products update their signatures, like once a day ... because they're continually monitoring for new malware and because they want to make sure that their customers are protected from the latest threats," he said.

The frequency of updates "is probably the reason why (CrowdStrike) didn't test it as much", he said.

It is unclear how that faulty code got into the update and why it was not detected before being released to customers.

"Ideally, this would have been rolled out to a limited pool first," said John Hammond, principal security researcher at Huntress Labs in Maryland. "That is a safer approach to avoid a big mess like this."

Agencies via Xinhua

Most Viewed in 24 Hours
Top
BACK TO THE TOP
English
Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
License for publishing multimedia online 0108263

Registration Number: 130349
FOLLOW US