CrowdStrike update likely skipped checks, experts say

38,321 次觀看・3 個月前

STORY: CrowdStrike's routine update of its cybersecurity software, which caused global computer crashes on Friday, apparently didn't undergo proper quality checks before being deployed.

That's according to three security experts.

The latest version of its Falcon Sensor software was meant make its clients' systems more secure against hacking. But faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies using Microsoft's Windows operating system.

One security expert said companies like CrowdStrike update their products frequently against malware. But that frequency, he said, is probably why CrowdStrike did not test its product as much.

Air passengers worldwide faced delays and flight cancellations as airports and airlines - along with banks, hospitals and government offices - were caught up in the IT outage.

This family from Paris was stranded at the airport in Edinburgh, Scotland.

''Every hotel in Edinburgh was fully booked. I phoned to 20 such hotels and, 'No, we are booked, sorry.' So we decided to sleep in the airport, on the floor. It's a tough decision with the kids and family, but we have no other solution."

Microsoft on Saturday said nearly 8.5 million of its devices were affected, or less than one percent of all Windows machines.

CrowdStrike released information to fix affected systems, but experts said getting them back online would take time as it required manually weeding out the flawed code.