#134 The CrowdStrike Incident
Bringing Down Millions of Windows PCs
On July 19th, 2024, the cybersecurity firm CrowdStrike released an update for its Falcon Sensor software that brought down millions of Windows computers around the world. Some of these computers were involved in critical infrastructure like airlines, hospitals, and governments. Falcon Sensor, which hooks into the Windows kernel, was certified by Microsoft and cryptographically signed. The update triggered a classic (and common) bug reading past the end of an array. It not only crashed Windows, but didn't even allow it to complete its boot process. In this episode we explain what the bug was and why CrowdStrike did not catch it before it had the opportunity to bring down millions of machines.
Show Notes
Follow us on X @KopecExplains.
Theme “Place on Fire” Copyright 2019 Creo, CC BY 4.0
Find out more at http://kopec.live