Security News > 2024 > July > The months and days before and after CrowdStrike's fatal Friday

The months and days before and after CrowdStrike's fatal Friday
2024-07-25 00:17

As far as we're aware - and let us know any other details you may have - the security snafu started way back on February 28, when CrowdStrike developed and distributed a sensor update for Falcon intended to detect an emerging novel attack technique that abuses named pipes on Windows.

At 0409 UTC on Friday, July 19, CrowdStrike pushed the ill-fated update to its Falcon endpoint security product.

"CISA is aware of the widespread outage affecting Microsoft Windows hosts due to an issue with a recent CrowdStrike update and is working closely with CrowdStrike and federal, state, local, tribal and territorial partners, as well as critical infrastructure and international partners to assess impacts and support remediation efforts," the government agency said.

As of 1137 UTC on July 22, CrowdStrike reported it had tested an update to the initial fix, and noted the update "Has accelerated our ability to remediate hosts." It also pointed users to a YouTube video with steps on how to self-remediate impacted remote Windows laptops.

IDC Group VP of Security and Trust Frank Dickson said CrowdStrike can save its reputation if they admit their mistakes and implement better practices to increase transparency in the software update process.

"We did send these to our teammates and partners who have been helping customers through this situation," a CrowdStrike spokesperson told The Register.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/07/25/crowdstrike_timeline/