CrowdStrike blames testing shortcomings for Windows meltdown
- by nlqip
“Based on the testing performed before the initial deployment of the Template Type (on March 05, 2024), trust in the checks performed in the Content Validator, and previous successful IPC Template Instance deployments, these instances were deployed into production,” CrowdStrike explained in its review.
“When received by the sensor and loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD),” it added.
Testing improvements
From now on, CrowdStrike updates will be tested locally before being sent to clients. Content update and rollback testing will be carried out and there’ll be additional stability and content interface testing.
Source link
lol
“Based on the testing performed before the initial deployment of the Template Type (on March 05, 2024), trust in the checks performed in the Content Validator, and previous successful IPC Template Instance deployments, these instances were deployed into production,” CrowdStrike explained in its review. “When received by the sensor and loaded into the Content Interpreter,…
Recent Posts
- Ivanti Says ‘Critical’ Cloud Gateway Vulnerability Seeing Exploitation
- Microsoft Edge will flag extensions causing performance issues
- Sophos CEO On How EDR Vendors, Microsoft Are ‘Rethinking’ Security After CrowdStrike Outage
- This Windows PowerShell Phish Has Scary Potential – Krebs on Security
- Unexplained ‘Noise Storms’ flood the Internet, puzzle experts