CrowdStrike says configuration update affected Falcon Sensor, Windows OS

ISTANBUL

CrowdStrike said Wednesday a content configuration update affected the Falcon Sensor, which protects key risk areas, and the Windows Operating System caused a global IT outage last week.

The American cybersecurity technology firm said it released a content configuration update Friday for the Windows sensor to gather telemetry on possible novel threat techniques, which are a regular part of the dynamic protection mechanisms of its Falcon platform.

The problematic Rapid Response Content configuration update, however, resulted in a Windows system crash, it said.

While systems in scope include Windows hosts running sensor version 7.11 and above that were online Friday and received the update, Mac and Linux hosts were not affected, it added.

The defect in the content update was reverted later Friday, the company said in its preliminary post-incident review.

"Automated recovery techniques, coupled with strategic service delivery partners, have rapidly accelerated resolution," CrowdStrike wrote on X. "We can’t repeat enough, we’re aware of the impact and deeply sorry this occurred. We want to thank our customers and industry partners for their support and assistance following the release of a faulty content update. We know what happened and how to make sure it doesn’t happen again.”

The global outage hit thousands of computers around the world Friday and caused interruptions in devices using the Windows operating system.