CrowdStrike said several security issues and process gaps contributed to the widespread global IT outage involving a botched update for its Falcon platform, reports SecurityWeek.
Aside from inconsistencies between Content Validator inputs and those received by the Content Interpreter, such an issue was also caused by an out-of-bounds flaw in the Content Interpreter and inadequate testing, according to a root cause analysis issued by CrowdStrike.
Widespread system crashes have stemmed from an out-of-bounds memory read over the input data array when Content Interpreter sought to access the 21st input value as it was only supposed to process 20 values, said CrowdStrike.
"While this scenario with Channel File 291 is now incapable of recurring, it also informs process improvements and mitigation steps that CrowdStrike is deploying to ensure further enhanced resilience," noted CrowdStrike, which has already moved to enlist independent third-party software security providers to assess Falcon security.
