CrowdStrike blames testing shortcomings for Windows meltdown

What seemed like a minor configuration update to a component that had been tested and was already in production triggered a wave of crashes. Nevertheless, CrowdStrike argued it acted responsibly in the run-up to what turned out to be disaster.

“Based on the testing performed before the initial deployment of the Template Type (on March 05, 2024), trust in the checks performed in the Content Validator, and previous successful IPC Template Instance deployments, these instances were deployed into production,” CrowdStrike explained in its review.

“When received by the sensor and loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD),” it added.