The faulty CrowdStrike software update that caused a global computer meltdown last week was sent out because of a bug in its quality control system – the very tool meant to prevent such mistakes from happening in the first place, the cybersecurity giant admitted Wednesday.
Airlines, hospitals, banks and various other businesses were crippled last Friday as a result of the disastrous software update, which left millions of computers powered by Microsoft Windows encountering the dreaded “blue screen of death.”
CrowdStrike said the update was released as a routine step in its rapid response plan, which is meant to update cybersecurity systems to combat new threats.
However, the firm’s “content validator” tool, which scans updates to ensure they are stable, malfunctioned.
As a result, the faulty update “passed validation despite containing problematic content data,” CrowdStrike said in an extensive report detailing what led to the meltdown.
The fallout was still being felt this week as thousands of Delta Air Lines passengers remained stranded at airports because it canceled well over 4,000 flights since last Friday.
Microsoft said it estimated 8.5 million devices were impacted by the glitch, amounting to less than 1 percent of Windows-powered computers around the world.
CrowdStrike said it was implementing a new process “to guard against this type of problematic content from being deployed in the future.”
CrowdStrike shares plunged more than 30% after the incident occurred, erasing billions of dollars of value for the company.
Despite the crisis, CrowdStrike’s stock is still in positive territory since the start of the year.
Wedbush analyst Dan Ives described the situation as a “major black eye” for CrowdStrike, which is one of the world’s largest IT firms.
House lawmakers have asked the company’s CEO George Kurtz to testify about the incident and CrowdStrike’s efforts to avoid similar meltdowns in the future.
Elsewhere, CrowdStrike chief security officer Shawn Henry said the company was “devastated” that its error had caused so much trouble for customers.
“The confidence we built in drips over the years was lost in buckets within hours, and it was a gut punch,” Henry wrote in a LinkedIn post.
