A CrowdStrike explained that a routine update of the product's sensor configuration Falcon, launched last Friday, activated a logical error which caused computers with the Windows operating system to enter a reboot loop and display the 'blue screen of death'.
According to technical documentation from CrowdStrike, “the update occurred at 04:09 UTC”, that is, at 06:09 in Luanda, and that sensor configuration updates are a constant part of the Falcon platform's protection mechanisms.
BUT: CrowdStrike CEO will testify before a US Senate committee
The configuration files for this update are “referred to as Channel Files” and are a part of the behavior protection mechanisms used by the platform. Updates to Channel Files “are normal as part of sensor operations and occur several times a day”, with the architecture existing “since the conception of the Falcon”. Channel File 291 fixes the logic error.
Microsoft indicated that around 8,5 million devices were impacted by the CrowdStrike incident. Redmond technology shared a tool which helps IT administrators speed up the repair process for impacted Windows clients and servers.
