September 24, 2024 at 09:31PM
CrowdStrike apologized for the chaos caused by a faulty software update, leading to crashes, flight delays, and service disruptions. During a US House subcommittee hearing, senior VP Adam Meyers explained the issue and highlighted improved update processes. Lawmakers questioned the need for kernel access, with potential implications for the industry. Microsoft is considering moving updates to user mode.
From the meeting notes, it is clear that CrowdStrike’s senior VP, Adam Meyers, appeared before a US House of Representatives cyber security subcommittee to address the fallout from a faulty software update. CEO George Kurtz declined to testify, leaving Meyers to explain the situation and the steps being taken to prevent a reoccurrence. Meyers attributed the problematic update to a “mismatch between input parameters and predefined rules” and emphasized improved quality control for content updates. There was also discussion about the appropriateness of granting kernel-level access to Windows for security products like CrowdStrike’s Falcon, as well as the potential shift to user mode for antivirus and threat-detection updates by software vendors like Microsoft.