For the people thinking ‘shouldn’t testing catch this?’, the answer is yes. Clearly something went wrong.
This isn’t CrowdStrike’s first rodeo on this, although it is the most severe incident so far.
Eg just last month they had an issue where a content update pushed CPU to 100% on one core: https://www.thestack.technology/crowdstrike-bug-maxes-out-100-of-cpu-requires-windows-reboots/
Truthfully these issues happen across all vendors - I’ve had my orgs totalled twice now by AV vendors, one while I was on holiday abroad and had to suspend said holiday.
Btw, that isn’t to excuse it or any vendor. CrowdStrike have gotta be better at this stuff. And they’ll have to, as if they aren’t transparent customers will flee.
It’s a warning shot to all AV/EDR/XDR vendors that if you fuck up availability, your brand will become failure. It’s harsh but that’s the media cycle and modern world.