CrowdStrike, the cybersecurity company behind last week’s massive global IT crash, blamed a bug in its quality control mechanism for the carnage.
In an update on its investigation into the crisis, which is still being felt, CrowdStrike said a code flaw escaped its own security procedures, forcing computers running Microsoft’s Windows operating system to crash.
The cause of Friday outagethat disabled systems around the world, disrupting everything from flights to healthcare appointments, focusing on the company’s Falcon Sensor.
Latest money: Fans furious at ‘disgusting’ prices to see the star of the moment
The platform protects systems against malicious software and hackers.
“Due to a bug in the content validator, one of the two model instances passed validation despite containing problematic content data,” the company explained.
CrowdStrike did not say what this content data was or explain why it was problematic.
A ‘Template Instance’ is a set of instructions that guides the software on what threats to look for and how to respond.
Use the Chrome browser for a more accessible video player
1:05
CrowdStrike added that a “recheck” has been implemented in an attempt to prevent a repeat of the issue.
The extent of the economic damage is still being assessed and may never be truly known.
A report from insurer Parametrix, released by news agency Reuters, estimated on Wednesday that the total direct financial loss faced by US Fortune 500 companies, excluding Microsoft, was $5.4 billion.
See more information:
The company behind the world’s worst IT disaster
Who will pay for CrowdStrike’s widespread outage?
Delta is among the global airlines still struggling to fully restore systems, resulting in more cancellations and delays.
Malaysia has publicly called on CrowdStrike and Microsoft to cover losses in the country.
In the UK, the vast majority of systems are back up and running, although manual removal of rogue code is taking time for some Windows operators without IT staff.
The NHS warned of a knock-on effect due to thousands of missed appointments.
CrowdStrike chief executive George Kurtz has been invited to testify before the US House of Representatives homeland security committee.
This story originally appeared on News.sky.com read the full story