"Perfect storm" - CrowdStrike VP apologizes as Congress hearing into outage begins

Crowdstrike logo
(Image credit: Shutterstock / rafapress)

Following July 2024 Crowdstrike incident, in which millions of Windows machines crashed due to a broken software update for its endpoint protection software, the company’s senior VP for counter adversary operations, Adam Meyers, appeared at a cybersecurity subcommittee hearing at the US House of Representatives to say the company was “deeply sorry”.

Meyers was left to testify in the absence of CEO George Kurtz who, per The Register, declined to testify. Explaining the issue to lawmakers, Meyers said that the company released 10 to 12 content updates, like the one that caused the major incident, per day, and that a “perfect storm of issues”, described in his written testimony (PDF), conspired to put much of the world’s IT’s systems into meltdown, requiring a manual fix.

He claimed these content updates were now under increased scrutiny to ensure quality control, but lawmakers remain unconvinced that kernel-level access to Windows - what enabled the incident to occur - is necessary, but Meyers explained that he sees visibility into all aspects of the operating system as vital for Crowdstrike to function.

Kernel-level access in endpoint security

"You can provide enforcement, in other words, threat prevention, and ensure anti-tampering," said Meyers.

"In order to stop that from happening,” he said, “we will continue to leverage the architecture of the operating system."

So, ultimately, nothing has changed, but security experts at other cybersecurity software companies argue that it’s not kernel-level access that’s the issue, but how it’s managed, with The Register noting that Trellix pushes kernel-level updates just once a quarter.

Given the extent of the damage to vital systems infrastructure; including cancelled Delta flights affecting half a million people, perhaps it's unsurprising that Microsoft is looking to provide additional security capabilities outside of kernel mode in the future.

More from TechRadar Pro

Luke Hughes
Staff Writer

 Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.