Statement on MD-2024-0719 CrowdStrike Outage

July 19, 2024

Information

On July 19, 2024, a Rapid Response Content update was delivered to certain Windows hosts, evolving a new sensor capability first released in February 2024 that enabled visibility into possible novel attack techniques that may abuse certain Windows mechanisms. The sensor expected 20 input fields, and the update provided 21 input fields. In this instance, the mismatch resulted in an out-of-bounds memory read, causing a system crash. Crowdstrike’s analysis, along with a third-party review, confirmed this bug is not exploitable by a threat actor.

CISA is aware of the widespread outage affecting Microsoft Windows hosts due to an issue with a recent CrowdStrike update and is working closely with CrowdStrike and federal, state, local, tribal and territorial (SLTT) partners, as well as critical infrastructure and international partners to assess impacts and support remediation efforts. CrowdStrike has confirmed the outage:

• Impacts Windows 10 and later systems.

• Does not impact Mac and Linux hosts.

• Is due to the CrowdStrike Falcon content update and not to malicious cyber activity.

For more details, please refer to the CISA Alert.

Risk

Not Applicable

Response

Melissa Data Corporation (“Melissa”) was not impacted by CrowdStrike Outage. Any Melissa commercial web services or products were not impacted by this event.

Melissa will continue to follow all guidance provided by Microsoft as necessary to prevent any future risks.