• patrick@piefed.social
    link
    fedilink
    arrow-up
    10
    ·
    2 months ago

    Microsoft did not “give Crowdstrike access to push updates”. The IT departments of the companies did.

    The security features that Crowdstrike has forces them to run in kernel-space, which means that they will have code running that can crash the OS. They crashed Debian in an almost identical way (forced boot loop) about a month before they did the same to Windows.

    Yes, there are ways that Microsoft could rewrite the Windows kernel architecture to make it resistant to this type of failure. But I don’t think there are very many other commercial OS’s that could stop this from happening.