You are viewing a single thread.
View all comments
17 points

Maybe this is a case of hindsight being 20/20 but wouldn’t they have caught this if they tried pushing the file to a test machine first?

permalink
report
reply
13 points

It’s not hindsight, it’s common sense. It’s gross negligence on CS’s part 100%

permalink
report
parent
reply
2 points

Well, it is hindsight 20/20… But also, it’s a lesson many people have already learned. There’s a reason people use canary deployments lol. Learning from other people’s failures is important. So I agree, they should’ve seen the possibility.

permalink
report
parent
reply
12 points

I saw one rumor where they uploaded a gibberish file for some reason. In another, there was a Windows update that shipped just before they uploaded their well-tested update. The first is easy to avoid with a checksum. The second…I’m not sure…maybe only allow the installation if the windows update versions match (checksum again) :D

permalink
report
parent
reply
4 points

Windows has beta channels for their updates

permalink
report
parent
reply
5 points

It’s a sequence of problems that lead to this:

  • The kernel driver should have parsed the update, or at a minimum it should have validated a signature, before trying to load it.
  • There should not have been a mechanism to bypass Microsoft’s certification.
  • Microsoft should never have certified and signed a kernel driver that loads code without any kind signature verification, probably not at all.

Many people say Microsoft are not at fault here, but I believe they share the blame, they are responsible when they actually certify the kernel drivers that get shipped to customers.

permalink
report
parent
reply

Programmer Humor

!programmer_humor@programming.dev

Create post

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

  • Keep content in english
  • No advertisements
  • Posts must be related to programming or programmer topics

Community stats

  • 3.7K

    Monthly active users

  • 878

    Posts

  • 14K

    Comments