TBH regardless of windows security, this was clearly the fault of a lack of compatibility. Whether CrowdStrike was made in a way that caused the problem or if the Windows update wasn’t properly screened or tested for this kind of failure, I’m sure we’ll be hearing a lot about very soon, but the jury is out on which one is at fault.
Nah, CS sent out a virus definition update that included a driver file that was fucked and caused a boot loop. Because it was a virus definition it bypassed staging rules set by customers. It’s 100% on CS unless we want to talk about how Windows architectural choices on how it handles loading improperly formatted kernel level drivers. CS also caused issues on Linux not too long ago.
Why can’t we talk about improperly formatted kernel level drivers? MS is notorious for “oops” accidentally rolling drivers back 8 or more years, and now it’s become a problem.
And correct me if I’m wrong but the CS update came before the windows update which caused the problems.
EDIT: I am a bit off the mark
On 19 July at 04:09 UTC, CrowdStrike distributed a driver update for its Falcon software for Windows PCs and servers. An update to a configuration file that was responsible for screening named pipes, Channel File 291, caused a logic error with the Windows sensor client, causing affected machines to enter the blue screen of death with the stop code PAGE_FAULT_IN_NONPAGED_AREA, indicating an error caused by a page fault.
