• VonReposti
    link
    fedilink
    English
    arrow-up
    40
    arrow-down
    2
    ·
    5 months ago

    Why is Microsoft defending Crowdstrike?

    • Thurstylark@lemm.ee
      link
      fedilink
      English
      arrow-up
      45
      arrow-down
      1
      ·
      5 months ago

      My guess: Because they reviewed and signed the kernel space code which calls code that is unreviewed and unsigned (or, at the very least, pulls directly from files that are unreviewed and unsigned without proper validation or error checking), calling out CrowdStrike’s failure puts them on the hook too.

    • Strykker@programming.dev
      link
      fedilink
      English
      arrow-up
      12
      ·
      5 months ago

      They aren’t, it’s more “it’s the EUs fault for forcing us to allow businesses like cloud strike to write kernel level antivirus, because we already have our own.”