@Obsolesce said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:

@DustinB3403 said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:

@Obsolesce said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:

@DustinB3403 said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:

want to find a non-kernel based solution and that the EU is at fault.

https://www.csoonline.com/article/3483641/crowdstrike-backs-microsofts-demand-for-reducing-kernel-level-access.html

I still say it could have been avoided if CrowdStrike had tested the change on a single device prior to releasing it publicly. It could have been a simple automated test as part of their release pipeline.

Even a better rollout strategy could have prevented it from going too far.

What's funny is that CS is now saying that they have decided to start testing their releases with the use of "besides showing interest in working with Microsoft to work on the “kernel-level restrictions” development, is also taking a new approach to certify each new sensor release through the “Windows Hardware Quality Labs."

Whats also funny is that if you look at almost any open source software of similar caliber, they do all that stuff in their build and release pipelines or other work flows before public releases.

Exactly!