Dave explains the Crowdstrike IT outage, focusing in on its role as a kernel mode driver. For my book on the spectrum, see: https://amzn.to/3XLJ8kYFollow me...
Very interesting, especially how they’re executing unsigned code via the *.sys files to (presumably) get around waiting for MS to re-sign their driver.
Very interesting, especially how they’re executing unsigned code via the *.sys files to (presumably) get around waiting for MS to re-sign their driver.
Yeah this was the main take-away for me, too. You’d expect they’d have ironclad QA when doing shit like this.