Dare Obasanjo on Nostr: Microsoft has a great technical breakdown of the CrowdStrike incident. The root cause ...
Published at
2024-07-28 15:06:06Event JSON
{
"id": "9d1020233bbfb241c40933c2c4dd283cfb1ec887066d48ab1e7e414589e6d76d",
"pubkey": "5f863f48a51b974f08609a5a5818d8d848f8d755f0f615594a626da4711b78d2",
"created_at": 1722179166,
"kind": 1,
"tags": [
[
"proxy",
"https://mas.to/@carnage4life/112864733866130806",
"web"
],
[
"proxy",
"https://mas.to/users/carnage4life/statuses/112864733866130806",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mas.to/users/carnage4life/statuses/112864733866130806",
"pink.momostr"
],
[
"-"
]
],
"content": "Microsoft has a great technical breakdown of the CrowdStrike incident. The root cause is an access violation in CrowdStrike’s kernel mode driver.\n\nThere are valid reasons for security software to run in the kernel but it causes such bugs to be fatal. Key takeaways \n\n1. It’s unlikely Microsoft will make OS changes to prevent this from happening as it also restricts CrowdStrike’s security product.\n\n2. There were inadequate testing and deployment practices at CrowdStrike.\n\nhttps://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/",
"sig": "823af15aef3ed6e04d603df8be6e02689b28d1dd19ee257a2603abb24a5637586e041b8804689905ffafe0b521a10f03c214a563e03b0b753685e9ad308d98f6"
}