• SuckMyWang@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    2
    ·
    3 months ago

    Doesn’t Microsoft allow crowdstrike to make updates? Being such a critical part of the OS it’s up to Microsoft to ensure their procedures are robust and being followed.

    • witx@lemmy.sdf.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      3 months ago

      How do you implement that? How is it feasible that Microsoft tests all the third party drivers?

      Don’t get me wrong I believe Microsoft is partly to blame for this problem as well but for making it so hard for system admins to go around the system and solve things (as compared to Linux where you can do anything). I think sys admins would have solved this much faster if they were using Linux systems

      I was just probing your argument because I guessed it was the typical nonsense of Microsoft bad, Linux good, without a good explanation

      • SuckMyWang@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        3 months ago

        I think if it’s going on every windows computer windows should have a process in place to prevent what happened from happening. Windows are for profit, they have the money to do it right but they got greedy. A staggered rollout would have prevented most of it and is a very simple thing to require. Also if it’s going on every windows computer or most I wouldn’t consider that a third party anymore even if that’s how they keep liabilities at arms length

        • saigot@lemmy.ca
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          3 months ago

          I think if it’s going on every windows computer

          It’s not, its just popular. Its not windows job to police what software you choose to run on it.

          However Windows does actually have an optional certification program called WHQL for kernal level drivers. Getting this certification lets updates get posted via windows’ internal updater. It checks the driver calls apis correctly and doesn’t misbehave with interrupt handling among other tests. Crowdstrike driver did pass this, and in fact there was no bug with the driver, the bug was with the configuration file. The configuration file updates about once an hour (and it really needs to do that), and does so outside the windows update process, making windows powerless to control its rollout. whql certification takes a few days to run and configuration files aren’t really in scope.