sorry y’all this is what happens when a computer security scientist marries a financial lawyer
one more thing because I’ve noticed a lot of people are unaware of this detail: the update that crashed Crowdstrike was not a code functionality update and was not the kind of update that only happens once every few weeks or months. It was a data update for the antivirus, of the kind that happens literally several times a day. It just happened to crash the parser that was already installed.
Therefore, the idea that a C-suite had the update marked on their calendar and was worried about it going sideways seems extremely implausible to me
@0xabad1dea what boggles my mind is that kernel drivers are known for BSOD and I had assumed they would have had a mechanism to check if the machine had managed to successfully boot after an update was parsed and if not roll back and report. That way they wouldn’t have the risk of infinite boot looping.
@carbontwelve there's kind of a fundamental problem here in that what exactly is checking whether the kernel crashed and when
I'm not saying that it's strictly impossible to improve things here - just that it's genuinely rocket surgery