What makes CrowdStrike so ubiquous that their error created such catastrophe?

pastermil@sh.itjust.works to Asklemmy@lemmy.ml – 158 points –
48

You are viewing a single comment

Basically, drivers can launch code all the way up to ring 0, the highest level a code can access to. This mean it runs its code with the same priviledges as the kernel itself. The anti-malware solution CrowdStrike makes use of this access to determine what could be going wrong, and deploy solutions accordingly.

If a code running in that level crashes, Windows will rightfully assume there's something really fucked up is going on, and give out a BSOD.

there's something really fucked up going on

I would actually prefer this kind of error over the usual and equally uninformative "Oopsie! Something went wrong. We're sorry :("

1 more...
1 more...