On 8/5/2024 9:43 AM, Roderick Klein via Freedos-user wrote:
Op 5-8-2024 om 18:31 schreef Ralf Quint via Freedos-user:
On 7/25/2024 12:06 AM, Michał Dec via Freedos-user wrote:
I haven't mentioned Microsoft in my entire response. On the
contrary, I've mentioned updates which is exactly the attack vector
used by CrowdStrike.
Try to know actually what you are talking about. There is no "attack
vector used by CrowdStrike" and the issue did not involve any
Microsoft updates either.
CrowdStrike is a cyber security company, which unfortunately had a
few (though minor mostly) issues with updates to versions of its
security software, which is used on large scale in the corporate
world. The now infamous July 2024 incident was due to a faulty
configuration file of it Falcon Sensor vulnerability scanning
software, which should never have made it into a release...
For a well informed technicall analysis (as far is currently possible).
Look at this Youtube.com where a former Microsoft developer explains
based on memory dump what from his perspective is possibly wrong with
the Crowdstrike driver...
https://www.youtube.com/watch?v=wAzEJxOo1ts&t=662s
It's not the driver! It has been dissected on various cyber security
sites and confirmed by CrowdStrike that the problem is a a typo in a
configuration file for CrowdStrike's Falcon Sensor update installer.
That causes a parsing error, which (what shouldn't happened in the first
place) caused an abort in the startup process of Windows (and only that
part is relevant from that video). And thus an endless reboot/blue
screen loop, unless that faulty installer config file is manually
removed and thus the installation of the intended update is being skipped...
Ralf
_______________________________________________
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user
