Why blame Microsoft? Here's the actual root cause of the CrowdStrike Outage

Somebody forgot a try catch 😂. Who all were fired

jubinroy

It is written as driver and MSFT singed the driver to say it is safe. CrowdStrike found a loophole in this process which allowed them to download and execute new code without actually changing the driver which requires certification and signing from MSFT. So, in a way it is also MSFT problem to fix the loopholes.

kkr

Very best assessment thus far. This is just stupid people taking things for granted.

MushrmBreW

OS was actually doing its job by not allowing unauthorized memory access.

People like to lash out at Microsoft for no solid reason. There have been outage due to linux third party apps, security vulnerabilities too and no one said shit about linux.

wennwenn

We used to do something like WHQL for verifying third party drivers against Windows when working for MS. WHQL is a system that sets forth a certain set of rules for a third party software to adhere to for it to be able to deemed as "Windows Ready". Assuming that something like that existed for H/W, MS would have had something like that for S/W as well. So, I think both parties are to blame here.

ceosonicsolutions

Microsoft did wrote a code to check & prevent 3rd party patching its kernel but some security softwares liek McAfee & Symantec went to EU regulator to complain this will make the antivirus software unfair to compete. So Microsoft need to give in.

vister

Both parties are at fault: CS for releasing buggy update and MS for not having reset function to stop the kernel error loop when detecting buggy software.

k.vn.k

Windows 365 was down entirely. That's why these news articles went crazy.
Windows 365 is basically a Monthly subscription pc in azure for employees.

ankittayal

A billion dollar company like CrowdStrike

Can't make slip ups like this.

It it was a mistake, then why did the CEO

Sell a lot of his own stock a week before

The crash?

tigerscott

One of the main roles of operating systems is to monitor violations by third party software - The Windows OS detected the violation repeatedly on each reboot as far as I understand, and indeed blocked a violation that it detected, however did not kill the violating component on repeated reboots. So you could argue that the OS was vulnerable to this and could "in principle" have notified the user: Here is a violating kernel component that windows needs to block, do you agree to proceed with boot - if I understand correctly, or at least block on successive reboot.

thorsteinssonh

Exactly. This makes me think about the difference reality vs news. I knew the domain here. I may not otherwise.

sanjarcode

I think it would be a good idea to wait for Crowdstrike postmortem without concluding anything based on the rumours.

madhurgwa

Why an app that’s allowed to run on kernel mode been updated without proper Quality check by Microsoft. They’re right to blame Microsoft for it as they gave the WHQL license to them and didn’t brother moderating the releases that potentially causes millions of their pcs go out of service

leetkhan

We don’t need a clever, jargon answer. The ONLY question is “what is the QA ticket number?” They didn’t test it.

mrlawilliamsukwarmachine

According to your analogy if we are the user in second case. Then microsoft is the user in first case.

lzpvzmb

Crowdstrike did a mistake, but I have following questions to microsoft:

1. why cant your OS stop/control the third party software which is crashing ?
2. If it is critical software which runs on kernel level, why are you allowing the updates just like that ? Dont you have any ctrl over releases?

Sheik

Because Microsoft allows to access third party vendor on his kernel

vinitsingh

Could you please share the source of the NULL pointer exception thing ?

powprashant

Like children do badmashi and parents are obviously scolded

satyamnityamjayate

The reason to blame Microsoft is they’ve built their OS in a way that this would even be necessary

jumbo_mumbo