The story I heard is the channel file CloudStrike tested was somehow damaged just before release and ended up being filled with zeros. Since this file contains something akin to executable p-code, the fact that it was full of zeros subsequently caused a null pointer exception. The driver was marked as mandatory for boot, so Windows got struck at that point and couldn't finish booting.From this point of view poor quality assurance by CloudStrike seems the main problem.I couldn't agree more.This is a horrendous failure of testing, probably caused by cheaping out on it and/or lack of oversight of the release process.
Speaking as someone with significant experience in software test/QA my suspiscion is they only did what I refer to as "programmer testing" i.e. that it works under ideal conditions with no thought given to whether it works in less than ideal, real world conditions, edge cases, and corner cases.
Microsoft has claimed the fault lies with the EU insisting they document a particular kernel API designed for security monitoring. According to Fido, pointing at that API is a simple example of let no emergency go to waste. Any mandatory driver that generates a null pointer exception would cause the same boot problem whether it accesses the security API or not.
The problem seems to be bad QA rather than the existence of an API that lets companies with bad QA write drivers.
Statistics: Posted by ejolson — Tue Jul 23, 2024 2:14 pm