"We have moved beyond the days when computer viruses merely corrupted files. Now, we face sophisticated threats that combine social engineering with malicious software, aiming to do far more than just damage your computer." Phishing attacks and other kinds of social engineering try to trick us into giving away secrets by clicking on links to cloned websites, for example.
To: Alas Babylon!
To: Alas Babylon!
CrowdStrike Highlights the Dangers of 'Security' 'not testing' Software
3 posted on
07/22/2024 10:22:00 AM PDT by
CodeJockey
(I'd like to change the world, but they won't give me the source code.)
To: Alas Babylon!
4 posted on
07/22/2024 10:26:29 AM PDT by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
To: Alas Babylon!
The Crowdstrike crash revealed a fundamental flaw in how security suite software is packaged with Microsoft. Because it operates at the device level in the kernel (Ring 0), it has to be packaged as a signed device driver that goes through Microsoft’s rigorous testing protocols. But because it also has to respond immediately to Zero day vulnerabilities, it can’t wait for a new signed driver to be approved.
This is why they use DEF files to patch the driver code. The signed driver code reads the DEF file to get updated p-code that must run in the kernel memory. The latest DEF file release contained bad code that caused a NULL exception in the kernel memory, resulting in a BSD.
Crowstrike’s regression testing should have caught this, and they have a lot to answer for.
To: Alas Babylon!
This article’s argument is like saying seat belts can be removed from cars because hardly any accident victims are ejected from their vehicles these days.
The only reason threats have shifted to social engineering is because the tech has been pretty well locked down by these and other security tools that update almost constantly.
7 posted on
07/22/2024 11:10:23 AM PDT by
ConservativeWarrior
(Fall down seven times, stand up eight. - Japanese proverb)
To: Alas Babylon!
I was down all day long on my work laptop because of this. Because the idiots I work for not only insist on a complete monoculture in their supported laptops,
AND,/b. because they so severely lock down access to these systems, I couldn't do anything about the BSOD, even though I KNEW what the fix was, and I'm a professional nerd that is absolutely taking care of the laptop itself.So, I effectively had the day off to read about the crapstorm on the internet. Their loss. They pay me for my time regardless.
14 posted on
07/22/2024 2:09:56 PM PDT by
zeugma
(Stop deluding yourself that America is still a free country.)
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson