That really is and should remain the province of the operating system.
Allowing 3rd party software direct access to the kernel is asking for trouble.
You want to trust MSFT with all your system security?
“Allowing 3rd party software direct access to the kernel is asking for trouble.”
FWIW...When I was at Intel, no vendor... NOBODY was allowed to automatically update software. Or any equipment firmware.
They built an isolated testing environment and manually loaded ALL, ALL updates there to test. After rigorous testing, Intel would push the software themselves.
Yes, they were a little behind the curve on “zero day” exploits, but had security systems and protocols that minimized any damage.
And they NEVER had enterprise-wide outages. Never.
It’s what all responsible companies do.
All those IT Directors and Security Directors who are complaining about the bad Crowdstrike update should be fired.