Seems like microsoft is getting put into the headlines because the Crowdstrike versions for mac and linux aren't affected. Plus Crowdstrike has a history of pushing people onto microsoft tech support when their software causes problems.
Microsoft should have a certification program for software that messes around with kernel modules that could cause a BSOD. I guess they already do this for hardware drivers.
Once software is effecting a certain number of endpoints the vendor has to prove they are testing sufficiently.
Crowdstrike has caused kernel panics on Linux systems in the past too. I push FOSS hard and will hold that this is an example where using FOSS for all critical business software would have saved companies, but I don't particularly blame Microsoft directly for this outage. Incompetent IT managers buying software from their golf buddies is the real heart of the issue.
I don't blame Microsoft in the tactical sense for this outage, but I blame them in the strategic sense. Here's what I mean.
Microsoft is all in on kernel extensions, when Apple has shown that you can deprecate them and move the most important use cases outside the kernel. I blame Microsoft for not starting the herculean task of deprecating kernel extension. Remember, Satya Nadella said recently that Microsoft will put security above everything else, even backward compatibility. Then the Recall fiasco happened and Nadella was caught pants down with the useless value of his word.
Apple gets away with a lot of things MS would never get away with, so I am not sure that saying "apple did it" is a good argument. It still may be a good idea to move away from kernel modules, I would tend to agree with that in general. But there is a whole class of problems that come from allowing third parties to push updates to your critical IT systems- kernel or not.
You’re right that Apple can get away with things Windows can’t. But in the case of kernel extensions, I think Apple has shown a valid path Microsoft should take.
