Michał "rysiek" Woźniak · 🇺🇦 on Nostr: Anybody has a better understanding of how such updates are signed (or not) on ...
Anybody has a better understanding of how such updates are signed (or not) on Windows?
This was a kernel driver update, right? Apparently it was not signed:
https://cyberplace.social/@GossiTheDog/112812317243841396
Wired claims that as a kernel driver update, it should have been signed by Microsoft:
https://www.wired.com/story/crowdstrike-outage-update-windows/
> [T]hey require that Microsoft also vet the code and cryptographically sign it, suggesting that Microsoft, too, may well have missed whatever bug in CrowdStrike’s Falcon driver triggered this outage.
🤔
This was a kernel driver update, right? Apparently it was not signed:
https://cyberplace.social/@GossiTheDog/112812317243841396
Wired claims that as a kernel driver update, it should have been signed by Microsoft:
https://www.wired.com/story/crowdstrike-outage-update-windows/
> [T]hey require that Microsoft also vet the code and cryptographically sign it, suggesting that Microsoft, too, may well have missed whatever bug in CrowdStrike’s Falcon driver triggered this outage.
🤔