[conioh]

> They fixed it with an update this month, but CrowdStrike was hooking /every/ single call to NtCreateUserProcess on my work machine last month, and you /know/ how electron-based apps work. VSCode took so long to launch its sub processes it would pop up a crash reporter. "Hello World" compiled from C++ would take a minute to launch sometimes. WSL straight up could not be started because the TTY timed out waiting for it.

There's nothing wrong in hooking ~EvErY~ call to NtCreateUserProcess or even a thousand other functions in and of itself. The issue is what they're doing inside those hooks.

We have installed another product that also hooks +@EvErY sInglE@+ call to NtCreateUserProcess and to couple dozen other functions and you know what? VSCode works just fine. WSL too. Edge and Chrome too.

Sure there's a measurable effect on performance but nothing like you're describing.