[etskinner]

Really impressive that they got thru an entire develop, build, approval, and documentation process in just about 2 days. Not that any of those steps are extremely hard for this fix, but I'm always impressed when big corporations can move so fast

[nerdjon]

I sympathize with the engineers, QA, and everyone involved in getting this out.

I have to imagine it was a lot of long hours, and the testing was insane. The last thing I want to do is put this tool out and it somehow messes things up more.

But glad it’s out. Hopefully it helps with the remaining machines and with any that are being problematic.

[xinayder]

They probably got an exemption to fast track the release because this is a critical issue. I wouldn't expect testing to be so thorough for a release in 2 days. The exemption is more likely.

[selykg]

I wrote and maintained a tool that was sent to users when something went wrong.

Man was I always afraid and stressed that the tool meant to help users when they were already having a failure was also having a failure.

[ffhhj]

Surveillance software is top priority of BigCo's nowadays. If they prove to be useful for governments they'll get softer antimonopoly measures.

[Kwpolska]

To be fair, there isn't a whole lot of code there. I wouldn't be surprised if Microsoft had the WinPE generator written already for some other project.

[kchr]

Yeah, WinPE media tools have been around for years. Here is an article from 2021 (although it has been a thing long before then):

https://learn.microsoft.com/en-us/windows-hardware/manufactu...

Still, customizing the toolchain to fit this particular scenario and making sure it works, in two days, is commendable effort.

[beefnugs]

Actually they may not have a choice, since they have forced people to install their local windows with a Microsoft login, and tying bitlocker to this login, there is probably many situations out there that requires microsoft login supported winPE just to fix this

[ssahoo]

When their bottom line and head is at stake, what were they supposed to do?

[Bognar]

They could say "third party kernel modules are installed at your own risk" and provide the usual level of business hours support. CrowdStrike fucked up and Microsoft is helping its customers recover from CrowdStrike's fuckup.

[gus_massa]

They made a special memory allocator for Windows 95 to avoid a crash caused by a bug in SimCity https://www.joelonsoftware.com/2000/05/24/strategy-letter-ii...

They are not only backward compatible or bug compatible. They are others-person-bug compatible. It's the only way to prevent users thinking about switching to another OS.

[HPsquared]

Reminds me of this famous post from Linus about being "bug-compatible".

https://lkml.org/lkml/2012/12/23/75

[jorvi]

One thing I’ve never understood about “kernel never breaks user space”.. doesn’t that completely atrophy the kernel, preventing it from ever having big rewrites or architectural changes? What if an initial implantation was terrible, and there are 100x performance improvements to be had by doing a breaking change?

[capitainenemo]

Implement a new API for the better route, isolate the terrible code as much as possible, notify the users, deprecate it, and remove it or move it to a userspace shim after enough years had past and almost everyone was off it?

[Arwill]

If anything, then events like this makes decision makers rethink if they really should run Windows everywhere. Why does a flight schedule display has to run Windows, for example? It might not be their fuckup, but they will lose users too, for sure.

[codebolt]

Same thing already happened on Linux, but it failed to make a big enough splash to make any headlines. Putting Windows at fault here is unfair.

https://www.newsbytesapp.com/news/science/before-affecting-w...

[ssahoo]

They recommend crowdstrike to customers. Now they are trying to at least skim some good will. Also bad a kernel module that can ruin the OS is partially their fault.

[Plasmoid2000ad]

Microsoft competes directly CrowdStrike with Defender across multiple areas - I'm not sure they recommend them to customer over their own products at the cost of losing sales.

I don't think Microsoft is realistically in a position to forbid other companies from writing kernel level modules, from an antitrust standpoint I would think that would land them under investigation(s)

[concerned_user]

I also think Microsoft should be responsible, they gave the keys to sign the kernel driver so I expect that driver to at least be subject to regular testing and scrutiny not just when initial release was made.

[Bognar]

They didn't "give the keys", they have a signing infrastructure that is meant to be used for validating organizational identity and origins of code. They have a quality checking system, but it's only required for certain levels of Microsoft backing. I think it used to be called the Windows Logo Program or something?

[LASR]

Signing is meant only to verify the identity of the organization producing the signed artifact.

It’s not meant to signify that it’s bug-free.

[concerned_user]

WHQL signifies it is tested and that driver is WHQL certified.

[Kwpolska]

The issue was caused by a data file, Microsoft is not involved in signing or testing individual data files.

[_flux]

The actual issue was with the signed code reading the data files that the data file update just brought to surface.

But I don't think Microsoft verifies customer code, they might not even have access to it.

[tatersolid]

Microsoft does not “recommend CrowdStrike”. Microsoft actually sells its own competitor to CrowdStrike (Defender XDR).

[SoftTalker]

That the OS needs a product like Crowdstrike in order to be safely used is also their fault.

[phoe-krk]

> an entire develop, build, approval, and documentation process in just about 2 days

...on a weekend.

[mkl95]

They are not claiming they built it themselves. This kind of tool could easily be an offshore job.

[aaomidi]

Probably not doing that with this incident. But FBI/NSA is probably involved.

[switch007]

> develop, build, approval, and documentation process

Under the immense pressures, I'm sure one or two of the usual steps were missed or reduced (perhaps this is what you were insinuating?)