[Kwpolska]

The issue was caused by a data file, Microsoft is not involved in signing or testing individual data files.

[_flux]

The actual issue was with the signed code reading the data files that the data file update just brought to surface.

But I don't think Microsoft verifies customer code, they might not even have access to it.

[concerned_user]

You are right Microsoft are not checking the 3rd party code itself they are only running a lot of tests on the compiled code.

There is a recent video now from a former Microsoft employee where he explains that those drivers that get WHQL certification are ran on test machines in stress conditions for some time, or at least that is how it used to be when he worked there.

Since that process is probably quite slow to be able to push update within a couple hours Crowdstrike just bypassed the QA testing by injecting their own data files into the driver.

[_flux]

I guess Microsoft testing lacks fuzzing, then—as does Crowdstrike's.