Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
What Crowdstrike does to bypass this requirement is that the CS Falcon is just an engine, that loads, interprets and executes code from definition files.
If Microsoft really has “rigorous QA and cert” for kernel drivers then they shouldn’t have certified this, because now it’s a certified bypass for the certification.
If Microsoft really has “rigorous QA and cert” for kernel drivers then they shouldn’t have certified this, because now it’s a certified bypass for the certification.