Comment by zaptheimpaler
14 hours ago
Except that this kernel driver is audited and signed by Microsoft, whom you also trust with the rest of your kernel if you use Windows at all.
14 hours ago
Except that this kernel driver is audited and signed by Microsoft, whom you also trust with the rest of your kernel if you use Windows at all.
I don't think Microsoft auditing of code it signs. Wasn't Crowdstrike signed by Microsoft?
It was. All Windows kernel drivers are.
Microsoft doesn't do any auditing besides "is this the most obvious malware?"