I would be less worried about being on the receiving end of a Nelson “Ha Ha” from the entire IT world, and more worried that Microsoft will ban the side load pattern into the kernel area CrowdStrike depends on for updating their software but also the potential of a major exploit through their software. They have essentially recreated a similar pattern that had Microsoft introduce DEP but for the Kernel. There would be individuals and groups now trying to work out how to exploit knowing there are at least 8 million machines vulnerable and access to the kernel became slightly easier. Hopefully they at least have some cryptographic protection on code that is side loaded so someone can’t just dump a file in the right location.
I would be less worried about being on the receiving end of a Nelson “Ha Ha” from the entire IT world, and more worried that Microsoft will ban the side load pattern into the kernel area CrowdStrike depends on for updating their software but also the potential of a major exploit through their software. They have essentially recreated a similar pattern that had Microsoft introduce DEP but for the Kernel. There would be individuals and groups now trying to work out how to exploit knowing there are at least 8 million machines vulnerable and access to the kernel became slightly easier. Hopefully they at least have some cryptographic protection on code that is side loaded so someone can’t just dump a file in the right location.