Originally Posted by
daumueller
anyone who understands how virus scanners work and where they need to sit in the layers of isolation, they can only come to one conclusion: the only way Microsoft could have avoided that is by not allowing third party security software with Windows.
Strongly disagree. For reference, this is why you can use cloud base scanners without any dangerous elevation in privileges when it comes to pure scanners.
But I agree that malware detection and analysis tools do need far reaching access but to make them part of the kernel drivers is the usual "convenience and quick fix before safety" MS chose for its entire existence.
Note that these things don't happen (to the same degree) on OSX, Anroid, and most Linux distributions I really don't want to make excuses for Crowdstruck but this was a team effort. To side with MS in claiming that they just had to certify that driver is the 737MAX approach to "certification" .
You are likely right that MS to some extent was forced to provide this interface but they still did a poor job.
..which is how MS got dragged into the headlines as everybody and their cat knows Microsoft...
Well it was everyone's MS platform that went belly up. If your new electric car goes insane, you also blame BYD and not Qualcomm or Texas Instruments.