* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Monday, July 7, 2025
Earth-News
  • Home
  • Business
  • Entertainment
  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Column: Teach kupuna new technology skills – Honolulu Star-Advertiser

    Empowering Kupuna: Unlocking New Technology Skills for a Connected Future

    EIFO invests $5 million in D3, the Ukraine-focused defence technology venture fund – sUAS News

    EIFO Pledges $5 Million to Supercharge Ukraine-Focused Defense Technology Fund

    New Technology for Water Efficiency and Working with Mexico on Screwworm – AG INFORMATION NETWORK OF THE WEST

    Revolutionary Water Efficiency Technology and Cross-Border Collaboration to Defeat Screwworm

    Environmental cognitive distance, R&D capability distance, and supply chain green technology innovation – Nature

    Bridging Gaps: How Environmental and R&D Differences Drive Green Technology Innovation in Supply Chains

    LG Innotek CEO Moon Hyuksoo: “Our Next-gen Substrate Technology Will Change the Industry Paradigm” – TechPowerUp

    LG Innotek CEO Moon Hyuksoo: “Our Next-Gen Substrate Technology Will Revolutionize the Industry” Revolutionizing the Future: LG Innotek’s CEO Unveils Game-Changing Next-Gen Substrate Technology

    Inspira Technologies Secures Landmark $22.5M Deal: Major Revenue Breakthrough After FDA Clearance – Stock Titan

    Inspira Technologies Secures Landmark $22.5M Deal: Major Revenue Breakthrough After FDA Clearance – Stock Titan

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Column: Teach kupuna new technology skills – Honolulu Star-Advertiser

    Empowering Kupuna: Unlocking New Technology Skills for a Connected Future

    EIFO invests $5 million in D3, the Ukraine-focused defence technology venture fund – sUAS News

    EIFO Pledges $5 Million to Supercharge Ukraine-Focused Defense Technology Fund

    New Technology for Water Efficiency and Working with Mexico on Screwworm – AG INFORMATION NETWORK OF THE WEST

    Revolutionary Water Efficiency Technology and Cross-Border Collaboration to Defeat Screwworm

    Environmental cognitive distance, R&D capability distance, and supply chain green technology innovation – Nature

    Bridging Gaps: How Environmental and R&D Differences Drive Green Technology Innovation in Supply Chains

    LG Innotek CEO Moon Hyuksoo: “Our Next-gen Substrate Technology Will Change the Industry Paradigm” – TechPowerUp

    LG Innotek CEO Moon Hyuksoo: “Our Next-Gen Substrate Technology Will Revolutionize the Industry” Revolutionizing the Future: LG Innotek’s CEO Unveils Game-Changing Next-Gen Substrate Technology

    Inspira Technologies Secures Landmark $22.5M Deal: Major Revenue Breakthrough After FDA Clearance – Stock Titan

    Inspira Technologies Secures Landmark $22.5M Deal: Major Revenue Breakthrough After FDA Clearance – Stock Titan

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Why did CrowdStrike cause the Windows Blue Screen?

July 23, 2024
in Technology
Why did CrowdStrike cause the Windows Blue Screen?
Share on FacebookShare on Twitter

Flavijus Piliponis â stock.ado

The ‘blue screen pf death’ signals a catastrophic Windows failure, which is exactly what many people faced on 19 July 2024 – but why did it happen?


Cliff Saran

By

Cliff Saran,
Managing Editor

Published: 23 Jul 2024 14:43

David William Plummer, a former Microsoft software engineer who developed Windows Task Manager, has posted a video describing how the CrowdStrike update could have caused Windows to halt. 

He described CrowdStrike Falcon as anti-malware for Windows servers, which “proactively detects new attacks” and analyses application behaviour. To do this, CrowdStrike needs to run as a kernel device driver.

Kernel device drivers usually provide a way to abstract hardware, such as graphics cards, from applications. When they run, they generally have full access to the computer and operating system and, in operating system terminology, they are said to run at “Ring Zero”. This is different to application code, which users run in the operating system’s user space known as “Ring One”.

The difference, as Plummer notes, is that when a user application crashes, nothing else on the computer should be affected. However, a fault in code running at Ring Zero is considered so serious that the operating system immediately halts, which, in Windows results in the so-called Blue Screen of Death.

“Even though there’s no hardware device that it’s really talking to, by writing the code as a device driver, CrowdStrike lives down in the kernel Ring Zero and has complete and unfettered access to the system data structures and the services that CrowdStrike believes it needs to do its job,” said Plummer.

Certified device drivers

Plummer noted that Microsoft, and likely also CrowdStrike, are aware of the stakes when software is running code in kernel mode, adding: “That’s why Microsoft offers the WHQL [Windows Hardware Quality Labs] certification.”

According to Plummer, the certification involves device driver software providers to test their code on various platforms and system configurations. The code is then signed digitally by Microsoft, which certifies that it is compatible with the Windows operating system. Plummer said the certifications process means that Windows users can be reasonably confident that the driver software is robust and trustworthy.

Certification is too slow to ensure anti-malware protection such as CrowdStrike is released as software updates every time there is a new threat. Plummer believes it is more likely that  CrowdStrike will often release a definition file that is processed by its Windows kernel driver. This gets around the WHQL device driver certification process and means users have access to the latest protection. 

“You can already perhaps see the problem,” he added. “Let’s speculate for a moment that the CrowdStrike dynamic definition file is not merely a malware definition but a complete program written in pseudocode that the driver can then execute.”

He said this would allow the device driver from CrowdStrike to execute the definition file as code running within the Windows kernel at Ring Zero even though the update itself has never been signed. “Executive p-code [pseudocode] in the kernel is risky at best and, at worst, is asking for trouble,” said Plummer.

By looking at crash dumps posted on X (formerly Twitter), Plummer said that a “null pointer reference” caused an empty file containing zeros to be uploaded by the CrowdStrike device driver, rather than the actual pseudocode.

“We don’t know how or why this happened, but what we know is that the CrowdStrike driver that handles and processes these updates is not very resilient and appears to have inadequate error-checking and parameter validation,” he added.

These are needed to ensure that data values required by the software are valid and good. If they are not, the error should not cause the entire system to crash, Plummer said. 

While it is often possible to restart Windows from the last known “good state”, which can remove rogue kernel drivers that prevent the operating system from booting up, Plummer said the situation was made worse by the fact that CrowdStrike is marked as a boot-start driver, which means it is needed for Windows to start up correctly.

While it is too early to understand how to ensure this never happens again, it is clear that there are serious limitations in Microsoft’s WHQL certification that allowed CrowdStrike to install an anti-malware update that had such a devastating impact across the Windows community.

Read more on Microsoft Windows software


Crowdstrike outage explained: What caused it and what’s next

SeanKerner

By: Sean Kerner


Defective CrowdStrike update triggers mass IT outage

RobWright

By: Rob Wright


CrowdStrike update chaos explained: What you need to know

AlexScroxton

By: Alex Scroxton


Okta: 4 customers compromised in social engineering attacks

ArielleWaldman

By: Arielle Waldman

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366596573/Why-did-CrowdStrike-cause-the-Windows-Blue-Screen

Tags: CrowdStriketechnologyWindows
Previous Post

By embracing liquid cooling, AI powerhouse Supermicro enables 30% more computing power — with the same power budget

Next Post

Hybrid multicloud storage: Pros, cons and key workloads

Intl forum on ecology opens with over 1,000 domestic and foreign guests – China Daily

Intl forum on ecology opens with over 1,000 domestic and foreign guests – China Daily

July 7, 2025
How New DNA Science Could Help More Families of the Missing – The New York Times

How New DNA Science Could Help More Families of the Missing – The New York Times

July 7, 2025
Letter | Dismissing science comes at a cost – thegazette.com

The High Cost of Ignoring Science

July 7, 2025
Hyatt Pushes Lifestyle Brands Into Asia Pacific Region – Luxury Travel Advisor

Hyatt Pushes Lifestyle Brands Into Asia Pacific Region – Luxury Travel Advisor

July 7, 2025
Kylian Mbappé’s stunning bicycle kick propels Real Madrid to win over Borussia Dortmund, and Club World Cup semifinals – CNN

Kylian Mbappé’s Spectacular Bicycle Kick Secures Real Madrid’s Victory Over Borussia Dortmund and Spot in Club World Cup Semifinals

July 7, 2025
Inside Iran’s war economy – The Economist

Inside the Secret Power Struggles Fueling Iran’s War Economy

July 7, 2025

Santa Cruz Shakespeare Launches Exciting New Monday Night Series

July 7, 2025
When it comes to vaccines, how are pediatricians restoring trust? – NPR

How Pediatricians Are Rebuilding Trust in Vaccines for Children

July 7, 2025
The battle to sway voters over Trump’s ‘big, beautiful bill’ begins – CNN

The battle to sway voters over Trump’s ‘big, beautiful bill’ begins – CNN

July 7, 2025
Column: Teach kupuna new technology skills – Honolulu Star-Advertiser

Empowering Kupuna: Unlocking New Technology Skills for a Connected Future

July 6, 2025

Categories

Archives

July 2025
MTWTFSS
 123456
78910111213
14151617181920
21222324252627
28293031 
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (708)
  • Economy (733)
  • Entertainment (21,621)
  • General (15,750)
  • Health (9,771)
  • Lifestyle (738)
  • News (22,149)
  • People (734)
  • Politics (742)
  • Science (15,950)
  • Sports (21,232)
  • Technology (15,717)
  • World (714)

Recent News

Intl forum on ecology opens with over 1,000 domestic and foreign guests – China Daily

Intl forum on ecology opens with over 1,000 domestic and foreign guests – China Daily

July 7, 2025
How New DNA Science Could Help More Families of the Missing – The New York Times

How New DNA Science Could Help More Families of the Missing – The New York Times

July 7, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version