Anybody has a better understanding of how such updates are signed (or not) on Windows?
This was a kernel driver update, right? Apparently it was not signed:
https://cyberplace.social/@GossiTheDog/112812317243841396
Wired claims that as a kernel driver update, it should have been signed by Microsoft:
https://www.wired.com/story/crowdstrike-outage-update-windows/
> [T]hey require that Microsoft also vet the code and cryptographically sign it, suggesting that Microsoft, too, may well have missed whatever bug in CrowdStrike’s Falcon driver triggered this outage.
🤔
Michał "rysiek" Woźniak · 🇺🇦 /
npub1af…q5gp4
2024-07-19 22:14:49
in reply to nevent1q…xnkz
Author Public Key
npub1afml2kzwamqxppl50207sf5jwgl3l6ugn6hnuwugtxt7ctnhdtkqjq5gp4Published at
2024-07-19 22:14:49Event JSON
{
"id": "68913009b1d94f17b6264a1665a24f88cfc191b4efe699128b6d42c9cb2d769a",
"pubkey": "ea77f5584eeec06087f47a9fe82692723f1feb889eaf3e3b885997ec2e776aec",
"created_at": 1721427289,
"kind": 1,
"tags": [
[
"proxy",
"https://mstdn.social/@rysiek/112815458838445684",
"web"
],
[
"e",
"041318e7fadd4692984487d92ec1fff6d942dfe7f656f0546ae37b0660afd5a5",
"",
"reply"
],
[
"p",
"ea77f5584eeec06087f47a9fe82692723f1feb889eaf3e3b885997ec2e776aec"
],
[
"e",
"54b0aa96f47cf6116e982997c6d783edde8a849fcaad32ac6fc437a0795a5a0c",
"",
"root"
],
[
"proxy",
"https://mstdn.social/users/rysiek/statuses/112815458838445684",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mstdn.social/users/rysiek/statuses/112815458838445684",
"pink.momostr"
],
[
"-"
]
],
"content": "Anybody has a better understanding of how such updates are signed (or not) on Windows?\n\nThis was a kernel driver update, right? Apparently it was not signed:\nhttps://cyberplace.social/@GossiTheDog/112812317243841396\n\nWired claims that as a kernel driver update, it should have been signed by Microsoft:\nhttps://www.wired.com/story/crowdstrike-outage-update-windows/\n\n\u003e [T]hey require that Microsoft also vet the code and cryptographically sign it, suggesting that Microsoft, too, may well have missed whatever bug in CrowdStrike’s Falcon driver triggered this outage.\n\n🤔",
"sig": "6250301d48fe168fc98bbd330c7dd0300447d922f58cb40965911f5992dfa4d41d1f7c5799e87a0072777a1d5eadb44e2254a2b99f913a30d72de0d65a6ef76e"
}