July 29, 2024 at 04:40PM Microsoft revised the estimate of machines crashing due to the CrowdStrike Falcon outage, stating that the previous number of 8.5 million was too low. The company aims to reduce infosec vendors’ reliance on kernel drivers and emphasized the need to balance the benefits and risks of using such drivers for … Read more
July 29, 2024 at 02:39AM Microsoft acknowledges that its initial estimate of 8.5 million machines affected by CrowdStrike’s software update was likely underestimated. The incident response blog shared insights into the impact measurement process, stressing the limitations of crash reports. Microsoft outlined plans to reduce dependence on kernel drivers and enhance security in collaboration with … Read more
November 1, 2023 at 11:46AM VMware Carbon Black’s Threat Analysis Unit (TAU) found numerous previously unknown vulnerable kernel drivers that could be used by attackers to modify firmware or escalate privileges. After analyzing 18,000 Windows driver samples, TAU identified 34 unique vulnerable drivers, including ones from major BIOS and chip makers. Exploiting these drivers can … Read more