I thought windows required all kernel modules to be signed..? If there are multi... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		drewg123 on July 19, 2024 \| parent \| context \| favorite \| on: The CrowdStrike file that broke everything was ful... I thought windows required all kernel modules to be signed..? If there are multiple corrupt copies, rather than just some test escape, how could they have passed the signature verification and been loaded by the kernel?

dist-epoch on July 19, 2024 [–]

This is not even a valid executable.

Most likely is not loaded as a driver binary, but instead is some data file used by the CrowdStrike driver.

Izkata on July 19, 2024 | [–]

Seems like a data file: https://news.ycombinator.com/item?id=41004103

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact