The whole thing needs to be redesigned, so that antivirus and EDR solutions do n... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ngneer on July 20, 2024 \| parent \| context \| favorite \| on: CrowdStrike Update: Windows Bluescreen and Boot Lo... The whole thing needs to be redesigned, so that antivirus and EDR solutions do not require such high privilege. We need a high-performance way for a possibly privileged service to export all the data that is needed for a decision, and then let the AV/EDR do its thing. If the AV/EDR is broken by an update, fine. At least the system won't go down.

tuxone on July 20, 2024 [–]

And in critical production systems AV/EDR upgrades should be first tested on lower environments.

ngneer on July 20, 2024 | [–]

Absolutely. Discipline can make all the difference.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact