dwizzzleJul 28, 2024

My new blog - featuring: a technical overview of the CrowdStrike incident, why security products user kernel mode, and what this means for the future of Windows.

https://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/

Shout outs to my non-Microsoft friends who gave me input and technical editing, appreciate you!

Windows Security best practices for integrating and managing security tools | Microsoft Security Blog

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.

Microsoft Security Blog
Show threadSteve SyfuhsJul 28, 2024
@dwizzzle don't lie, how much fun did you have nerding out in windbg again?
Show threaddwizzzle
@SteveSyfuhs I spent my first 5 years at microsoft triaging fuzzing crashes for exploitability, windbg is my safe space
Jul 28, 2024 at 3:55amWeb
Show threadEl Jefe "Jul 28, 2024
@dwizzzle @SteveSyfuhs jealous...
Show threadRairii (bootloader unlocked, MSR_LE set)Jul 28, 2024
@dwizzzle @SteveSyfuhs just windbg? i've had to debug nt by using a mix of ppckd, dolphin's debugger, ida's gdbserver client and finally dingusppc's debugger