thoughts

1. I'm a cybersec student with a bit of defense consulting experience, so I don't really have the expert understanding you guys have, so forgive me if I step out of line.
2.  
3. My assessment of the situation is CS pushed out an update to identify potential malicious C2 signatures with poor testing/review and that and the automatic update policy many companies adopt (I don't suggest this to my clients unless I know the risk impact is low) is why what happened today have happened.
4.  
5. I'm not fully sure what "the cybersec team" is tbh. It seems like it's a SDLC issue, of which I'm not sure how much said team entails. It comes off as rather blanket to the ignorant eye, but, again, I know my limits.
6.  
7. I was talking with my boss about this earlier, and my biggest concern besides the obvious apparent effects is the amount of bad faith Linux propaganda. I know people blame microsoft/windows for this cause ring 0 yada yada, but isn't that just an inherent part of XDR software?
8.  
9. From a text I sent to my boss: "I think another argument that can be made is if Microsoft is forcing devs to pay to sign off on their software (my understanding of things based on a recent project I worked on that triggered false positives out the wazoo), they should review their code. Not sure if that's feasible or not, but I assume it is."
10.  
11. I'd def like to see Linux become more popularised in the future, but I know there's a lot of insufferable assholes who will blindly promote Linux, and that's just annoying and doesn't help anyone.
12.  
13. I'm curious to hear what you think of this. Just trying to make sure I'm on the right track of thinking so I don't become one of those people.