IOW, this is a crowdstrike fuckup, and a pretty serious one at that. Whoever came up with the architecture for falcon sensor (at least on Windows) should be fired immediately.
Not only is this a fragile single point of failure, the apparent lack of input validation makes it a rootkit waiting to happen as soon as somebody manages to sneak in a compromised definition update.

There are ways to do something like this without producing a massive SPOF (or at least making it more easily recoverable), and this all stinks of arrogance and "infallibility culture" at crowdstrike.
Their big shiny selling point is "instant updates", and to achieve that they sidestepped driver validation and threw out decades of best-practice when it comes to running code in kernel space. This is ring-0 plug-n-play printer driver levels of "don't do that".
Perhaps it will wake their customers up to the peril of granting IDDQD rights to a bunch of chimpanzees.

AV vendors abusing their privs to do stupid things isn't remotely new, we've had gratuitous SSL tampering for years, we've had easily hijackable update mechanisms, and we've had products that decompress potentially malicious payloads in kernel-space, to mention just a few dumb ideas off the top of my head.
Surely by now somebody has realised that giving J.Random AV slinger god-mode in the name of "muh securitee" and "users are too stupid to be trusted" is a bad plan... Surely.

In a sane world, the admin would first be notified that updates are available, and if he was a sane person, he'd roll out updates gradually, to batches of terminals / endpoints, then test to see if everything is alright before proceeding to upgrade the rest of the endpoints.  But alas, we do not live in a sane world, and updates are just blindly pushed to all endpoints independently of the admin. People are putting a mighty lot o' trust in these Big Tech corporations, I gotta say.

Just don't get caught in a situation where the plane has to make an emergency landing and the pilot has to recompile the kernel...

Or the pilot needs to engage the emergency landing gear and discovers that he needs to download and install a driver from the non-free section of the repo first. :-D

...and no, I'm not kidding.

A recent Windows' update completely broke their system...hundreds of flights cancelled...flight attendants stranded around the world...no way to get home...having to pay to stay in hotels themselves, buy their food, etc. This has been going on for over 2 weeks (maybe 3 weeks ???).

Two other major airlines were also affected by the update; however, they had backup plans. Both of those airlines had things backed** up and going within a week. Delta is STILL a mess.

Hey Delta...you ever thought of switching to Linux???

**EDIT: Changed "back" to "backed".

Nothing to see here, move along. 😜

Good grief . . . idiot writer doesn't know the difference between effect and affect. And they get paid to produce this drivel? We are doomed! LOL!

https://tailscale.com/blog/new-internet

also see:

https://www.techradar.com/news/upcoming-windows-11-pro-update-will-force-you-to-have-an-internet-connection

iirc, apple also does this...

That attitude is prevalent in today's IT sector, where people are highly incentivized to appreciate (and build) the latest and greatest, and to do so as quickly as possible.  MS, being, ironically, one of the early pioneers of this approach (remember "release early, fix bugs later", back in the days of Windows 95 and Windows 98?).  Today almost all of Big Tech is run this way.  Get the product out the door as fast as possible, we'll sort out the bugs later. Let the customers find the problems for us -- we don't have the time & resources to do that ourselves anyway -- we'll fix it the next patch release, where we get to charge the customers more for their efforts! Win-win!

Now we see what value this "win-win" strategy actually has, when the tower of cards collapses.  Crowdstrike was only a partial collapse.  Can't wait to see what chaos ensues when it will be a full collapse.

https://www.schneier.com/blog/archives/2024/07/the-crowdstrike-outage-and-market-driven-brittleness.html