Anti-Cheat causing GSOD on windows preview

[Juniiii]

Gloria borgar here to report you a story about an Anti-Cheat causing GSOD (Like BSOD but on windows preview) It is instead a 3rd party issue rather than Microsofts

Quote

Microsoft's Dona Sarkar, chief of the Windows Insider program, explained yesterday what the problem is, and in many ways it's a throwback to Windows' past, before the days of DEP and ASLR and PatchGuard and all the other measures Microsoft has implemented to harden Windows against malicious software: the build is crashing when some unspecified common anti-cheat software is used. Sarkar's tweet says that the software causes a GSOD, for Green Screen of Death; the traditional and disappointingly familiar Blue Screen of Death, denoting that Windows has suffered a fatal error, is colored green for preview releases so they can be distinguished at a glance from crashes of stable builds.

Quote

Sarkar says that the fix must come from the third-party company that developed the anti-cheat software. Often when compatibility issues arise, Microsoft will modify either Windows or the errant application to ensure that it continues to run, but the anti-cheat drivers are a different story entirely. They run in kernel mode (hence the GSOD when they crash) and routinely tamper with pieces of the operating system that they're not supposed to tamper with. It's possible that this particular driver is doing nothing forbidden and using only officially permitted hooks within the kernel to do its business; it's also very likely that it's messing with things it shouldn't mess with and damaging kernel data structures or code.

Quote

Microsoft hasn't reverted whatever change is causing the crashes in the first place, but it has been a problem for months and is having a significant impact on the company's Windows 10 testing infrastructure. The entire testing pipeline has seized up because of this GSOD problem. Amid concerns that Windows 10's testing already has too many gaps and leaves too many bugs unresolved, the April 2019 update is off to a rocky start, and it isn't even finished yet.

It is odd that they don’t specify exactly what anti cheat but I’m not sure why an application like that would be causing problems like this in the first place.

 

let us know down below if you know what might be causing this.

 

SOURCE

[rcmaehl]

2 minutes ago, Juniiii said:

Gloria borgar

Hello Fellow 9 year old.

 

Perhaps anti-cheat software should act like rootkits and they wouldn't have this issue. 

[duncannah]

Is it from one of the bloatware games that come preinstalled with Windows 10?

[justpoet]

3rd party software shouldn't be able to blow up the entire OS in today's sandboxed application world.  That means both MS is "doing it wrong"™ so they can get unstable and kernel panic from calls, and also that the anti-cheat software is diving in way too deep.  If MS were doing proper sandboxing so nothing could touch an app or the network/input stack, anti-cheat software wouldn't have any reason to be trying to dive this deep either.

[Guest]

Today: Windows did an oopsie, Microsoft did an oopsie and Pewdiepie did an oopsie. 

[thinwalrus]

11 minutes ago, justpoet said:

3rd party software shouldn't be able to blow up the entire OS in today's sandboxed application world.  That means both MS is "doing it wrong"™ so they can get unstable and kernel panic from calls, and also that the anti-cheat software is diving in way too deep.  If MS were doing proper sandboxing so nothing could touch an app or the network/input stack, anti-cheat software wouldn't have any reason to be trying to dive this deep either.

Well Chinese BR-games can have multipurpose anticheat programs

[Juniiii]

39 minutes ago, justpoet said:

3rd party software shouldn't be able to blow up the entire OS in today's sandboxed application world.  That means both MS is "doing it wrong"™ so they can get unstable and kernel panic from calls, and also that the anti-cheat software is diving in way too deep.  If MS were doing proper sandboxing so nothing could touch an app or the network/input stack, anti-cheat software wouldn't have any reason to be trying to dive this deep either.

I agree, I really think it’s more on Microsoft’s side than it is on the 3rd party.

[yian88]

I dont think this release model of windows can work. Simply having 2 major changes every year that requires apps to retest and QA their products is just too much.

I dont even understand why it breaks since MS isnt doing major changes at kernel or system level components, they mostly mess around with UWP stuff and UI, at most the security/defender parts can conflict with apps but still regular third party antivirus doesnt BSOD your windows and defends the system quite gracefully why would defender be worse. 

MS is pretty bad at making software, just look at their UWP garbage apps like ToDo lock up my screen and i have to restart, UWP games like Forza 6 Apex if you alt tab a couple of times out of the game it crashes. And this is what 3-4 years since 10 release?

[FezBoy]

9 hours ago, floofer said:

Today: Windows did an oopsie, Microsoft did an oopsie and Pewdiepie did an oopsie. 

Felix did an oopsie?  Impossible. give me your sources.

[FezBoy]

Just as I was thinking about trying preview builds.

[Salv8 (sam)]

15 hours ago, rcmaehl said:

Perhaps anti-cheat software should act like rootkits and they wouldn't have this issue.

dude star force did this (http://www.star-force.com) and it apparently ruined some optical disk drives and due to incompatibilities, refused to run on some.

[Doobeedoo]

Yeah what an anti-cheat causing OS to crash, not good. 

[leadeater]

16 hours ago, justpoet said:

3rd party software shouldn't be able to blow up the entire OS in today's sandboxed application world.  That means both MS is "doing it wrong"™ so they can get unstable and kernel panic from calls, and also that the anti-cheat software is diving in way too deep.  If MS were doing proper sandboxing so nothing could touch an app or the network/input stack, anti-cheat software wouldn't have any reason to be trying to dive this deep either.

It's Kernel mode, zero sandboxing is in use in those situations. Microsoft, along with Unix and Linux, does allow Kernel mode usage though both heavily discourage it. Any effective anti-cheat software would have to run Kernel mode though, not doing so would make it too easy to bypass.... but then that brings in to question if client side anti-cheat software should even be a thing.

[leadeater]

55 minutes ago, Salv8 (sam) said:

dude star force did this (http://www.star-force.com) and it apparently ruined some optical disk drives and due to incompatibilities, refused to run on some.

Star-force, fuck me that was annoying. Can't remember which game I had that used it but getting my legitimate copy to work properly was a right pain, the cracked version was more stable... fail. 

[PLME888]

11 hours ago, yian88 said:

MS isnt doing major changes at kernel or system level components

1809 had major kernel changes iirc

[Salv8 (sam)]

31 minutes ago, leadeater said:

 the cracked version was more stable... fail. 

i remember ubisoft having to use the cracked version cause they couldn't fix the official one!

that was funny!

 

[CarlBar]

2 hours ago, PLME888 said:

1809 had major kernel changes iirc

 

Interesting. Wonder if any of that has anything to do with the crashes with a common error code that BFV, Hitman 2, and apex are all suffering from.