The culture around the OS matters.

But this is a 3rd party software with ring-0 access to all of your computers deciding to break them. The technical features of the OS absolutely do not matter.

The question is whether other OSs would require it to have kernel mode privileges. People run complicated stuff in kernel mode for performance, because the switch to/from userspace is expensive.

Guess what’s also expensive? A global outage is expensive. Much more than taking the performance hit a better, more isolated, design would avoid.

EDS run in kernel mode for access, not performance. They monkey-patch your syscalls.

The alternatives aren't in a position fill the roles needed for the tasks at hand.

This is true. Linux large fleet management is still missing some features large enterprises demand. Do they need all those features, idk, but they demand them if they're switching from Windows.

What are the tasks in question?

No, what is stopping a similarly designed EDR from causing the same problem on Linux?

From a comment above, Linux has features (ebpf) that key crowdstrike stay out of the kernel.

The old "everyone else is just as bad" adage is bullshit. Some OSs are better suited than others.

From a comment elsewhere, a CS update took out Linux machines earlier this year.