On one hand you are correctly concerned.
On the other hand, how much code are you (and everyone else for that matter) running that is not provisioned by "randos on the internet"?
Even if you compiled it yourself, do you check all your kernel code and drivers?
Firmware? That can just as easily crash your computer and even make it impossible to recover.
If you main worry if that "windows driver" was "Turing Complete" you should be horrified that some kernels even have their own scripting built in or available, BSDs can use Lua, and even Linux has Lua kernel module (lunatik).
You need that type of capability to detect rapidly evolving malware. Otherwise it can just load its own driver and bypass your user mode scanners, or infect all the computers while you're going through the (presumably third party?) certification process.
malware isn't evolving so quickly as to make to make not fallowing basic IT best practice of testing and staged role out obsolete.
What I dont understand is why also didn't these companies just role back to the previous known working image when servers failed to reboot? please say they are not all allowing auto updates without testing and no backups.
Yes, since CrowdStrike won't tell us, we'll have to rely on our own or third party analysis. As I write "Since as usual the company won't release any detailed information on what really happened, we'll have to rely on other sources. I found that Dave Plummer's account on YouTube was very good, and trustworthy."
But, absolutely, probably is a required qualifier for some statements about the details.
What is definitely known is that a WHQL kernel mode driver from CrowdStrike crashes, and removing a single file external to the driver causes it to stop crashing. Some pretty sure conclusions can be drawn from that. No "probably" required.
What could go wrong…