SBN

New Microsoft Recovery Tool for CrowdStrike Issue on Windows Endpoints

 

Not sure who need this resource, but Microsoft updated its
Recovery Tool for the CrowdStrike issue on Windows endpoints:

Here is the link to the Microsoft Tech Community Support
Site:

https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959

As a former cybersecurity Incident Commander for Intel, here
are my additional recommendations:

Claroty

  •          Verify the source of every tool or procedure you
    plan on using!
  •          For a large organization, have a single
    accountable tech savvy group create the recovery process and don’t allow other
    groups to home-brew their own fixes
  •          Test the fix out on your different builds
  •          Formalize the step-by-step process for your
    environment – break down instructions to keep each step simple
  •          Make sure you have accounted for hard drive
    encryption hurdles (ex. Bitlocker or other 3rd party vendors), if
    applicable
  •          Roll-out the recovery in phases, starting with
    non-critical systems, just in case there are unforeseen issues and system data
    loss
  •          Have a process to record and report which
    systems have successfully been restored
  •          If things go sideways, STOP and seek more
    advanced assistance

Happy hunting!

*** This is a Security Bloggers Network syndicated blog from Information Security Strategy authored by Matthew Rosenquist. Read the original post at: https://infosecstrategy.blogspot.com/2024/07/new-microsoft-recovery-tool-for.html

Application Security Check Up