New Microsoft Recovery Tool for CrowdStrike Issue on Windows Endpoints
Not sure who need this resource, but Microsoft updated its
Recovery Tool for the CrowdStrike issue on Windows endpoints:
Here is the link to the Microsoft Tech Community Support
Site:
As a former cybersecurity Incident Commander for Intel, here
are my additional recommendations:
- Verify the source of every tool or procedure you
plan on using! - For a large organization, have a single
accountable tech savvy group create the recovery process and don’t allow other
groups to home-brew their own fixes - Test the fix out on your different builds
- Formalize the step-by-step process for your
environment – break down instructions to keep each step simple - Make sure you have accounted for hard drive
encryption hurdles (ex. Bitlocker or other 3rd party vendors), if
applicable - Roll-out the recovery in phases, starting with
non-critical systems, just in case there are unforeseen issues and system data
loss - Have a process to record and report which
systems have successfully been restored - If things go sideways, STOP and seek more
advanced assistance
Happy hunting!
*** This is a Security Bloggers Network syndicated blog from Information Security Strategy authored by Matthew Rosenquist. Read the original post at: https://infosecstrategy.blogspot.com/2024/07/new-microsoft-recovery-tool-for.html