Not sure who need this resource, but Microsoft updated its

Recovery Tool for the CrowdStrike issue on Windows endpoints:

Here is the link to the Microsoft Tech Community Support

Site:

https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959

As a former cybersecurity Incident Commander for Intel, here

are my additional recommendations:

•          Verify the source of every tool or procedure you
  
  plan on using!


•          For a large organization, have a single
  
  accountable tech savvy group create the recovery process and don’t allow other
  
  groups to home-brew their own fixes


•          Test the fix out on your different builds


•          Formalize the step-by-step process for your
  
  environment – break down instructions to keep each step simple


•          Make sure you have accounted for hard drive
  
  encryption hurdles (ex. Bitlocker or other 3^rd party vendors), if
  
  applicable


•          Roll-out the recovery in phases, starting with
  
  non-critical systems, just in case there are unforeseen issues and system data
  
  loss


•          Have a process to record and report which
  
  systems have successfully been restored


•          If things go sideways, STOP and seek more
  
  advanced assistance

Happy hunting!

The post New Microsoft Recovery Tool for CrowdStrike Issue on Windows Endpoints appeared first on Security Boulevard.

Matthew Rosenquist

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/07/new-microsoft-recovery-tool-for-crowdstrike-issue-on-windows-endpoints/