New Microsoft Recovery Tool for CrowdStrike Issue on Windows Endpoints
Here is the link to the Microsoft Tech Community Support Site:
https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959
As a former cybersecurity Incident Commander for Intel, here are my additional recommendations:
· Verify the source of every tool or procedure you plan on using!
· For a large organization, have a single accountable tech savvy group create the recovery process and don’t allow other groups to home-brew their own fixes
· Test the fix out on your different builds
· Formalize the step-by-step process for your environment — break down instructions to keep each step simple
· Make sure you have accounted for hard drive encryption hurdles (ex. Bitlocker or other 3rd party vendors), if applicable
· Roll-out the recovery in phases, starting with non-critical systems, just in case there are unforeseen issues and system data loss
· Have a process to record and report which systems have successfully been restored
· If things go sideways, STOP and seek more advanced assistance
Happy hunting!
![[ℕ𝕖𝕧𝕖𝕣] 𝕊𝕖𝕝𝕝 𝕐𝕠𝕦𝕣 𝔹𝕚𝕥𝕔𝕠𝕚𝕟 - Sell Into "The Gospel of Greed"](https://cdn.bulbapp.io/frontend/images/7691d4fc-7dcc-4144-acbf-12397f6d0ba3/2)
