Not sure who need this resource, but Microsoft updated its
Recovery Tool for the CrowdStrike issue on Windows endpoints:
Here is the link to the Microsoft Tech Community Support
Site:
As a former cybersecurity Incident Commander for Intel, here
are my additional recommendations:
- Verify the source of every tool or procedure you
plan on using! - For a large organization, have a single
accountable tech savvy group create the recovery process and don’t allow other
groups to home-brew their own fixes - Test the fix out on your different builds
- Formalize the step-by-step process for your
environment – break down instructions to keep each step simple - Make sure you have accounted for hard drive
encryption hurdles (ex. Bitlocker or other 3rd party vendors), if
applicable