News

Microsoft Releases CrowdStrike Outage Recovery Tool

Microsoft has released a tool to help recover affected systems after last week's global outage caused by a faulty update pushed through by security firm CrowdStrike.     

The tool allows IT to create a bootable USB drive to help recover impacted machines after the July 19 security incident that affected an estimated 8.5 million Windows devices.  After downloading the tool (found here), IT has two options for deployment:

  • Recover from WinPE – this option produces boot media that will help facilitate the device repair.
  • Recover from safe mode – this option produces boot media so impacted devices can boot into safe mode. The user can then login using an account with local admin privileges and run the remediation steps.

For those systems that cannot use USB connections or are looking to repair affected Hyper-V systems, Microsoft has outlined how to apply the tool here.

Earlier in the weekend, Microsoft said it was committed to working through the massive security event, which crippled much of the airline services and affected many organizations with the "blue screen of death," including hospitals and emergency response services. The company said it was working with CrowdStrike on a possible permanent solution, deployed hundreds of engineers to assist affected customers and working with other tech companies to limit the impact.

"We’re working around the clock and providing ongoing updates and support," wrote Microsoft's David Watson, in a message released on Saturday. "Additionally, CrowdStrike has helped us develop a scalable solution that will help Microsoft’s Azure infrastructure accelerate a fix for CrowdStrike's faulty update. We have also worked with both AWS and GCP to collaborate on the most effective approaches."

On CrowdStrike's end, the company released a statement Monday morning saying that "a significant number" of affected systems have been restored and are back online. The company has also released its own remediation for affected devices, and CrowdStrike CEO said the company remains committed "to ensure that all systems are restored."
Since last week's incident, the security firm based out of Austin, Texas, has seen its stock price plummet more than 30 percent as of publication of this article on Monday morning.  

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

comments powered by Disqus

Subscribe on YouTube