Cyberleaf reposted this
Good Morning #MSPs, Many of you are dealing with client inquiries around the #CrowdStrike outage. Here some quick thoughts: 1) All OEM AV/EDRs will continue to have the ability to push updates to stop zero-day attacks (what caused the disruption). 2) This leaves every AV/EDR provider susceptible to faulty updates (#Microsoft, #Sentinelone, e.g.) when there is a breakdown in software update validation procedures. 3) It would be misguidance to suggest a different approach to security would have prevented this business disruption. 4) #CrowdStrike has pushed a fix pushed to customers https://lnkd.in/eG6M8cxy 5) Below is a manual workaround: a. Boot Windows into Safe Mode or the Windows Recovery Environment b. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory c. Locate the file matching “C-00000291*.sys”, and delete it. d. Boot the host normally. While there's inevitably negative PR out there, avoid jumping into that camp. FUD's not cool! #bettertogether #cyberleaf