Cyberleaf reposted this
Good Morning #MSPs, Many of you are dealing with client inquiries around the #CrowdStrike outage. Here some quick thoughts: 1) All OEM AV/EDRs will continue to have the ability to push updates to stop zero-day attacks (what caused the disruption). 2) This leaves every AV/EDR provider susceptible to faulty updates (#Microsoft, #Sentinelone, e.g.) when there is a breakdown in software update validation procedures. 3) It would be misguidance to suggest a different approach to security would have prevented this business disruption. 4) #CrowdStrike has pushed a fix pushed to customers https://lnkd.in/eG6M8cxy 5) Below is a manual workaround: a. Boot Windows into Safe Mode or the Windows Recovery Environment b. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory c. Locate the file matching “C-00000291*.sys”, and delete it. d. Boot the host normally. While there's inevitably negative PR out there, avoid jumping into that camp. FUD's not cool! #bettertogether #cyberleaf
Business Technology Professional - Supporting Business Partners in their Journey to better Stewardship of their People, Processes, and Technology
1moYou read my mind man. So much snark, speculation and ambulance chasing. Great post my friend.