Microsoft has released an official Recovery Tool that allows developers and system administrators to quickly recover CrowdStrike-affected computers. While there is already a step-by-step solution to resolve the Blue Screen of Death (BSoD) problem, solving it manually can take a long time, especially if only a few people know or are even authorized to do it. Meanwhile, some organizations will have to handle hundreds, if not thousands, of affected computers.
The CrowdStrike update that caused the massive IT crash last Thursday was installed remotely, rolling out to those affected via an automatic update. However, the fix for the issue it caused can only be done through a user working directly on the affected machine. This means thousands of IT staff will be working overtime this week trying to resolve the issue.
Microsoft estimates that over 8.5 million Windows machines were affected by the update, and it has already deployed staff to help customers resolve the issue. Furthermore, the Redmond company has worked directly with CrowdStrike, as well as other enterprise providers like Google Cloud Platform and Amazon Web Services, to find the most effective approaches to fixing all affected computers.
While the software giant says that the 8.5 million figure is less than 1% of all Windows machines in the world, it still made a significant impact on thousands of organizations and critical infrastructure worldwide. Aside from affecting airports and airlines, media organizations like the BBC, hospitals, and even the 911 emergency hotline of several states have been offline for several hours since the rogue update disabled their systems.
For those who aren’t familiar, CrowdStrike is a security solutions provider and is an alternative to Microsoft’s own enterprise-grade Microsoft Defender for Endpoint. Since these security programs run at the kernel level, an error at this level means that the computer could stop booting and crash. A restart would not fix the issue, though, since when you reboot your PC, the issue would still occur at the same point.
Microsoft shares a set of prerequisites and step-by-step instructions for using the new Recovery Tool. For example, you will need at least 8GB of free space on the affected machine. Also, admin privileges, a BitLocker recovery key for all machines using this encryption, and a USB boot drive with at least 1GB capacity are required. It also helpfully tells users how to download and prepare the thumb drive, and how to enter Safe Mode to recover the system. Once done, the computer can be up and running again as if nothing happened.
Microsoft’s announcement about the CrowdStrike issue is focused on the steps that it is doing to help its customers resolve the issue. But we cannot help but notice the software giant throwing some shade on CrowdStrike. Microsoft said, “CrowdStrike has helped us develop a scalable solution that will help Microsoft’s Azure infrastructure accelerate a fix for CrowdStrike’s faulty update.” It added, “It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist.”
This massive IT outage has shown us how vulnerable our systems are by relying on just a few vendors. This accidental error caused massive inconveniences globally and millions of dollars in lost productivity. How much more damage could malicious actors do if they managed to access these channels?