Microsoft has released a custom WinPE recovery tool to find and remove the faulty CrowdStrike update that crashed an estimated 8.5 million Windows devices on Friday.
This is great and a hats off to Microsoft for whipping it up so fast,that being said you’ll still need the recovery key for bitlocker which is the ultimate problem; a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
Oh I’m not affected by this at all. I’m just explaining the issue and why we’re not out of the forest yet. I fully agree that this is the fault of the companies for having garbage update and back up policies. I also blame crowdstrike for having a shit tier qa policy.
This is great and a hats off to Microsoft for whipping it up so fast,that being said you’ll still need the recovery key for bitlocker which is the ultimate problem; a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
If you didn’t make a backup of the recovery key to the master server holding all other keys that’s on you
I did make a backup. Then I put it on that other computer. That’s also blue screen.
Post-It security is best security.
This is why all my passwords are on Post-Its
A lot of teams only made it through the weekend with help from Postmates.
Oh I’m not affected by this at all. I’m just explaining the issue and why we’re not out of the forest yet. I fully agree that this is the fault of the companies for having garbage update and back up policies. I also blame crowdstrike for having a shit tier qa policy.
Sounds like someone didn’t plan for the worst-case scenario…
Second-to-worst-case scenario was the best we could do at the time.
It’s a PITA but you can restore a backup from last Wednesday or earlier into a VM, boot it up, and then retrieve the key for one of your regular ADCs.
Also, why are all your ADCs using BitLocker? I get that you want data encrypted at rest but why not use your RAID controller instead?
I’m not impacted. I’m just outlining why people are still impacted.