CrowdStrike outage: Any quick advice for orgs affected? What immediate actions are your IT and other teams taking to mitigate the effects of the outage?
Sort By:
Oldest
Manager, Cybersecurity in Travel and Hospitality2 months ago
Close collaboration with affected customers to workaround recovery strategies and future preparednessDirector of Legal in Software2 months ago
1) Communicate clearly and often. 2) Understand that reliance on vendors means needing to be prepared to address unexpected events and take that into account when negotiating agreements.
3) Collaborate with all affected teams on mitigation strategies and engage in long-term planning for future mitigation strategies for future events.
Chief Information Technology Officer in IT Services2 months ago
If possible, roll back to the previous stable version of the Falcon software.Global Intelligent Automation & GenAI Leader in Healthcare and Biotech2 months ago
Resources:CloudStrike | https://www.crowdstrike.com/blog/statement-on-windows-sensor-update/
MicroSoft | https://azure.status.microsoft/en-us/status
Update as of 10:30 UTC on 19 July 2024:
We have received reports of successful recovery from some customers attempting multiple Virtual Machine restart operations on affected Virtual Machines. Customers can attempt to do so as follows:
Using the Azure Portal - attempting 'Restart' on affected VMs
Using the Azure CLI or Azure Shell (https://shell.azure.com)
https://learn.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest#az-vm-restart
We have received feedback from customers that several reboots (as many as 15 have been reported) may be required, but overall feedback is that reboots are an effective troubleshooting step at this stage.
Additional options for recovery:
We recommend customers that are able to, to restore from a backup, preferably from before 04:09 UTC on the 18th of July, when this faulty update started rolling out.
Customers leveraging Azure Backup can follow the following instructions:
How to restore Azure VM data in Azure portal
Alternatively, customers can attempt repairs on the OS disk by following these instructions:
Troubleshoot a Windows VM by attaching the OS disk to a repair VM through the Azure portal
We have invoked a passphrase protocol to protect our users from social engineering attempts to gain unauthorised access to our users computers or systems by claiming to be from IT support in relation to the global IT outage.