Microsoft has released a custom WinPE recovery tool to find and remove the faulty CrowdStrike update that crashed an estimated 8.5 million Windows devices on Friday.
This is great and a hats off to Microsoft for whipping it up so fast,that being said you’ll still need the recovery key for bitlocker which is the ultimate problem; a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
This is great and a hats off to Microsoft for whipping it up so fast,that being said you’ll still need the recovery key for bitlocker which is the ultimate problem; a bitlockered crowdstriked active directory server storing all of the bitlocker recovery keys.
Sounds like someone didn’t plan for the worst-case scenario…
Second-to-worst-case scenario was the best we could do at the time.
If you didn’t make a backup of the recovery key to the master server holding all other keys that’s on you
I did make a backup. Then I put it on that other computer. That’s also blue screen.
Post-It security is best security.
This is why all my passwords are on Post-Its
It’s a PITA but you can restore a backup from last Wednesday or earlier into a VM, boot it up, and then retrieve the key for one of your regular ADCs.
Also, why are all your ADCs using BitLocker? I get that you want data encrypted at rest but why not use your RAID controller instead?
I’m not impacted. I’m just outlining why people are still impacted.