Fenix24, an industry-leading cyber disaster recovery firm that is transforming the post-breach restoration process and impact, has issued recovery scripts to assist companies affected by the global technology outage associated with a CrowdStrike update. The Fenix24 scripts provide rapid remediation at scale and include solutions for computers and virtual machines already affected by the “blue screen of death” message. The fix previously released by CrowdStrike resolves the issue for computers not yet in the blue screen mode. Fenix24’s scripts were created for Windows and VMware using public information and the Fenix24 team’s internal expertise.
The Windows scripts force the reboot of machines into Safe Mode and then remove the problematic file. These Windows scripts are executed leveraging a provided GPO. However, if the drive is secured with Bitlocker, users will need to enter the Bitlocker key manually and then proceed to Safe Mode. The VMware scripts leverage a working server to detach the virtual disk, mount it, remove the problematic file, dismount it, reattach it to the problem VM, and then reboot it.
The scripts are free of charge and publicly available as a part of Fenix24’s mission to be Good Samaritans, providing help to the broader community with the goal of achieving a more secure world.
“We woke up today and had dozens of requests for Fenix24 to come onsite to help remediate this technical issue causing global outages. Instead, we decided to use the full force of the Fenix24 and Conversant Battalions to develop a scalable remediation solution in real-time to help everyone solve this problem and publish it for free,” said Heath Renfrow, Fenix24 co-founder. “That’s who we are—the fastest and most efficient remediation firm on the planet with an arm outstretched to help those in need.”