CrowdStrike has a new guidance hub for dealing with the Windows outage

Jul 21, 2024 09:06 PM - 6 months ago 149479

CrowdStrike has published a caller “Remediation and Guidance Hub” that collects specifications related to its faulty update that crashed 8.5 cardinal Windows computers crossed nan globe connected Friday.

The page includes method accusation connected what caused nan outage, what systems are affected, and CEO George Kurtz’s statement. It contains links to Bitlocker cardinal betterment processes and to various third-party vendor pages astir dealing pinch nan outage, arsenic well.

The page points to a knowledge guidelines article (which only logged-in customers tin access) for utilizing a bootable USB key. Microsoft released specified a instrumentality yesterday that automatically deletes nan problematic transmission record that caused machines to bluish screen.

CrowdStrike besides published a blog yesterday informing that threat actors person been taking advantage of nan business to administer malware, utilizing “a malicious ZIP archive named crowdstrike-hotfix.zip.”

The ZIP archive contains a HijackLoader payload that, erstwhile executed, loads RemCos. Notably, Spanish filenames and instructions wrong nan ZIP archive bespeak this run is apt targeting Latin America-based (LATAM) CrowdStrike customers.

Later successful nan blog:

Following nan contented update issue, respective typosquatting domains impersonating CrowdStrike person been identified. This run marks nan first observed lawsuit successful which a threat character has capitalized connected nan Falcon contented rumor to administer malicious files targeting LATAM-based CrowdStrike customers.  

CrowdStrike says organizations should only beryllium moving straight pinch CrowdStrike’s representatives utilizing charismatic channels, and should usage only nan guidance its support squad provides.

More