Cyber Resilience Compliance Endpoint Security Enterprise Products Ransomware

Absolute Security Automates Remediation for CrowdStrike and other Windows BSOD Incidents

July 30, 2024

7 Min Read

On Friday, July 19, 2024, CrowdStrike released a Rapid Response security content update for its Falcon Platform on Windows endpoints. An undetected error in the update caused a widespread Blue Screen of Death (BSOD) outage.

Absolute Security engaged with CrowdStrike, partners, and customers to assist with the remediation of impacted endpoints. As a result, Absolute released a capability that enables its Secure Endpoint customers to remotely repair distributed BSOD devices as well as detect any systems that still contain corrupted files, before they activate a BSOD event. Details are available on our Community forum.

Built on the Absolute Security Cyber Resilience Platform, the capability can be used to detect and remediate the CrowdStrike and other BSOD events, as well as other incidents that may render endpoints inoperable, including ransomware, other threats, and technical issues.

For more information or assistance, you may also contact Absolute Security Support Team or email [email protected].

Frequently Asked Questions

Q: if I am an Absolute customer will I require a particular license to use either the BSOD repair or scanning capability?

A: No. We’ve made both the BSOD repair and scanning capability available to all Absolute customers to scan for and remediate any existing or latent BSOD issues relating to the CrowdStrike event.

Q: if I am not already an Absolute customer, can I use this solution?

A: We are making these tools available free of charge for a limited time.  Any customers wanting to enable Absolute can contact us for an evaluation. 

Q: Can I use the remediation tool on a device that is already compromised by BSOD but did not already have Absolute activated?

A: In some cases we can enable Absolute on already-impacted devices. Please contact [email protected] to see if we can assist.

Q: Is this seamless to end users?

A: The requirement for user interaction is event dependent.  For the CrowdStrike BSOD event, and if BitLocker is enabled on the impacted endpoint, users will first need to enter a BitLocker key provided by IT and connect the impacted endpoint to the network over Ethernet, as described here. The repair procedure will then proceed automatically.  

Q: How do I run the file scanning procedure?

A: We’ve created a brief video to demonstrate how it works.

Additional Absolute Resources to Help Maintain Resilience Across Your Organization

The Absolute Security Cyber Resilience Risk Index 2024
This data-driven research provides CISOs and other security and risk professionals with a deeper understanding of what Cyber Resilience is. It includes practical information to identify and mitigate top security and technical risk factors that cyber resilience mitigates.

Absolute Security Next Generation Cyber Resilience
Developed to mitigate risk driven by advanced threats, remote and hybrid work, technical errors, and AI adoption, our Cyber Resilience Platform maintains visibility and control over PC fleets. It ensures that critical endpoint security controls operate as expected, detects and alerts when device security agents fail, and extends remote rehydration capabilities across hybrid endpoint fleets.

For more information and assistance with BSOD incidents, contact Absolute Security Support Team or email [email protected].

 

 

Cyber Resilience Compliance Endpoint Security Enterprise Products Ransomware

Share this article

Financial Services