By now, you have probably heard about or have directly been impacted by the recent CrowdStrike software update to Microsoft Windows system causing an unprecedented global outage. I know IT administrators are working around the clock to remediate thousands if not tens of thousands of Windows systems, the current recommended remediation process from CrowdStrike is definitely painful since it requires users to go into Windows safe mode to remove the offending file. To further complex things, most organizations enable Microsoft Bitlocker, which adds additional step to the already painful manual remediation process as you now have to locate your recovery keys before you login to apply the fix.
Within hours of the CrowdStrike news, I already saw a number of inquiries from our customers and field asking if there were any automated solutions or scripts that could aide in their remediation as asking any organization to manually remediate is a non-starter with the scale of deployments for most Enterprises. While getting up to speed on the remediation steps and thinking about how our vSphere platform can help users automate, what is typically a manual task, I had a few ideas that folks might find useful.
Disclaimer: The scripts provided in this article are meant as examples, please test and adapt them based on your own environment as these have not been tested in any official capacity and the behaviors may vary from environment to environment. Please use at your own risk.