RMMmax’s Post

How to recover your Windows hosts impacted by a recent CrowdStrike Falcon sensor? The first solution involves restarting the host and potentially switching to a wired network connection. If the system continues to crash, users can boot into Safe Mode or the Windows Recovery Environment and delete a specific file named "C-00000291.sys"*. The asterisk (*) indicates that there might be variations in the file name suffix, but it will always start with "C-00000291". For public cloud or similar environments, CrowdStrike recommends detaching the operating system disk volume from the impacted virtual server, creating a snapshot, attaching the volume to a new virtual server, deleting the problematic file, and then reattaching the volume to the original server. Alternatively, users can roll back to a snapshot created before a specific date. Recovery options for BitLocker-encrypted hosts Scenario 1: Recovery Key readily available Booting the system normally: If you have your BitLocker recovery key readily available, you might be able to boot the system normally and then proceed with the steps mentioned for non-BitLocker encrypted systems. This would involve deleting the "C-00000291.sys"* file as described earlier. Scenario 2: Recovery Key unavailable Locating the Recovery Key: If you don't have your BitLocker recovery key readily available, you'll need to locate it before proceeding. The recovery key might be stored in your Microsoft account, saved on a separate drive, or provided by your IT administrator. Accessing the Drive with the Recovery Key: Once you have the recovery key, you might need to access a specific boot menu or recovery environment to enter the key and unlock the BitLocker-encrypted drive. This process can vary depending on your Windows version and how BitLocker was originally set up. https://lnkd.in/gi7ppZ4b

PPTP and L2TP deprecation: A new era of secure connectivity. As technology advances, so must our security protocols. As part of our ongoing commitment to provide the highest level of security and performance, we are deprecating the PPTP (Point-to-Point Tunneling Protocol) and L2TP (Layer 2 Tunneling Protocol) protocols from future Windows Server versions. While these protocols have served us well over the years and will still be available to users, it is time to transition to more secure and efficient alternatives: SSTP and IKEv2. In this post, let’s walk through deprecation considerations, reasons, and recommendations to ensure you... #techcommunity #azure #microsoft https://lnkd.in/g7drcQNT

Your organizations day-to-day operations should not depend on whether the cloud is having an outage or not. With SipVault, our all-in-one secure intercom and messaging system, you are protected from such disruptions. When you run your critical operations on an environment designed for security, monitoring can be performed non-intrusively. SipRadius prides itself on having at its core a proprietary, custom-built, and compiled-from-scratch hardened Linux OS. Minimalistic (only 400MB for an entire OS upgrade), efficient, and designed from the ground up for security, it combines an encrypted configuration area, RAM drives, and read-only file systems. It has been trusted to run in the most demanding environments. Stay connected with SipRadius. https://bit.ly/47NUWET #SipRadius #SipVault #ITOutage #CloudOutage #Security

We have BitLocker! Microsoft's BitLocker is a security feature for the Windows operating system that provides drive encryption. This prevents data theft if the device is lost/stolen or tampered with in any way. The keys 😉 to success: ✔ The system receiving a BitLocker policy must have TPM 1.2 or later and Secure Boot must be enabled. (For a fuller list of reqs, see: https://lnkd.in/eRw9VGBq) 📜 We used an Endpoint Security Policy in Intune to set a basic BitLocker policy that silently deploys drive encryption. ❌ In our tests, the silent deployment failed because Secure Boot was disabled. After enabling in the UEFI settings, the encryption process kicked off silently at next boot without any user intervention. 🔐 The drive is now encrypting used space only and the recovery keys are backed up to the device object viewable in both Intune and Entra AD. 🔑 Onto configuring passwordless authentication! #Microsoft #LAPS #Entra #Intune #Autopilot #Cloud #Windows #PC #Azure #BitLocker #DriveEncryption

After this Azure Windows outage happened today, I would categorically say what I have said earlier. Forcing end users of Windows PCs - whether its business or personal - to use Microsoft Account security validation over Local Windows domain security validation is going to create havoc in future too. We end users don't need to get software patches during every login. Microsoft has decided to remove the official documentation related to this in Windows 11, which is a pathetic decision. My guess is that all those business PCs that failed to boot today, would have been forced to receive the faulty CrowdStrike patch, and forced to restart. Rather taking the ownership of the outage, as a CEO of a software behemoth, blaming or hiding behind a not well known vendor like CrowdStrike is a shame. No wonder why MS has bad reputation over its policies. It's time for other public cloud service providers to step-up. @@@

#AzureDaily 🚀New Windows AutoPatch Feb 2024 update!🚀 ✅Simplified IT patch management ✅Enhanced security features ✅Improved reliability ✅Easier access to patches ✅Reduced downtimes Stay ahead with the latest #WindowsAutoPatch. Keep your systems #Secure, #Reliable & #UpToDate! #Azure #Microsoft

Released: 2024 H1 Cumulative Update for Exchange Server. Today we are announcing the availability of the 2024 H1 Cumulative Update (CU) for Exchange Server 2019 (aka CU14). CU14 includes fixes for customer reported issues, a security change, and all previously released Security Updates (SUs). A full list of fixes is contained in the KB article for CU14, but we also want to highlight a few changes in this CU. Extended Protection enabled by default As announced in August 2023, by default, starting with CU14, Setup enables the Windows Extended Protection (EP) feature on the Exchange server being installed. This will happen when running... #techcommunity #azure #microsoft https://lnkd.in/eN43nX4H

Introducing the Docking Station 1. This data terminal is with no PC, no Windows OS, unattended, and no need to worry about virus invasion. 2. Without complicated technical support and maintenance. 3. No manual intervention, no need to worry about recoded files being tampered, lost or deleted at the data terminal. 4. Recorded files on body camera are directly uploaded to the local server or cloud server, safe and efficient. 5. Each data terminals and docking port has a unique ID number, which can record uploading location along with recorded files.

Many of the news outlets talking about the issue being #Microsoft is wrong, the problem affects Microsoft windows operating systems on servers and laptops/desktops. Its a problem with the #Falcon agent update that was released by the security vendor #crowdstrike, and before we all start switching vendors, its could have happened to any of the big security players. The most important thing if your affected it to take the right remedial action so this doesn't impact you systems and users further. For users its going to be using the #bitlocker key to get into the rebooting laptop or desktop or if you don't know them maybe its a full reinstall for each laptop or desktop. Vissensa | Forward Thinking IT's private cloud platforms did experience some disruption at 4am this morning but our service team mitigated the problem and our clients are fully operational. Read more here: https://lnkd.in/edYAuuT4