How to Recovery from Crowdstrike Falcon Incident on Azure Cloud Hosted VM

Millions of people were affected by Crowdstrike incident. Now that the damage is done, it is time to recover. Here are a few options for your Microsoft Azure VM environment.

Marcello Marrocos
DevOps, Cloud & IT Career

--

Crowdstrike stroke thousands of applications hosted on Windows OS, affecting millions of people.

But now that the damage is done, what are the options for recovery from this incident?

Photo by ThisisEngineering on Unsplash

Before starting, let's separate the root cause from the affected OS. While Window OS was the main affected, this was not an issue from Microsoft, but from a company specialized in cyber security, where an update to its Falcon agent generated the issue on OS.

Microsoft Azure

According to Microsoft, those are the main options to try to recover from the issue.

Option 1 — Restart Virtual Machine

While this seems a shot in the dark, some Microsoft customers reported that restarting the VM might have a successful chance. However, several reboots might be needed, where customers reported as many as 15)

--

--

Marcello Marrocos
DevOps, Cloud & IT Career

Cloud, Integrations and Collaboration Manager | in/mrmarrocos | DevOps, Cloud & IT Career Publication http://devopscloudit.com