Not sure who need this resource, but Microsoft updated its
Recovery Tool for the CrowdStrike issue on Windows endpoints:

Here is the link to the Microsoft Tech Community Support
Site:

https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959

As a former cybersecurity Incident Commander for Intel, here
are my additional recommendations:

•          Verify the source of every tool or procedure you
  plan on using!
•          For a large organization, have a single
  accountable tech savvy group create the recovery process and don’t allow other
  groups to home-brew their own fixes
•          Test the fix out on your different builds
•          Formalize the step-by-step process for your
  environment – break down instructions to keep each step simple
•          Make sure you have accounted for hard drive
  encryption hurdles (ex. Bitlocker or other 3^rd party vendors), if
  applicable
•          Roll-out the recovery in phases, starting with
  non-critical systems, just in case there are unforeseen issues and system data
  loss
•          Have a process to record and report which
  systems have successfully been restored
•          If things go sideways, STOP and seek more
  advanced assistance

Happy hunting!

*** This is a Security Bloggers Network syndicated blog from Information Security Strategy authored by Matthew Rosenquist. Read the original post at: https://infosecstrategy.blogspot.com/2024/07/new-microsoft-recovery-tool-for.html