Windows update may present users with a BitLocker recovery screen

Windows update may present users with a BitLocker recovery screen

Posted: July 25, 2024 by Pieter Arntz

Some Windows users may see a BitLocker Recovery screen after applying the Microsoft patch Tuesday updates. BitLocker is a Windows security feature that encrypts entire drives. It prevents someone that has obtained a stolen or lost device from reading the files stored on that drive.

Unfortunately, though, Microsoft launched an update this month that has caused problems for some Windows systems. Without telling the public what, exactly, has gone wrong, Microsoft provided some details about what might happen on the Windows release health dashboard.

Affected systems are running Windows 10 and 11 or one of the server versions (Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008.). And the affected systems are very likely to have Device Encryption enabled.

You can find out if you have Device Encryption enabled by looking at:
Settings
Privacy & Security
Device encryption

If Device encryption doesn’t appear under Privacy & Security, it isn’t available for your system.

Under normal circumstances you wouldn’t see the BitLocker Recovery screen unless you enter the wrong PIN too many times or when you’ve made some hardware or firmware changes.

If you are affected by this faulty update, you will be presented with a screen similar to this one when you boot the system.

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training

“Where Service and Technical Skills Count”

CrowdStrike Blames Crash on Buggy Security Content Update

It is amazing that a security company would even make this type of comment.
They are a Wallstreet “darling” CrowdStrike Response & Mitigation Continues, this will go on for a longer period of time then affected companies will disclose publicly.

CrowdStrike remains in the hot seat — quite literally, as the company’s CEO George Kurtz has been called on to testify before Congress about the incident — and has considerable work to do to salvage its reputation in the wake of the incident

Personally I believe the next shoe to fall will be Sentinel One also wall street traded

A buggy “security content configuration update” to CrowdStrike’s Falcon sensor, which is aimed at gathering telemetry on novel threat techniques for Windows, has been confirmed as the root cause of the problem that crashed computers around the world on July 19, and is still having an impact on global IT teams, the vendor says.

Personal opinion
Uninstall and cancel your agreement with Crowdstrike strike 2 with the current CEO
If a Class action lawsuit is actually filed join in at least try to recoup some of your losses.
In todays world of Antivirus/Malware there is only one product that allows full control of your environment

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Lead Article=Elizabeth Montalbano, Contributing Writer

https://www.darkreading.com/endpoint-security/crowdstrike-crash-buggy-security-content-update?_mc=NL_DR_EDT_DR_weekly_20240725&cid=NL_DR_EDT_DR_weekly_20240725&sp_aid=124803&elq_cid=34964379&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_cid=54465

3 Cause’s of the Crowdstrike down in reality

Keep in mind this is my personal opinion..please prove me wrong if you can.

3 Cause’s of the Crowdstrike down
1) Bad Developer file uploaded
2) Microsoft Software ( Be a developer of software not a security expert
3) Distribution of software via Cloudfare

Keep in mind this is my personal opinion..please prove me wrong if you can.

A faulty kernel driver developed by cybersecurity company CrowdStrike has caused a massive Microsoft outage that is currently causing chaos around the world. Windows machines have been crippled by the Blue Screen of Death (BSOD) on a global scale. The situation is so serious that flights are being grounded, major banks are experiencing problems with their systems, while key emergency 911 services have also been affected.

Cloudflare (down more then its up we have logs) Expands Relationship with Microsoft, Makes Industry Leading …
Jan 12, 2023Cloudflare and Microsoft announce new integrations between Cloudflare One and Microsoft Azure Active Directory to help customers deploy Zero Trust security across applications, users, devices and networks. The partnership also includes features such as Remote Browser Isolation

“The criticality of CrowdStrike as a security platform tends to, I think, outweigh some of those issues in the sense of customers can’t afford to just turn them off and not renew because of one incident. They’re just too tied into the ecosystem,” Walsh tells Yahoo Finance. “They’re too critical of a tool and what kind of within the overall stack. So I think those conversations certainly have the potential to emerge…”

Josh Lipton and Julie Hyman
Fri, Jul 19, 2024, 1:19 PM MST

Comments like this are foolish, of course you can change software providers..Comments like this are like the early 90’s when Symantec and McAfee dominated the AV industry (Techs comments back then were we will never get fired if we use the 2 products mentioned above, but we all managed to survive with better products that did not peg the CPU’s)

Defused Cyber Deception Researcher and Founder Simo Kohonen joins to discuss the implications for CrowdStrike and the broader cybersecurity landscape.

Kohonen explains that CrowdStrike “pushed out a faulty update” that, when installed, “broke everything,” affecting industries globally. He emphasizes CrowdStrike’s reputation as the “top number one cybersecurity company in the world” and notes that their extensive customer base amplifies the scale of this issue. While the issue is fixable, he cautions that the timeline for resolving this problem may vary.

Simo Kohonen – Aalto University | LinkedIn
Sep 2021 – Present 2 years 7 months. Helsinki Metropolitan Area. Key contributor in the technology-related major fundraising at the Aalto University. Managing key accounts in a client and data driven manner utilizing the Microsoft Dynamics CRM system. Identifying, cultivating, soliciting, and stewarding

Crowdstrike EULA (https://www.crowdstrike.com/terms-conditions/)
8.5 No Guarantee. CUSTOMER ACKNOWLEDGES, UNDERSTANDS, AND AGREES THAT CROWDSTRIKE DOES NOT GUARANTEE OR WARRANT THAT IT WILL FIND, LOCATE, OR DISCOVER ALL OF CUSTOMER’S OR ITS AFFILIATES’ SYSTEM THREATS, VULNERABILITIES, MALWARE, AND MALICIOUS SOFTWARE, AND CUSTOMER AND ITS AFFILIATES WILL NOT HOLD CROWDSTRIKE RESPONSIBLE THEREFOR.

My opinion every major provider write EULA’s like this..They take your money and say sorry..right now Crowd Strke does not have enough employees to remove the file that broke it, the firms that use Crowdstrike also do not have enough techs to to fix all systems affected, including Chase .

Personally I would like to see a law firm create a class action law suit, for loss’s incurred..

I do know about this matter I recommended a RMM soultion to one of my partners..The firms  development team pushed the wrong patch out in a  update that deleted over 4000 endpoints of one of  the largest and most reliable AV solutions back then and even today. Personally my firm and along with myself restored all endpoints, I did drop the RMM when they basically said sorry but would not pay for costs to restore, this still happens to be a client today still..its all about service.

I wish you all luck to get your services restored, hire a qualified tech

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count” 40 years in the AV business.