Update: We also have an official KB article for it, check it out here.

Hey,

I know, everyone saw the news last week about CrowdStrike and their faulty files that caused a BSOD on millions of machines. If you have KACE SDA (Systems Deployment Appliance) you can easily delete the faulty files.

Login to you KACE SDA webui, go to "Library/Mid-Level Tasks" and create a new BAT-Script.

As BAT code please use the following:

del C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys

If you wonder, we can not use the %systemroot% variable since we boot into the KBE and the variable would point to X:\Windows which does not contain the faulty files.

After you created the Mid-Level task you can go to "Deployments/Custom Deployments", create a new custom deployment and add the created Mid-Level task to the mid-level area.

Once you created the custom deployment, you can either boot via PXE and run this manually, or you create an automated deployment, choose all affected devices and then you just have to network boot the devices and the KBE and script will run automatically.

To create an automated deployment, go to "Deployments/Automated Deployments" and add a New Boot Action.

For more details please look at the official CrowdStrike websites here.