www.butsch.ch

CRUNCH Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online M365,AZURE,INTUNE Microsoft Exchange

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

21.06.2023 admin

www.butsch.ch Resolve and find OAuth problem in Exchange Hybrid Setup Environment Short Understanding OAuth: OAuth (Open Authorization) is an industry-standard protocol that enables secure authorization for third-party applications without the need to disclose user credentials. It allows users to grant limited access to their resources on one site to another site, without sharing their credentials. […]

Exchange 2016 Exchange 2019 M365 - Exchange Online Outlook

Outlook.exe, delay in receive and sending E-Mail in cached mode how to solve with GPO

11.11.2024 admin

In the OLD KB-Nummer: 982697 MS explains……. (Now MS Learn…) The default Behavior for downloading shared folders can be modified using Group Policy and registry settings. Some of these policies and registry values may have improved the performance of shared folders in earlier versions of Outlook or when the shared folders were located […]

M365,AZURE,INTUNE Microsoft SCCM,MEM,MDT

M365, Intunes Company Portal 0x87D1041C when UWP assigned to user AND device

11.11.2024 admin

If you see Error 0x87D1041C in the Company Portal (Unternehmensportal), it may be related to the assignment types. In Intunes you should avoid mixing “USER” and “SYSTEM/DEVICE” assignments for UWP apps. In this case, Error 0x87D1041C will appear in the M365 Portal, but the app will still function. If the UWP app is already […]

Microsoft Server OS Server 2019

Server 2019 bug c:\windows\system32\control.exe error

17.09.2024 admin

Windows Server 2019 Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item Reason is this local GPO on the Server: User Account Control: Admin Approval Mode for the Built-in Administrator account If you follow the process below with gpedit.msc you WILL FIND OUT That […]

Uncategorized

MS SRV Disable IPv6 the correct way CVE-2024-38063

16.08.2024 admin

Recommendation 16.08.2024 for CVE-2024-38063 and IPV6 There is a patch from 2008-2022+ Servers so use it See following LINK on how to import the older OS patches into WSUS CVE-2024-38063, CVSS 9.8, import free 2008/R2 + 2012R2 into WSUS – www.butsch.ch https://www.butsch.ch/post/cve-2024-38063-cvss-9-8-how-to-import-the-free-2008-2008r2-patch-into-wsus/ If you can’t patch then as least options CAREFULLY consider disabling IPV6 the […]

WSUS

CVE-2024-38063, CVSS 9.8, import free 2008/R2 + 2012R2 into WSUS

15.08.2024 admin

CVE-2024-38063, CVSS 9.8 Using the network properties GUI to disable IPv6 is not supported This registry value doesn’t affect the state of the following check box. Even if the registry key is set to disable IPv6, the check box in the Networking tab for each interface can be selected. This is an expected behavior. […]

M365,AZURE,INTUNE SECURITY Server 2022 [21H2/22H2/32H2]

SMB over QUIC a OneDrive, Sharepoint replacement, SRV 2025?

24.07.2024 admin

SMB over QUIC UDP is coming to on-premises Server 2025 for all OS editions. This feature will be included in every edition of Microsoft Server 2025. It uses The Microsoft Windows Admin Center Server (WAC) which was built to manage you inhouse server structure remote (no Azure or cloud dependency). The Microsoft Server and Storage […]

DLP | Data Loss Prevention ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix MSME | Security for Exchange SECURITY Server 2012 R2 Server 2016 Server 2022 [21H2/22H2/32H2]

Crowdstrike Falcon Sensor, Azure VM Repair paths

19.07.2024 admin

The procedures in this article describe methods you can use to attach an encrypted OS disk to a repair VM and then unlock that disk. After the disk is unlocked, you can repair it. As a final step, you can replae the OS disk on the original VM with this newly repaired version. Microsoft has […]

Deployment Server 2008 R2 Server 2012 R2 Server 2016 Server 2022 [21H2/22H2/32H2] W10

Crowdstrike Falcon, BSOD, VMWARE Server Recovery DEU

19.07.2024 admin

Es gibt einige Server, bei denen Sie nicht in den Wiederherstellungsmodus oder den abgesicherten Modus booten können. Wenn das Volume nicht verschlüsselt ist, haben Sie eine Möglichkeit, die fehlerhafte CrowdStrike-Def-Datei von der Festplatte zu löschen. Basisartikel von uns: https://www.butsch.ch/post/19-07-2024-bsod-blue-screen-crowdstrike/ Crowdstrike Falcon Sensor, Azure VM Repair paths Um eine virtuelle Festplatte in einer VMware-Umgebung von […]

Hotfixes, Updates Mcafee/Trellix Microsoft Server OS SECURITY Server 2012 R2 Server 2016 Server 2022 [21H2/22H2/32H2] VMWare

Falcon Sensor, Bluescreen of Death Vmware workaround if you can’t boot into recovery

19.07.2024 admin

Workaround Server / Vmware affected with NO Recovery Option and not encrypted: There are some server where you can’t boot into recovery or safe boot. If the volume is not encrypted you have one way to delete the faulty crowdstrike def file from the disk. Base article: 19.07.2024 BSOD Blue screen Crowdstrike – […]

Mcafee/Trellix SECURITY TIE/ATD/ATP | Sandbox - Advanced Threat Protection

19.07.2024 BSOD Blue screen Crowdstrike

19.07.2024 admin

The falcon has crashed BSOD blue screen of death on clients and server OS Red Teams and Hackers > see where you have brought us? https://www.trellix.com/about/why-trellix/vscrowdstrike/ The latest CrowdStrike Falcon Sensor update is causing a widespread issue resulting in a Blue Screen of Death (BSOD) boot loop globally. It’s a security professional’s worst nightmare […]

Deployment GPO | Gruppenrichtlinien Intunes Scripting SECURITY

Proxy settings der Cryptography API bei Zertifikatswiderrufslisten (CRL) von einem CRL-Verteilungspunkt

18.07.2024 admin

Dieser Artikel zielt darauf ab, den Prozess zu erläutern, den die Crypto API durchläuft, um erfolgreich eine HTTP-basierte URL für den CRL-Verteilungspunkt herunterzuladen. Er dient auch der Fehlerbehebung in Situationen, die mit der Netzwerkrückgewinnung von CRLs verbunden sind. Zusätzlich wird unser kostenloses Tool, crlcheck.exe, erwähnt, das dazu beitragen soll, komplexe Probleme effektiver zu lösen. […]

SECURITY SQL WSUS

WSUS problem or unstable when WID SQL is getting to big, how to shrink

15.07.2024 admin

Windows Update Server crashed often on Server 2016/2022 with WID Windows Internal Database. We have seen several newer WSUS Servers crahsing or hanging more often with SRV 2016 and even SRV 2019 WSUS. The source may be this table, which is 26GB and holds all the patch information and language descriptions. The full WID DB […]

M365 - Exchange Online M365,AZURE,INTUNE Outlook

16.07.2024, Problem Office 365 und shared Kalender MS EX814289

12.07.2024 admin

Problem beim Öffnen eines freigegebenen Kalenders in Outlook Desktop Outlook für Microsoft 365 Workaround ONLY works as long as you don’t close Outlook.exe (Don’t close Outlook after it works until MS solves problem) Der Workaround ist NUR aktiv solange Outlook.exe offen ist (Nicht zumachen bis MS das problem fixt) MS EX814289 Betrifft nur die Office […]

Exchange 2019 M365 - Exchange Online Outlook

16.07.2024, Office 365 / M365 EX814289 shared calendar not working

12.07.2024 admin

Workaround ONLY works as long as you don’t close Outlook.exe (Don’t close Outlook after it works until MS solves problem) EX814289 Users may be unable to access shared calendars in the Outlook desktop app. Problem opening a shared calendar in Outlook Desktop, Outlook for Microsoft 365 Users who have access to Outlook via Office […]

ENS | Endpoint Security Exchange 2013 Exchange 2016 Exchange 2019 WSUS

13.06.2024 False-Postive with ENS 10.7, AMCORE 5554 on Windows Defender AM_Delta_Patch Server 2019 German

10.07.2024 admin

Trellix ENS 10.7 deletes Windows Defender Update which come from WSUS-Server on German Server 2019 We just did see a false positive on Windows Defender Updates we provide via WSUS with autoaprove on a Windows Server 2019 German with Trellix ENS 10.7 and AMCORE 5554. The file was deleted from C:\Windows\SoftwareDistribution\Download\ Microsoft affected file: […]


Try our new Certificate Revocation List Check Tool CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Highroller