Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Mcafee/Trellix ENS Gootkit False ENS 10.7 after 15.05.2024, rule SIG 6232 with VBS from TEMP

  Mcafee/Trellix ENS 10.7 Exploit Prevention Content 13401 Update SIG 6232 from 15.05.2024 brought a false with some customers from us. This comes with good (change) or bad (false) timing after we have seen some Gootloader activity happening in EU/CH these days. This happens on ENS 10.7 APRIL 2024 and also on Nov 2023 Version […]

Google chrome 124 and Edge Chromium Probleme Webserver SSL-Brechen [DEU]

  Google Chrome.exe 124 und Edge Chromium könnten Probleme haben, sich mit einem Webserver hinter älteren Firewalls oder Proxys zu verbinden, ODER bestimmte Sicherheitsgeräte filtern HTTPS/TLS-Websites nicht mehr.   Das Problem hat etwa am 22.04.2024 begonnen und nimmt laufend zu. Dies könnte Sie betreffen, wenn: Sie oder jemand anderes einen Webserver oder einen Dienst mit […]

Google chrome.exe 124 and Edge Chromium cannot reach Webserver behind IPS/proxy [cipher X25519Kyber768]

Google Chrome.exe 124 and Edge Chromium may have problems connecting Webserver behind older firewalls or proxy OR certain security device do not filter HTTPS/TLS websites anymore.     The problem has started around 22.04.2024 and is growing. This could effect you if: You run or someone else runs a Webserver or any service with https […]

Microsoft Exchange Server SE (Subscription Edition) ab Herbst 2025

  Exchange SE (Subscription Edition), Exchange 2019 Nachfolger mit in-place Upgrade |   Microsoft hat gerade Release-Informationen und eine Zeitlinie für die Einführung der neuen Exchange SE (Subscription Edition) veröffentlicht. Kunden können weiterhin rein On-Premises oder im Hybridmodus arbeiten, wie es ihren Bedürfnissen entspricht. Neu wird die Exchange SE jedoch ausschliesslich im Abonnementmodell erhältlich sein. […]

Certutil.exe –url –urlcache how to use and freeware GUI crl check to automate CRL verify

  How to use Microsoft certutil.exe –url or –urlcache to find CRL and OCSP on Windows manually, or utilize our freeware tool crlcheck.exe, which performs the same function fully automatically for all EXE files on your system. crlcheck.exe https://www.butsch.ch/post/crlcheck-exe-certificate-revocation-list-check-tool-to-verify-all-crl-and-ocsp-on-windows-client/   What is a CRL Certificate Revocation List file?   Each certificate authority (CA) periodically issues […]

McAfee ATD – Trellix TIS MASU.exe Sandbox Uploader. A freeware tool to submit files to ATD/TIS automatic

M.A.S.U (M)CAFEE (A)TD (S)ANDBOX (U)PLOADER V4.1, Mike Butsch, Senior System Engineer, www.butsch.ch Remark 2024: Everything will work for TIS / Trellix Intelligent Sandbox we have been using the same tool with every release of TIS. Hopefully there is a ready solution for FireEye without using Python The tool is freeware, feel free to use it. […]

CRL check, Zertifikatsperrlisten Software, Certificate Revocation List Check Tool zum suchen aller geblockten CRL in Firmenumgebungen, crlcheck.exe

Mit diesem Tool findet man schnell und einfach alle verwendeten CRL eines clients und kann prüfen ob der client diese erreicht.   In den vergangenen Jahren habe ich persönlich miterlebt, wie die Zertifikatssperrung auf Windows-Systemen oft unterschätzt wird, selbst in großen Unternehmen. Dieses Problem beeinträchtigt sowohl Client- als auch Server-Systeme erheblich, wenn es nicht korrekt […]

Problematic W11 preview patch KB5035942 do not install rollback HP laptop seen

  Patch: 2024-03 Cumulative Update Preview for Windows 11 Version 23H2 for x64-based Systems (KB5035942) OS Builds : 22621.3374 22631.3374 Patch details: March 26, 2024—KB5035942 (OS Builds 22621.3374 and 22631.3374) Preview – Microsoft Support https://support.microsoft.com/en-us/topic/march-26-2024-kb5035942-os-builds-22621-3374-and-22631-3374-preview-3ad9affc-1a91-4fcb-8f98-1fe3be91d8df   The KB5035942 preview patch seems to make some problem on different brands of systems. Some customer reported bluescreen or […]

Powershell to show and log SMTP Port 25, 465, 2525 after decomission old Exchange Server

Powershell to show and log SMTP Port 25, 465, 2525 after Decomission old Exchange Server   When decommissioning an Exchange Server, it’s common to install SMTP/IIS to capture and redirect the failing SMTP sender traffic, allowing us to monitor if there’s still traffic coming to the old Exchange. Below is a PowerShell script that you […]

WSUS ImportUpdateToWSUS.ps1, March 2024 security update DC fails SRV 2019 and 2022 how to fix all steps

03/2024, out of Band patches for DC crash KB5037422, KB5037425, KB5037423, KB5037426   DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/     We explain how to import the 4-5 manual patches for Server 2012R2, 2016, 2019, 2022 and what to fix if you get an error when you run the script to ImportUpdateToWSUS.ps1 to import the patches into […]

Windows Update Server Import Fehler Powershell KB5037422, KB5037425, KB5037423, KB5037426

Notfall Patche, Out of Band patche für Domain Controller DC crash KB5037422, KB5037425, KB5037423, KB5037426   DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/   Um die 4-5 manuellen Patches für Server 2012R2, 2016, 2019 und 2022 zu importieren und zu erklären, was zu tun ist, wenn beim Ausführen des Skripts “ImportUpdateToWSUS.ps1” zum Importieren der Patches in WSUS ein […]

KEMP service option Detect Malicious Request Intrusion handling blocks Winword Blog posts

  The KEMP option “Detect Malicious Requests” blocks Winword from connecting to WordPress or BLOGengine.net blog provider configurations, changing or uploading existing blog entries with pictures. We lost quite some time on this one because we were initially searching forever on our firewall and other WAF appliances. Finally, we found out that this is due […]