 |
 |
With EPO 5.10 on a fresh install, you have GetSusp.exe in both 32-bit and 64-bit versions in the Master if you perform an automatic product check-in. You can easily run the small tool GETSUPS.exe (command line/GUI standalone scanner) via EPO. I am not sure if I missed it because I never use the […]
Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express Does also happen with: EPO5100_ServicePack1_4098_LR1.zip (lATEST DOWNLOAD 01.05.2024) Just had a case where we searched for longer, but it was NOT related to a dual install of WSUS+EPO. Because we sometimes have a dual install of EPO and WSUS roles on the […]
Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]
Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition or with too small recovery Partition (Free space under 250MB) ERROR: KB5034439, 0x8024200B, 0x80070643 ERROR_INSTALL_FAILURE. PATCH: 024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439). Status 12.01.2024 —————————————————– Microsoft has releases two PowerShell with which you should […]
We just had a case where we in detail explored the CRC errors with Intunes Packets. Simply WIN32 Package with 300MB failed just for one client. One client had a CRC error same day while others just fine. Here is how to check local on-premises to be sure you can tell it’s M365 side failing […]
Exploit/Lücken CVE-2023-5444 (RISK HIGH) und CVE-2023-5445. Update Mcafee/Trellix EPO Management Server There is emergency patch for EPO and the Trellix Forum seems to be down or rebuilt? Here is some info to help you this way. We have just updated around 10 EPO on-premises installations from EPO 5.10 SP1 to UPD2 or from 5.10 […]
Mastering Firewalls for Intunes and Autopilot Success In the realm of IT, especially with the advent of cloud-based systems like M365 and Intune, managing firewalls has evolved into a complex challenge. Gone are the days of a handful of external ports; now, it’s like navigating a digital maze of ports and IP ranges. Enter the […]
FortiGate Application Filter Certificate wrong/missing Entry sample for an important laptop driver (W10 Deployment fails because of signed Driver Revocation Lookup) Missing entry in Fortigate Application Filter “ROOT.CERTIFICATE.URL” and “OCSP” source of failing Windows 10 Deployment with commercial Deployment Products (This includes HP client hardware, Microsoft SCCM, Landesk or Ivanti Frontrange). During the Unattend phase […]
List or change Inboxrules employee have > Automatic E-Mail forwards to private or external E-Mail systems. Problem: In Exchange, users are able to forward E-Mail themself to an external private account. This is a problem because of compliance and if you don’t have a DLP (Data Lost Prevention). There are ways to prevent this (With […]
Antivirus Exclusion for NON Windows Defender In the world of IT security, antivirus tools like Windows Defender are our go-to guardians against all sorts of threats. But sometimes, we need to make exceptions for certain stuff related to Microsoft Intune. Now, here’s the deal (See end of this Blog entry below) Windows Defender has this […]
CVE-2023-34048 and CVE-2023-34056 Rating 9.8/10 DRINGEND, Angriff Information Public verfügbar Sämtliche VCENTER von neuer Lücke betroffen EXPLOIT code im Umlauf. Patche für aktuelle und alte VCENTER Versionen ab sofort https://www.vmware.com/security/advisories/VMSA-2023-0023.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-34048 https://docs.vmware.com/en/VMware-vSphere/8.0/rn/vsphere-vcenter-server-80u1d-release-notes/index.html Betroffene Produkte – VMware vCenter Server – VMware Cloud Foundation Einführung Ein Out-of-Bounds Write (CVE-2023-34048) und eine teilweise Informationsfreigabe (CVE-2023-34056) im vCenter […]
WINSCP you cannot see the WINSCP console on a multi monitor system Sometimes the WINSCP console is open but you simply can’t see it or switch to it with Windows Shortcuts. Close all winscp.exe however you like With Task Manager and GUI: taskmgr.exe > Rightlcick ENDTASK on each single one With cmd.exe taskkill.exe /IM […]
Had a case where the McAfee EPO DB almost blew due to an EPO issue or, let’s say, McAfee prevented it from happening by encountering SQL-Express limitations. We’re relieved that since EPO 5.X, they’ve implemented two databases; one for EPO and one for Events; effectively splitting the load in size and safeguarding the crucial elements. […]
For all DBA’s > Yes we know but Mcafee tells us to shrink 😉 Also see our security concerning regarding centralizes SQL for Security Appliances/Servers. Problem: You are unable to shrink the Mcafee EPO SQL Database with Management Studio (GUI). You are already on “SIMPLE RECOVERY” mode for the DB. Management […]
Ransomware in der Schweiz Lösungsansätze für mehr Cybersicherheit Die Bedrohung durch Ransomware in der Schweiz erfordert intelligente Lösungen. Eine effektive Methode, die sich bewährt hat, ist der Einsatz von “Black/White-Listing” Technologien, wie sie beispielsweise von McAfee TIE bereitgestellt werden. Diese fortschrittliche Technologie, die auf intelligenter Listenführung basiert, stellt derzeit die einzige wirksame Lösung dar, um […]
