 |
 |
|
Try our new Certificate Revocation List Check Tool CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files. |
||
Trellix ENS 10.7 deletes Windows Defender Update which come from WSUS-Server on German Server 2019 We just did see a false positive on Windows Defender Updates we provide via WSUS with autoaprove on a Windows Server 2019 German with Trellix ENS 10.7 and AMCORE 5554. The file was deleted from C:\Windows\SoftwareDistribution\Download\ Microsoft affected file: […]
Exchange SE (Subscription Edition), Exchange 2019 Nachfolger mit in-place Upgrade | Microsoft hat gerade Release-Informationen und eine Zeitlinie für die Einführung der neuen Exchange SE (Subscription Edition) veröffentlicht. Kunden können weiterhin rein On-Premises oder im Hybridmodus arbeiten, wie es ihren Bedürfnissen entspricht. Neu wird die Exchange SE jedoch ausschliesslich im Abonnementmodell erhältlich sein. […]
Powershell to show and log SMTP Port 25, 465, 2525 after Decomission old Exchange Server When decommissioning an Exchange Server, it’s common to install SMTP/IIS to capture and redirect the failing SMTP sender traffic, allowing us to monitor if there’s still traffic coming to the old Exchange. Below is a PowerShell script that you […]
CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs. Download 11/2024 NEW Release 2.0.1.0 with OSCP check, Proxy Options, AIA Chain check etc. Version 2.0.1.0, https://www.butsch.ch/wp-content/uploads/tools/crlcheck/latest/crlcheck.7z Over the past 20 years, I have personally witnessed how Certificate Revocation […]
Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Mode, Queue is growing SMTP ERROR: Connecting Exchange server version is out-of-date Since December 2023, Microsoft has been throttling or blocking on-premises Exchange 2013 servers that are in Hybrid Mode, connecting to their cloud environment. Even if 99% of the mailboxes are already in the […]
Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]
List or change Inboxrules employee have > Automatic E-Mail forwards to private or external E-Mail systems. Problem: In Exchange, users are able to forward E-Mail themself to an external private account. This is a problem because of compliance and if you don’t have a DLP (Data Lost Prevention). There are ways to prevent this (With […]
www.butsch.ch Resolve and find OAuth problem in Exchange Hybrid Setup Environment Short Understanding OAuth: OAuth (Open Authorization) is an industry-standard protocol that enables secure authorization for third-party applications without the need to disclose user credentials. It allows users to grant limited access to their resources on one site to another site, without sharing their credentials. […]
english, Management summary To gain a better understanding of the ADMINSholder/adminCount attribute, we recommend referring to the provided blog posts, which shed light on the impact of this flag, particularly regarding ActiveSync and GPO. This attribute poses a challenge in the synchronization process of the Synchronization Service Manager (Microsoft Azure AD Connect Synchronization Services) as […]
Trellix ENS 10.X, T1056 – Key capture using PowerShell detected, Host intrusion buffer overflow ExP:Illegal API Use Blocked an attempt to exploit C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\POWERSHELL.EXE, which targeted the GetAsyncKeyState API. For efficient M365 and Exchange Online management, there are various methods available. While utilizing the PowerShell button within the Admin Portal is one option, it requires an Azure […]
CVE-2023-23397 Was ausgenutz wird: Anstatt Standard Microsoft Outlook Sound kann man für ein meeting reminder einen Custom Sound angeben. Dieser kann auf einem Share liegen. Da liegt der Hund begraben. https://learn.microsoft.com/de-de/office/client-developer/outlook/mapi/pidlidreminderoverride-canonical-property https://www.forbes.com/sites/daveywinder/2023/03/15/microsoft-outlook-warning-critical-new-email-exploit-triggers-automatically-update-now/?sh=47f058ce6e5e CVE-2023-23397 ist ein Outlook-Bug. Wenn Sie eine eingehende E-Mail für einen Termin mit einer benutzerdefinierten Erinnerung (Ton, Attribut PidLIDReminder) senden, wird Outlook.exe (2012/2016) versuchen, […]
TIP: Cleanup everything LOCAL before you even think of moving anything to M365 or Azure or even starting the Connector PRO TIP: Full manual list of Objects/attribute to check on your local ADS in this blog. This blog entry is mainly about those two steps of the MS Technet: https://learn.microsoft.com/en-us/microsoft-365/enterprise/prepare-for-directory-synchronization?view=o365-worldwide Directory Clean-up Tasks Directory object […]
On an Exchange 2016/2019/M365/Azure you want to change the TLS Certificate of your Receive Connector. Your SAN (Subject Alternate Name) or Wildcard Certificate has no Common Name [CN] (Empty). When you try to assign the cert the regular way you get an error. Nothing wrong with the Cert company just the other side (Requester/Converter) as […]
Problem: Exchange 2013/2016 Activeync MDM Handy stops syncing, Event 2002, limit max, Targetbackend, will be rejected In generall this could be a EAS Activesync device running mad or a user using functions like Time to leave on iPhone (See link at end of document here) It’s rather important we find what causes the effect inseatd […]
Error: This mailbox database is associated with one or more active MailboxExport requests Source: This means you have current/Pending/stalled as sample PST Exports running (Maybe very old). Solution: You will have to remove those you are able to remove the emtpy old Exchange MDB. Get-MailboxExportRequest (ExchangePowerShell) | Microsoft Docs Microsoft Exchange Error […]
