Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

www.butsch.ch Resolve and find OAuth problem in Exchange Hybrid Setup Environment Short Understanding OAuth: OAuth (Open Authorization) is an industry-standard protocol that enables secure authorization for third-party applications without the need to disclose user credentials. It allows users to grant limited access to their resources on one site to another site, without sharing their credentials. […]

Certutil.exe –url –urlcache how to use and freeware GUI crl check to automate CRL verify

  How to use Microsoft certutil.exe –url or –urlcache to find CRL and OCSP on Windows manually, or utilize our freeware tool crlcheck.exe, which performs the same function fully automatically for all EXE files on your system. crlcheck.exe https://www.butsch.ch/post/crlcheck-exe-certificate-revocation-list-check-tool-to-verify-all-crl-and-ocsp-on-windows-client/   What is a CRL Certificate Revocation List file?   Each certificate authority (CA) periodically issues […]

McAfee ATD – Trellix TIS MASU.exe Sandbox Uploader. A freeware tool to submit files to ATD/TIS automatic

M.A.S.U (M)CAFEE (A)TD (S)ANDBOX (U)PLOADER V4.1, Mike Butsch, Senior System Engineer, www.butsch.ch Remark 2024: Everything will work for TIS / Trellix Intelligent Sandbox we have been using the same tool with every release of TIS. Hopefully there is a ready solution for FireEye without using Python The tool is freeware, feel free to use it. […]

CRL check, Zertifikatsperrlisten Software, Certificate Revocation List Check Tool zum suchen aller geblockten CRL in Firmenumgebungen, crlcheck.exe

Mit diesem Tool findet man schnell und einfach alle verwendeten CRL eines clients und kann prüfen ob der client diese erreicht.   In den vergangenen Jahren habe ich persönlich miterlebt, wie die Zertifikatssperrung auf Windows-Systemen oft unterschätzt wird, selbst in großen Unternehmen. Dieses Problem beeinträchtigt sowohl Client- als auch Server-Systeme erheblich, wenn es nicht korrekt […]

Problematic W11 preview patch KB5035942 do not install rollback HP laptop seen

  Patch: 2024-03 Cumulative Update Preview for Windows 11 Version 23H2 for x64-based Systems (KB5035942) OS Builds : 22621.3374 22631.3374 Patch details: March 26, 2024—KB5035942 (OS Builds 22621.3374 and 22631.3374) Preview – Microsoft Support https://support.microsoft.com/en-us/topic/march-26-2024-kb5035942-os-builds-22621-3374-and-22631-3374-preview-3ad9affc-1a91-4fcb-8f98-1fe3be91d8df   The KB5035942 preview patch seems to make some problem on different brands of systems. Some customer reported bluescreen or […]

Powershell to show and log SMTP Port 25, 465, 2525 after decomission old Exchange Server

Powershell to show and log SMTP Port 25, 465, 2525 after Decomission old Exchange Server   When decommissioning an Exchange Server, it’s common to install SMTP/IIS to capture and redirect the failing SMTP sender traffic, allowing us to monitor if there’s still traffic coming to the old Exchange. Below is a PowerShell script that you […]

WSUS ImportUpdateToWSUS.ps1, March 2024 security update DC fails SRV 2019 and 2022 how to fix all steps

03/2024, out of Band patches for DC crash KB5037422, KB5037425, KB5037423, KB5037426   DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/     We explain how to import the 4-5 manual patches for Server 2012R2, 2016, 2019, 2022 and what to fix if you get an error when you run the script to ImportUpdateToWSUS.ps1 to import the patches into […]

Windows Update Server Import Fehler Powershell KB5037422, KB5037425, KB5037423, KB5037426

Notfall Patche, Out of Band patche für Domain Controller DC crash KB5037422, KB5037425, KB5037423, KB5037426   DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/   Um die 4-5 manuellen Patches für Server 2012R2, 2016, 2019 und 2022 zu importieren und zu erklären, was zu tun ist, wenn beim Ausführen des Skripts “ImportUpdateToWSUS.ps1” zum Importieren der Patches in WSUS ein […]

KEMP service option Detect Malicious Request Intrusion handling blocks Winword Blog posts

  The KEMP option “Detect Malicious Requests” blocks Winword from connecting to WordPress or BLOGengine.net blog provider configurations, changing or uploading existing blog entries with pictures. We lost quite some time on this one because we were initially searching forever on our firewall and other WAF appliances. Finally, we found out that this is due […]

CRLcheck.exe Certificate Revocation List Check Tool to verify all CRL and OCSP on Windows client

CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs.     Over the past 20 years, I have personally witnessed how Certificate Revocation on Windows systems is often underestimated, even within large enterprises. This issue significantly affects both client and server […]

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Exchange server version is out-of-date

  Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Mode, Queue is growing SMTP ERROR: Connecting Exchange server version is out-of-date Since December 2023, Microsoft has been throttling or blocking on-premises Exchange 2013 servers that are in Hybrid Mode, connecting to their cloud environment. Even if 99% of the mailboxes are already in the […]

Enable Extended Protection for OS 2016 and Exchange 2016 (on-premises, no hybrid, no DAG) sample all steps explained

  Here you will find all steps to protect from CVE-2024-21410 Exchange Leak. This sample handels and standlaone Exchange 2016 running on Server 2016. The customer has no DAG (Cluster), He is NOT in Hybrid Mode Classic or Modern (He has no CLOUD connection), all latest 02/2024 Windows Updates are installed, the latest CU for […]

Managing external time server NTP on Microsoft Server DC and Vmware ESX in Switzerland

    Managing Windows Time Service: A Comprehensive Guide The Windows Time service (W32Time) plays a crucial role in synchronizing the date and time for all computers managed by Active Directory Domain Services (AD DS). This article delves into the tools and settings used to effectively manage the Windows Time service. Default Synchronization By default, […]