M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

www.butsch.ch Resolve and find OAuth problem in Exchange Hybrid Setup Environment Short Understanding OAuth: OAuth (Open Authorization) is an industry-standard protocol that enables secure authorization for third-party applications without the need to disclose user credentials. It allows users to grant limited access to their resources on one site to another site, without sharing their credentials. […]

Enable Extended Protection for OS 2016 and Exchange 2016 (on-premises, no hybrid, no DAG) sample all steps explained

  Here you will find all steps to protect from CVE-2024-21410 Exchange Leak. This sample handels and standlaone Exchange 2016 running on Server 2016. The customer has no DAG (Cluster), He is NOT in Hybrid Mode Classic or Modern (He has no CLOUD connection), all latest 02/2024 Windows Updates are installed, the latest CU for […]

Managing external time server NTP on Microsoft Server DC and Vmware ESX in Switzerland

    Managing Windows Time Service: A Comprehensive Guide The Windows Time service (W32Time) plays a crucial role in synchronizing the date and time for all computers managed by Active Directory Domain Services (AD DS). This article delves into the tools and settings used to effectively manage the Windows Time service. Default Synchronization By default, […]

Exchange CVE-2024-21410 2016 2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem

Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition or with too small recovery Partition (Free space under 250MB) ERROR: KB5034439, 0x8024200B, 0x80070643 ERROR_INSTALL_FAILURE. PATCH: 024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439). Status 12.01.2024 —————————————————– Microsoft has releases two PowerShell with which you should […]

Mcafee/Trellix EPO 5.10 SP1 UPD2 (Update 2) Installation CVE-2023-5444 (RISK HIGH) and CVE-2023-5445

Exploit/Lücken CVE-2023-5444 (RISK HIGH) und CVE-2023-5445. Update Mcafee/Trellix EPO Management Server   There is emergency patch for EPO and the Trellix Forum seems to be down or rebuilt? Here is some info to help you this way. We have just updated around 10 EPO on-premises installations from EPO 5.10 SP1 to UPD2 or from 5.10 […]

Mastering Firewalls for Intunes and Autopilot Success, FQDN, IP, CRL to get Intunes running

Mastering Firewalls for Intunes and Autopilot Success In the realm of IT, especially with the advent of cloud-based systems like M365 and Intune, managing firewalls has evolved into a complex challenge. Gone are the days of a handful of external ports; now, it’s like navigating a digital maze of ports and IP ranges. Enter the […]

Missing entry in Fortigate Application Filter ROOT.CERTIFICATE.URL and OCSP source of W10 Setup failing

Fortigate Application Filter Certificate wrong/missing Entry sample for an important laptop driver (W10 Deployment fails because of signed Driver Revocation Lookup)     Missing entry in Fortigate Application Filter “ROOT.CERTIFICATE.URL” and “OCSP” source of failing   Windows 10 Deployment with commercial Deployment Products (This includes HP client hardware, Microsoft SCCM, Landesk or Ivanti Frontrange). During […]


List or change Inboxrules employee have > Automatic E-Mail forwards to private or external E-Mail systems. Problem: In Exchange, users are able to forward E-Mail themself to an external private account. This is a problem because of compliance and if you don’t have a DLP (Data Lost Prevention). There are ways to prevent this (With […]

VMWare vCenter Lücke, CVE-2023-34048 and CVE-2023-34056 Rating 9.8/10 DRINGEND, Angriff Public verfuegbar

  CVE-2023-34048 and CVE-2023-34056 Rating 9.8/10 DRINGEND, Angriff Information Public verfügbar Sämtliche VCENTER von neuer Lücke betroffen EXPLOIT code im Umlauf. Patche für aktuelle und alte VCENTER Versionen ab sofort https://www.vmware.com/security/advisories/VMSA-2023-0023.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-34048 https://docs.vmware.com/en/VMware-vSphere/8.0/rn/vsphere-vcenter-server-80u1d-release-notes/index.html Betroffene Produkte – VMware vCenter Server – VMware Cloud Foundation Einführung Ein Out-of-Bounds Write (CVE-2023-34048) und eine teilweise Informationsfreigabe (CVE-2023-34056) im vCenter […]