Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

WSUS ImportUpdateToWSUS.ps1, March 2024 security update DC fails SRV 2019 and 2022 how to fix all steps

03/2024, out of Band patches for DC crash KB5037422, KB5037425, KB5037423, KB5037426   DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/     We explain how to import the 4-5 manual patches for Server 2012R2, 2016, 2019, 2022 and what to fix if you get an error when you run the script to ImportUpdateToWSUS.ps1 to import the patches into […]

Windows Update Server Import Fehler Powershell KB5037422, KB5037425, KB5037423, KB5037426

Notfall Patche, Out of Band patche für Domain Controller DC crash KB5037422, KB5037425, KB5037423, KB5037426   DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/   Um die 4-5 manuellen Patches für Server 2012R2, 2016, 2019 und 2022 zu importieren und zu erklären, was zu tun ist, wenn beim Ausführen des Skripts “ImportUpdateToWSUS.ps1” zum Importieren der Patches in WSUS ein […]

KEMP service option Detect Malicious Request Intrusion handling blocks Winword Blog posts

  The KEMP option “Detect Malicious Requests” blocks Winword from connecting to WordPress or BLOGengine.net blog provider configurations, changing or uploading existing blog entries with pictures. We lost quite some time on this one because we were initially searching forever on our firewall and other WAF appliances. Finally, we found out that this is due […]

CRLcheck.exe Certificate Revocation List Check Tool to verify all CRL and OCSP on Windows client

CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs.     Over the past 20 years, I have personally witnessed how Certificate Revocation on Windows systems is often underestimated, even within large enterprises. This issue significantly affects both client and server […]

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Exchange server version is out-of-date

  Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Mode, Queue is growing SMTP ERROR: Connecting Exchange server version is out-of-date Since December 2023, Microsoft has been throttling or blocking on-premises Exchange 2013 servers that are in Hybrid Mode, connecting to their cloud environment. Even if 99% of the mailboxes are already in the […]

Enable Extended Protection for OS 2016 and Exchange 2016 (on-premises, no hybrid, no DAG) sample all steps explained

  Here you will find all steps to protect from CVE-2024-21410 Exchange Leak. This sample handels and standlaone Exchange 2016 running on Server 2016. The customer has no DAG (Cluster), He is NOT in Hybrid Mode Classic or Modern (He has no CLOUD connection), all latest 02/2024 Windows Updates are installed, the latest CU for […]

Managing external time server NTP on Microsoft Server DC and Vmware ESX in Switzerland

    Managing Windows Time Service: A Comprehensive Guide The Windows Time service (W32Time) plays a crucial role in synchronizing the date and time for all computers managed by Active Directory Domain Services (AD DS). This article delves into the tools and settings used to effectively manage the Windows Time service. Default Synchronization By default, […]

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express Does also happen with: EPO5100_ServicePack1_4098_LR1.zip (lATEST DOWNLOAD 01.05.2024) Just had a case where we searched for longer, but it was NOT related to a dual install of WSUS+EPO. Because we sometimes have a dual install of EPO and WSUS roles on the […]

Exchange CVE-2024-21410 2016 2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem

Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition or with too small recovery Partition (Free space under 250MB) ERROR: KB5034439, 0x8024200B, 0x80070643 ERROR_INSTALL_FAILURE. PATCH: 024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439). Status 12.01.2024 —————————————————– Microsoft has releases two PowerShell with which you should […]