www.butsch.ch - Page 5 of 29 - Enterprise IT explained for you and me

Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online Microsoft Exchange Server 2022 [21H2/22H2/32H2]

Exchange CVE-2024-21410 2016 2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem

19.01.2024 admin

Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]

Hotfixes, Updates Microsoft Server OS Server 2022 [21H2/22H2/32H2] WSUS

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition

11.01.2024 admin

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition or with too small recovery Partition (Free space under 250MB) ERROR: KB5034439, 0x8024200B, 0x80070643 ERROR_INSTALL_FAILURE. PATCH: 024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439). Status 12.01.2024 —————————————————– Microsoft has releases two PowerShell with which you should […]

FW Fortigate FW Sophos M365,AZURE,INTUNE SECURITY

Troubleshooting CRC Errors on Fortinet Fortigate Firewalls – Intunes CRC download error

28.11.2023 admin

We just had a case where we in detail explored the CRC errors with Intunes Packets. Simply WIN32 Package with 300MB failed just for one client. One client had a CRC error same day while others just fine. Here is how to check local on-premises to be sure you can tell it’s M365 side failing […]

DLP | Data Loss Prevention EPO | ePolicy Orchestrator Hotfixes, Updates

Mcafee/Trellix EPO 5.10 SP1 UPD2 (Update 2) Installation CVE-2023-5444 (RISK HIGH) and CVE-2023-5445

28.11.2023 admin

Exploit/Lücken CVE-2023-5444 (RISK HIGH) und CVE-2023-5445. Update Mcafee/Trellix EPO Management Server There is emergency patch for EPO and the Trellix Forum seems to be down or rebuilt? Here is some info to help you this way. We have just updated around 10 EPO on-premises installations from EPO 5.10 SP1 to UPD2 or from 5.10 […]

Deployment FW Fortigate FW Sophos Intunes KEMP Load Balancer Microsoft SCCM,MEM,MDT SECURITY

Mastering Firewalls for Intunes and Autopilot Success, FQDN, IP, CRL to get Intunes running

24.11.2023 admin

Mastering Firewalls for Intunes and Autopilot Success In the realm of IT, especially with the advent of cloud-based systems like M365 and Intune, managing firewalls has evolved into a complex challenge. Gone are the days of a handful of external ports; now, it’s like navigating a digital maze of ports and IP ranges. Enter the […]

CRUNCH Deployment FW Fortigate M365,AZURE,INTUNE W10

Missing entry in Fortigate Application Filter ROOT.CERTIFICATE.URL and OCSP source of W10 Setup failing

24.11.2023 admin

FortiGate Application Filter Certificate wrong/missing Entry sample for an important laptop driver (W10 Deployment fails because of signed Driver Revocation Lookup) Missing entry in Fortigate Application Filter “ROOT.CERTIFICATE.URL” and “OCSP” source of failing Windows 10 Deployment with commercial Deployment Products (This includes HP client hardware, Microsoft SCCM, Landesk or Ivanti Frontrange). During the Unattend phase […]

Exchange 2007 Exchange 2010 Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online Microsoft Exchange Outlook

Exchange-Powershell-list-all-user-who-have-a-Forward-or-Redirect-active

22.11.2023 admin

List or change Inboxrules employee have > Automatic E-Mail forwards to private or external E-Mail systems. Problem: In Exchange, users are able to forward E-Mail themself to an external private account. This is a problem because of compliance and if you don’t have a DLP (Data Lost Prevention). There are ways to prevent this (With […]

Deployment M365,AZURE,INTUNE Mcafee/Trellix

MS Intunes Antivirus Exclusion Process and Directory

09.11.2023 admin

Antivirus Exclusion for NON Windows Defender In the world of IT security, antivirus tools like Windows Defender are our go-to guardians against all sorts of threats. But sometimes, we need to make exceptions for certain stuff related to Microsoft Intune. Now, here’s the deal (See end of this Blog entry below) Windows Defender has this […]

Deployment VMWare

VMWare vCenter Lücke, CVE-2023-34048 and CVE-2023-34056 Rating 9.8/10 DRINGEND, Angriff Public verfuegbar

25.10.2023 admin

CVE-2023-34048 and CVE-2023-34056 Rating 9.8/10 DRINGEND, Angriff Information Public verfügbar Sämtliche VCENTER von neuer Lücke betroffen EXPLOIT code im Umlauf. Patche für aktuelle und alte VCENTER Versionen ab sofort https://www.vmware.com/security/advisories/VMSA-2023-0023.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-34048 https://docs.vmware.com/en/VMware-vSphere/8.0/rn/vsphere-vcenter-server-80u1d-release-notes/index.html Betroffene Produkte – VMware vCenter Server – VMware Cloud Foundation Einführung Ein Out-of-Bounds Write (CVE-2023-34048) und eine teilweise Informationsfreigabe (CVE-2023-34056) im vCenter […]

Uncategorized

WINSCP you cannot see the WINSCP console on a multi monitor system

21.10.2023 admin

WINSCP you cannot see the WINSCP console on a multi monitor system Sometimes the WINSCP console is open but you simply can’t see it or switch to it with Windows Shortcuts. Close all winscp.exe however you like With Task Manager and GUI: taskmgr.exe > Rightlcick ENDTASK on each single one With cmd.exe taskkill.exe /IM […]

DLP | Data Loss Prevention EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee/Trellix EPO Server, Logon failed due to a full database disk (SQL cleanup)

12.10.2023 admin

Had a case where the McAfee EPO DB almost blew due to an EPO issue or, let’s say, McAfee prevented it from happening by encountering SQL-Express limitations. We’re relieved that since EPO 5.X, they’ve implemented two databases; one for EPO and one for Events; effectively splitting the load in size and safeguarding the crucial elements. […]

DLP | Data Loss Prevention EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee/Trellix EPO Database SQL shrink Size in small steps via OSQL

12.10.2023 admin

For all DBA’s > Yes we know but Mcafee tells us to shrink 😉 Also see our security concerning regarding centralizes SQL for Security Appliances/Servers. Problem: You are unable to shrink the Mcafee EPO SQL Database with Management Studio (GUI). You are already on “SIMPLE RECOVERY” mode for the DB. Management […]

Deployment Mcafee/Trellix SECURITY TIE/ATD/ATP | Sandbox - Advanced Threat Protection

Mcafee/Trellix: ATP/TIE Threat Intelligence Exchange im Einsatz

11.10.2023 admin

Ransomware in der Schweiz Lösungsansätze für mehr Cybersicherheit Die Bedrohung durch Ransomware in der Schweiz erfordert intelligente Lösungen. Eine effektive Methode, die sich bewährt hat, ist der Einsatz von “Black/White-Listing” Technologien, wie sie beispielsweise von McAfee TIE bereitgestellt werden. Diese fortschrittliche Technologie, die auf intelligenter Listenführung basiert, stellt derzeit die einzige wirksame Lösung dar, um […]

Deployment M365,AZURE,INTUNE VMWare

VMWARE Workspace One, iPhone, iOS 17, Enterprise Wipe after Update. Issue known since 07.07.2023

27.09.2023 admin

VMWARE Workspace One, iPhone, iOS 17, Enterprise WIPI after Update. Issue known since 07.07.2023 to 27.09.2023 and still affects endusers Well; looks like some things change too fast in the modern world workplace. We wish to inform you of a current concern pertaining to Workspace ONE UEM-enrolled iOS devices that have undergone […]

Deployment Intunes Microsoft SCCM,MEM,MDT

Intunes / M365, Deploy Company portal in 2023 via APPX and Line of Business (0x87D1041C)

25.09.2023 admin

Microsoft Intune Company Portal for Windows, APPX Version via Intune and Line of Business App (Avoid 0x87D1041C if you deploy the APP Store version) Problem: Intune users (customers) report that they encounter an issue: the application was not detected after a successful installation (0x87D1041C). You see success rated of 75-80%. That is simply not usable […]

Highroller