SECURITY Archives - www.butsch.ch

ENS | Endpoint Security FW Fortigate FW Sophos GPO | Gruppenrichtlinien Ivanti Frontrange Enteo M365 - Exchange Online Mcafee/Trellix Microsoft SCCM,MEM,MDT Outlook Scripting Tools we made VMWare VSE | VirusScan Enterprise

CRL Check – Certificate Revocation List Validation Freeware Tool

15.12.2025 admin

CRL Check for Windows Environments CRL check is a tool designed to collect executables from most used paths on your client. It checks whether they are digitally signed with a code certificate and then retrieves the Certificate Revocation Lists (CRL) and OCSP for each signed file it finds. It then automatic verifies if the client […]

Intunes Microsoft Exchange SECURITY

Abstellung 3G, Schweiz Swisscom 3G, 4G, VoLTE (Voice over LTE) was muss ich beachten?

03.12.2025 admin

Abstellung 3G, Schweiz Swisscom 3G, 4G, VoLTE (Voice over LTE) was muss ich beachten? In der Schweiz werden aktuelle Mobilfunkdienste zunehmend auf moderne Netztechnologien umgestellt. Besonders wichtig ist dabei, dass Smartphones VoLTE unterstuetzen. Ohne diese Funktion koennen Telefonie und SMS bei Swisscom nicht mehr wie gewohnt genutzt werden. Bakom schreibt: Ältere Mobiltelefone ohne 4G Technologie […]

ENS | Endpoint Security EPO | ePolicy Orchestrator SECURITY

Trellix Endpoint Security Platform 10.7.19 mfeesp.exe crash nach Update, Event 1000, W11, SRV 2016 und 2019, Deutsch

01.12.2025 admin

Migration von Trellix Endpoint ENS 10.7.19 fehlerhaft ENS Oberfläche zeigt Fehler: Error commincating with the Event Log (Windows Defender ist aktiv) mfeesp.exe verursacht Abstürze In der ENS-GUI erscheint: “Error communicating with the Event Log” Application Event 1000 mit Verweis auf MSVCP140.DLL, MSVCP140_1.DLL, MSVCP140_2.DLL, MSVCP140_atomic_wait.dll oder MSVCP140_codecvt_ids.DLL Betroffen: Microsoft Windows 11 24H2 sowie Windows Server 2016 […]

FW Fortigate SECURITY

FortiClient IPSEC VPN error Last Disconnect Reason: ChildSa_Negotiation_Failed

27.11.2025 admin

Fortinet FortiClient 7.4.4.1887 IPSEC VPN not working Error: ChildSa_Negotiation_Failed We just changed from Fortinet FortiGate SSLVPN to IPSEC because FortiGate will drop SLL VPN tunnel mode for security reasons. https://docs.fortinet.com/document/fortigate/latest/administration-guide/155142/ssl-vpn-tunnel-mode-to-ipsec-vpn-migration-new My VPN jump host running under VMware workstation could not connect to the IPSEC. Before you change the NIC mode or play around one hundred […]

Deployment ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix Scripting SECURITY

Unable to migrate Trellix Endpoint ENS 10.7.19, Event 1000, MSVCP140.dll, mfeesp.exe, Error communicating with the Event Log

20.11.2025 admin

Unable to migrate to Trellix Trellix Endpoint Security ENS 10.7.19 and ENS GUI crash with event 1000 (Update/migration/upgrade) mfeesp.exe crashing GUI: Error communicating with the Event Log Application Event 1000 from MSVCP140.DLL, MSVCP140_1.DLL,MSVCP140_2.DLL, MSVCP140_atomic_wait.dll or MSVCP140_codecvt_ids.DLL Affected OS we have seen with error: Microsoft Windows W11 24H2 Microsoft Server 2016 Microsoft Server 2019 Terminal Server […]

Microsoft Server OS SECURITY Server 2008 R2 Server 2012 R2 Server 2016 Server 2019 Server 2022 [21H2/22H2/32H2] Server 2025 WSUS

Is your SBS environment update ready for 25H2 W11, SMB-Version, smbchecker.ps1

02.11.2025 admin

PowerShell script to check if you SMB setup is 25H2 ready Windows 11 25H2 – Small Update, Big Impact for SMB Environments Windows 11 25H2 is now being offered on home and business systems as an Enablement Pack. This means it’s not a full new installation — instead, it’s a small ~50 MB update […]

DLP | Data Loss Prevention ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 4

05.02.2025 admin

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 4 We have installed the latest Update 4 on several customer on-premises EPO installation and the update works fine and without any problems. Key Considerations for Updating Trellix ePO 5.10 SP1 to the Latest Rollup 4 Check your ePO database size. Some Trellix SP or Rollup […]

M365,AZURE,INTUNE SECURITY Server 2022 [21H2/22H2/32H2]

SMB over QUIC a OneDrive, Sharepoint replacement, SRV 2025?

24.07.2024 admin

SMB over QUIC UDP is coming to on-premises Server 2025 for all OS editions. This feature will be included in every edition of Microsoft Server 2025. It uses The Microsoft Windows Admin Center Server (WAC) which was built to manage you inhouse server structure remote (no Azure or cloud dependency). The Microsoft Server and Storage […]

DLP | Data Loss Prevention ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix MSME | Security for Exchange SECURITY Server 2012 R2 Server 2016 Server 2022 [21H2/22H2/32H2]

Crowdstrike Falcon Sensor, Azure VM Repair paths

19.07.2024 admin

The procedures in this article describe methods you can use to attach an encrypted OS disk to a repair VM and then unlock that disk. After the disk is unlocked, you can repair it. As a final step, you can replae the OS disk on the original VM with this newly repaired version. Microsoft has […]

Hotfixes, Updates Mcafee/Trellix Microsoft Server OS SECURITY Server 2012 R2 Server 2016 Server 2022 [21H2/22H2/32H2] VMWare

Falcon Sensor, Bluescreen of Death Vmware workaround if you can’t boot into recovery

19.07.2024 admin

Workaround Server / Vmware affected with NO Recovery Option and not encrypted: There are some server where you can’t boot into recovery or safe boot. If the volume is not encrypted you have one way to delete the faulty crowdstrike def file from the disk. Base article: 19.07.2024 BSOD Blue screen Crowdstrike – […]

Mcafee/Trellix SECURITY TIE/ATD/ATP | Sandbox - Advanced Threat Protection

19.07.2024 BSOD Blue screen Crowdstrike

19.07.2024 admin

The falcon has crashed BSOD blue screen of death on clients and server OS Red Teams and Hackers > see where you have brought us? https://www.trellix.com/about/why-trellix/vscrowdstrike/ The latest CrowdStrike Falcon Sensor update is causing a widespread issue resulting in a Blue Screen of Death (BSOD) boot loop globally. It’s a security professional’s worst nightmare […]

Deployment GPO | Gruppenrichtlinien Intunes Scripting SECURITY

Proxy settings der Cryptography API bei Zertifikatswiderrufslisten (CRL) von einem CRL-Verteilungspunkt

18.07.2024 admin

Dieser Artikel zielt darauf ab, den Prozess zu erläutern, den die Crypto API durchläuft, um erfolgreich eine HTTP-basierte URL für den CRL-Verteilungspunkt herunterzuladen. Er dient auch der Fehlerbehebung in Situationen, die mit der Netzwerkrückgewinnung von CRLs verbunden sind. Zusätzlich wird unser kostenloses Tool, crlcheck.exe, erwähnt, das dazu beitragen soll, komplexe Probleme effektiver zu lösen. In […]

WSUS SECURITY SQL

WSUS problem or unstable when WID SQL is getting to big, how to shrink

15.07.2024 admin

Windows Update Server crashed often on Server 2016/2022 with WID Windows Internal Database. We have seen several newer WSUS Servers crahsing or hanging more often with SRV 2016 and even SRV 2019 WSUS. The source may be this table, which is 26GB and holds all the patch information and language descriptions. The full WID DB […]

WSUS ENS | Endpoint Security Exchange 2013 Exchange 2016 Exchange 2019

13.06.2024 False-Postive with ENS 10.7, AMCORE 5554 on Windows Defender AM_Delta_Patch Server 2019 German

10.07.2024 admin

Trellix ENS 10.7 deletes Windows Defender Update which come from WSUS-Server on German Server 2019 We just did see a false positive on Windows Defender Updates we provide via WSUS with autoaprove on a Windows Server 2019 German with Trellix ENS 10.7 and AMCORE 5554. The file was deleted from C:\Windows\SoftwareDistribution\Download\ Microsoft affected file: […]

ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 3 fixes Update and LDAP bugs

04.06.2024 admin

FILE: ePO_5.10.0_SP1_UP3_1634, 460MB Finally the LAP Sync bug and the rollback (WMI) bug was fixed. There seems to be some truncate or shorten engineering force. We can understand that they want to prevent Buffer Overflow but the issue here with the LDAP client names shorten and then the issue with the TIE/DXL […]

Category: SECURITY