Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Category: SECURITY

KEMP service option Detect Malicious Request Intrusion handling blocks Winword Blog posts

  The KEMP option “Detect Malicious Requests” blocks Winword from connecting to WordPress or BLOGengine.net blog provider configurations, changing or uploading existing blog entries with pictures. We lost quite some time on this one because we were initially searching forever on our firewall and other WAF appliances. Finally, we found out that this is due […]

CRLcheck.exe Certificate Revocation List Check Tool to verify all CRL and OCSP on Windows client

CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs.     Over the past 20 years, I have personally witnessed how Certificate Revocation on Windows systems is often underestimated, even within large enterprises. This issue significantly affects both client and server […]

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express Does also happen with: EPO5100_ServicePack1_4098_LR1.zip (lATEST DOWNLOAD 01.05.2024) Just had a case where we searched for longer, but it was NOT related to a dual install of WSUS+EPO. Because we sometimes have a dual install of EPO and WSUS roles on the […]

Mcafee/Trellix EPO 5.10 SP1 UPD2 (Update 2) Installation CVE-2023-5444 (RISK HIGH) and CVE-2023-5445

Exploit/Lücken CVE-2023-5444 (RISK HIGH) und CVE-2023-5445. Update Mcafee/Trellix EPO Management Server   There is emergency patch for EPO and the Trellix Forum seems to be down or rebuilt? Here is some info to help you this way. We have just updated around 10 EPO on-premises installations from EPO 5.10 SP1 to UPD2 or from 5.10 […]

Mastering Firewalls for Intunes and Autopilot Success, FQDN, IP, CRL to get Intunes running

Mastering Firewalls for Intunes and Autopilot Success In the realm of IT, especially with the advent of cloud-based systems like M365 and Intune, managing firewalls has evolved into a complex challenge. Gone are the days of a handful of external ports; now, it’s like navigating a digital maze of ports and IP ranges. Enter the […]

Missing entry in Fortigate Application Filter ROOT.CERTIFICATE.URL and OCSP source of W10 Setup failing

FortiGate Application Filter Certificate wrong/missing Entry sample for an important laptop driver (W10 Deployment fails because of signed Driver Revocation Lookup) Missing entry in Fortigate Application Filter “ROOT.CERTIFICATE.URL” and “OCSP” source of failing Windows 10 Deployment with commercial Deployment Products (This includes HP client hardware, Microsoft SCCM, Landesk or Ivanti Frontrange). During the Unattend phase […]

Mcafee/Trellix EPO Server, Logon failed due to a full database disk (SQL cleanup)

Had a case where the McAfee EPO DB almost blew due to an EPO issue or, let’s say, McAfee prevented it from happening by encountering SQL Express limitations. We’re relieved that since EPO 5.X, they’ve implemented two databases; one for EPO and one for Events; effectively splitting the load in size and safeguarding the crucial […]

Mcafee/Trellix: ATP/TIE Threat Intelligence Exchange im Einsatz

Ransomware in der Schweiz Lösungsansätze für mehr Cybersicherheit Die Bedrohung durch Ransomware in der Schweiz erfordert intelligente Lösungen. Eine effektive Methode, die sich bewährt hat, ist der Einsatz von “Black/White-Listing” Technologien, wie sie beispielsweise von McAfee TIE bereitgestellt werden. Diese fortschrittliche Technologie, die auf intelligenter Listenführung basiert, stellt derzeit die einzige wirksame Lösung dar, um […]

Install McAfee/Trellix Endpoint Security Platform for Linux and Endpoint Security for Linux Threat Prevention on Centos Stream

  McAfee Endpoint Security Platform for Linux and McAfee Endpoint Security for Linux Threat Prevention Mcafee/Trellix is one of the security vendors which cover every client OS. I personal only work with Linux based on CENTOS Stream private or on the job with security appliances or MDM managment Servers. I love Centos and it has […]

Mix on MINIDRIVER Security and Profile Virtualisation and performance (Mcafee/Trellix, Rapid 7 and Ivanti on same VDI)

  What is a minidriver? https://learn.microsoft.com/en-us/windows-hardware/drivers/stream/class-driver-and-minidriver-definitions In the world of Windows operating systems, minidrivers play a crucial role in facilitating communication between the hardware and the operating system. However, having several minidrivers installed on a Windows 10 or 11 system can potentially lead to performance problems. Here’s why:   1. Resource Consumption: Each minidriver consumes […]