Yesterday, January 13th an unintentional impact was triggered by a pattern update (1.381.2140.0) to users that had the ASR rule “Block Win32 API calls from Office macro” set to block mode. The impact was hard to miss, shortcuts pinned to taskbar & in the start menu went missing. The best thing to do was change …
Category: Security
Oct 14
Delete OEM drivers (to enable memory integrity)
On Windows 10/11 when memory integrity cannot be switched on due to incompatible drivers, you can use pnputil.exe to remove the affected OEM drivers Open Windows Security Select Device Security Select the Core isolation details Set the slider to ON to enable core isolation If any incompatible (old) drivers are on the system, you will …
May 03
Catching Malware Like Pro – Part 2
In part 1 I wrote about the use of multiple engines at once for 1 file, now let’s see how to quickly check a device for malware using the same technology. The VirusTotal service has an api interface & can be used scripted. Sysinternals a must have toolset for every ITPro has integrated the service …
May 01
Catching Malware Like Pro – Part 1
Most IT-Pro’s I talk to on this topic have the same answer when it comes to catching a possible virus on a machine. Important steps to take: Remove the device from the corp network Scan the device with the ‘favorite’ antivirus product If the step above fails to find it, use another antivirus/antimalware product ….. …
Oct 17
Fix issues with modern authentication on Windows 10
Example: Outlook Auth => Needs Password over & over again or, very fast auth screen pop-up disappears without successful authentication In settings /Accounts /Email & Accounts/Accounts used by other apps/ adding a work or school account does not work In settings / System /Shared experiences the fix button doesn’t work C:\Users\%username%\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Is empty or corrupted FIX …
May 31
Patch Your Systems Now!
Microsoft released a patch for XP/2003 to 7/2008R2 two weeks ago, patching a vulnerability in the RDP protocol, leaving this one unpatched has the potential of becoming an issue of Wannacry proportions. https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/
Sponsored by Aurelium NV
Microsoft Learn
Get Your Microsoft Trainings here:Running on Microsoft Azure
TechNine App
