Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Windows
Sysmon: extract ProcessGUIDs, ParentProcessGUIDs, LogonGUIDs
How can we extract the data obtained by Sysmon like ProcessGUIDs, ParentProcessGUIDs, LogonGUIDs? Someone wrote a small PowerShell script. Perhaps interesting for one or the other reader.
Windows Policy Analyzer: June 2018 update
Policy Analyzer is a utility in the Security Compliance Toolkit for analyzing and comparing sets of Group Policy Objects (GPOs), which has been received a minor update End of June 2018.
Windows Event ID 4624 – Login codes explained
A short tip for administrators of Windows systems who perform forensic analyses with regard to logon processes. Windows events with event ID 4624 have a numeric code that indicates the type of logon (or logon attempt).
Windows Defender reports Trojans as false positives
[German]Users of Windows seem to have been startled in the last few weeks by false alarms from Windows Defender. Defender suddenly believed to have detected the Trojan Win32/Bluteal.B!rfn in regular files.
Survey: Satisfaction with Windows Update in Business?
Small hint for administrators who (must) responsible for distributing Windows updates in business environments. There is a survey (not from Microsoft, but from MVP colleague Susan Bradley), which deals with the satisfaction with Windows Update in this area.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Fix: Windows 10 hangs in update installation loop
[German]Windows 10 (and earlier versions of Windows, if applicable) fails in some situation during update installation may be forced into an update install loop. In this blog post I try to sketch what you can do. I wrote the hints … Continue reading
WSUS synchronized 45 updates (06/16/2018)
A brief information for administrators. Blog reader Markus K. informed me that 45 updates for Windows, Office etc. were re-synchronized in WSUS on Saturday, June 16, 2018..
Update your INTEL-SA-00086 Detection Tool
[German]If you are using the INTEL-SA-00086 Detection Tool to analyze the computer for vulnerabilities, you should update the tool. Older versions do not recognize certain vulnerabilities.
Windows and OS market share in May 2018
[German]Figures for operating system distribution on the desktop for the end of May 2018 are available at the beginning of June 2018. And there are absolute numbers for Windows 10 from Microsoft. Here is an overview.
0day patch for CVE-2018-8174 available
[German]0patch has released a 0day patch to fix a critical vulnerability (CVE-2018-8174) in Windows VBScript Engine. This will be helpful for users who are not able to install May 2018 security updates due to issues.