I’ll keep this post short. If you are unaware, there’s been a big hack on exchange servers.
Microsoft Exchange hack, explained (cnbc.com)
I ran the IOC scripts from MS, was I affected, it appears I may have.
Initiated my own lab DRP/BCP. Informed myself that services would be down, and restored AD and Exchange from backups before the logged incidents. Took the OWA Rev proxy rule down till the servers could be fully patched.
Booted restored VMs, patched, hopefully good to go.
Then doing patch Tuesday updates users laptops start failing to boot after installing KB5000802. All I could find was news of prints causing BSODs classic.. BSODs! In my case it was causing boot crashing, I did my usual trick, but I got a different error, then ran the Windows Start up repair process, which amazingly got it to boot but said it reverted an updated (the one above). i attempted a install again, but same problem. I didn’t want to re-image as it was an VIPs machine, and time was of the essence. I took a whim, and decided to install all the latest drivers from the laptop OEM vendor (In case some was using MS drivers instead), after that tried the update again, and got a successful install. Phewwww!