|Message:||A corrupted calendar configuration was detected for user %1. Microsoft Exchange is resetting the configuration.|
This Error event indicates that the user’s calendar is corrupted or has been infected by a virus.
To resolve this error, contact Microsoft Customer Support. For information about how to contact support, visit Microsoft Help and Support.
If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.
|Product:||Windows Operating System|
|Message:||The File Replication Service paused because the staging area is full. Replication will resume if staging space becomes available or if the staging space limit is increased. The current value of the staging space limit is %1 KB. To change the staging space limit, run regedt32. Click on Start, Run and type regedt32. Click on the window entitled HKEY_LOCAL_MACHINE. Double click on SYSTEM, CurrentControlSet, Services, NtFrs, Parameters, and the value “Staging Space Limit in KB”.|
Modified files are temporarily stored in the staging area before being propagated to other replication partners or when received from them. To replicate files, File Replication Service (FRS) requires adequate staging area space on both upstream and downstream computers. There are four common reasons why the staging area might be full:
Follow the steps given in the message for increasing the size limit of the staging area. If the problem continues after the limit is increased, investigate other sources that might cause excessive numbers of staging files to be generated. Some potential sources are programs such as anti-virus or disk defragmenter software.
If space on the volume is low, advanced users can reconfigure the staging path using the following registry key:HKLM\System\CurrentControlSet\Services\NtFrs\Parameters\Replica Sets\ parameter “Replica set stage”
Usually, the default 660-MB limit for the staging area should be increased to approximately 1.5 GB, which is the size of the 128 largest files in the replica.
|Product:||Windows Operating System|
|Message:||%1 (%2) %3An attempt to open the file “%4” for read only access failed with system error %6: “%7”. The open file operation will fail with error %5.|
An error occurred while a file was being opened.
Probable causes include:
To solve this problem, do one or all of the following:
If the file is locked or in use:
If there is an Input/Output problem, do one or all of the following:
If the path was changed:
For more information about this event, see article Q823022 in the Microsoft Knowledge Base.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” Sun Tzu.
Sun Tzu’s words still resonate today. Organizations who know their adversaries, while being aware of their own strengths and vulnerabilities, stand a better chance in the ongoing cyber security war. Don’t wait until after your organization has been attacked to bolster your security posture. Go on the offensive against attackers.
What are some measures to ensure your organization is cyber resilient and ready for battle? We created the following tactical cyber security checklist based on best practices from the 2016 Internet Security Threat Report (ISTR), our annual report which provides an overview and analysis of the year in global threat acitivity.
- Ensure all devices allowed on company networks have adequate security protections.
Use active monitoring and configuration management to maintain an up-to-date inventory of devices connected to the enterprise network. This includes servers, workstations, laptops and remote devices.
- Implement a removable media policy.
Where practical, restrict unauthorized devices such as external portable hard-drives and other removable media. Such devices can both introduce malware and facilitate intellectual property breaches, whether intentional or unintentional. If external media devices are permitted, automatically scan them for viruses upon connection to the network and use a data loss prevention (DLP) solution to monitor and restrict copying confidential data to unencrypted external storage devices.
- Be aggressive in your updating and patching.
Update, patch, and migrate from outdated and insecure browsers, applications, and browser plug-ins. This also applies to operating systems, not just across computers, but mobile, ICS, and IoT devices as well. Keep virus and intrusion prevention definitions at the latest available versions using vendors’ automatic updates. Most software vendors work diligently to patch exploited software vulnerabilities; however, such patches can only be effective if adopted in the field. Wherever possible, automate patch deployments to maintain protection against vulnerabilities across the organization.
- Enforce an effective password policy.
Ensure passwords are strong and at least 8 -10 characters long with a mixture of letters and numbers. Encourage users to avoid re-using the same passwords on multiple websites, and sharing of passwords with others should be forbidden. Passwords should be changed regularly—at least every 90 days.
- Ensure regular backups are available.
Create and maintain regular backups of critical systems, as well as endpoints. In the event of a security or data emergency, backups should be easily accessible to minimize downtime of services and employee productivity.
- Restrict email attachments.
Configure mail servers to block or remove email that contains file attachments that are commonly used to spread viruses, such as .VBS, .BAT, .EXE, .PIF, and .SCR files. Enterprises should investigate policies for PDFs that are allowed to be included as email attachments. Ensure that mail servers are adequately protected by security software and that email is thoroughly scanned.
- Ensure that you have infection and incident response procedures in place.
- Keep your security vendor contact information handy, know who you will call, and what steps you will take if you have one or more infected systems.
- Ensure that a backup-and-restore solution is in place in order to restore lost or compromised data in the event of successful attack or catastrophic data loss.
- Make use of post-infection detection capabilities from web gateway, endpoint security solutions and firewalls to identify infected systems.
- Isolate infected computers to prevent the risk of further infection within the organization, and restore using trusted backup media.
- If network services are exploited by malicious code or some other threat, disable or block access to those services until a patch is applied.
While you check off these best practices, be sure to also test, test, and test. Are your security solutions updated regularly? Do you know how your team will respond in the event of a data breach? It’s important to constantly test not only your security technology but also the teams that manage the solutions to stay ahead of threats.