What does “A referral was returned from the server” on Windows mean?

It turns out, it can mean the binary you are running has a bad certificate.

Bust this.

I downloaded the latest insider preview for the Windows 10 ADK.

Then I simply wanted to capture a trace…

Ok…so, weird? So I launch a command prompt, try it that way, (WPR works fine, just no UI btw).

Ok…weird-er?

So I procmon’d it. ‘Cause, “when in doubt, procmon

Why is WPRUI.exe being scanned heavily by Defender? What gives?

Ok, and what is BAM.sys? Exactly?

So, I did some searching, and someone noticed if they get this error “A referral was returned from the server” it meant digital sigs were busted… so I checked. Surely Microsoft didn’t ship a binary with a bad cert…right?

……..

So that’s a quick and dirty “Why the hell is this happening” brought to you by the dude.

 

Cheers

 

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.