February 2011 Archives

Good post that has links to all 6 parts of the blog.

http://bit.ly/g38WCt

Along with that, Microsoft has new certifications for 'cloud'

Shouldn't affect us in the enterprise we're we don't use FEP.  For home users that have Security Essentials it should upgrade automatically.  I've pasted the summary below.

Executive Summary

Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key. An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users.

Since the Microsoft Malware Protection Engine is a part of several Microsoft anti-malware products, the update to the Microsoft Malware Protection Engine is installed along with the updated malware definitions for the affected products. Administrators of enterprise installations should follow their established internal processes to ensure that the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly.

Typically, no action is required of enterprise administrators or end users to install this update, because the built-in mechanism for the automatic detection and deployment of this update will apply the update within the next 48 hours. The exact time frame depends on the software used, Internet connection, and infrastructure configuration.


http://www.microsoft.com/technet/security/advisory/2491888.mspx

2 Microsoft Security Bulletins Re-releases

| No Comments

********************************************************************

Title: Microsoft Security Bulletin Re-Releases

Issued: February 22, 2011

********************************************************************

 

Summary

=======

The following bulletins have undergone a major revision increment.

Please see the appropriate bulletin for more details.

 

  * MS10-077 - Critical

  * MS10-070 - Important

 

Bulletin Information:

=====================

 

* MS10-077 - Critical

 

-          http://www.microsoft.com/technet/security/bulletin/ms10-077.mspx

-          Reason for Revision: V3.0 (February 22, 2011): Announced a detection change to offer the Microsoft .NET Framework 4.0 update packages to customers who install Microsoft .NET Framework 4.0 after installing Windows 7 for x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, or Windows Server 2008 R2 for Itanium-based Systems Service Pack 1. Customers who have already successfully updated their systems do not need to take any action. 

-          Originally posted: October 12, 2010

-          Updated: February 22, 2011

-          Bulletin Severity Rating: Critical

-          Version: 3.0

   

* MS10-070 - Important

 

-          http://www.microsoft.com/technet/security/bulletin/ms10-070.mspx

-          Reason for Revision: V4.0 (February 22, 2011): Announced a detection change to offer the Microsoft .NET Framework 4.0 (KB2416472) update packages to customers who install Microsoft .NET Framework 4.0 after installing Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, or Windows Server 2008 R2 for Itanium-based Systems Service Pack 1. Customers who have already successfully updated their systems do not need to take any action. 

-          Originally posted: September 28, 2010

-          Updated: February 22, 2011

-          Bulletin Severity Rating: Important

-          Version: 4.0 

Preparing for ConfigMgr 2012

| No Comments
As some of you know I'm participating in the ConfigMgr 2012 CEP (Customer Experience Program).  Today's session was on migrating from ConfigMgr 2007 to ConfigMgr 2012.  See the below list for things we can do to prepare for ConfigMgr 2012, and how prepared we already are :)

  • Get to ConfigMgr 2007 SP2 - Done
  • Avoid mixing user and devices in collection definitions - Done
    • Yep, this one is kind of meaningless right now since we don't *yet* offer user centric deployments
  • Don't use collections with multiple query rules which limit to different collections.
    • This could be a big one here since we do a fair amount of collection limiting.  So, basically we all need to get really good at WQL so we can do all the limiting in in the query (using joins and other commands)
    • Send questions to the list
  • Package source path needs to be UNC - done
    • I may have a couple I need to clean up centrally, but we should be pretty much set here
  • Site codes between ConfigMgr 2007 and ConfigMgr 2012 site need to be unique - easy
  • One that wasn't listed (since the have a migration strategy for that) is flatten your site - done, we're as flat as they come


OffiSync = Best app ever!

| No Comments
Thanks to Yuemo Zeng for finding this app and letting me know about it!

http://offisync.com/ 

I've been using this app and it's been great to migrate all our documents from our current document management system to Google Docs.  It's a Word add-in that creates another ribbon for you to use that you can save your documents up to Google docs after working on them in Word, directly from Word.  It also will merge your changes with changes another user is making when its uploaded.  Also, if you need to convert your document it will convert it for you by default, but does allow the option to keep it's current formatting.

Unfortunately, it doesn't seem to get around Google's 1 MB limit for converting documents to Google documents.  But I wouldn't expect it to, it just would have been great!

Thanks to Derek from OIT-SEC for pointing out the scripting games have begun.  If you haven't started to learn PowerShell, now's the perfect time!

Scripting games study guide
Client Center Tools have been updated!

http://myitforum.com/cs2/blogs/rzander/archive/2011/02/22/client-center-update-2-0-3-3.aspx 

  • Running executions will show more details (Thanks to Mark Whittle)
  • Advertisements for Task-Sequences do now have a different icon than normal advertisements.
  • Packages from within a TS will be highlighted with a different color (green) in the advertisements list. 
  • some bug fixes...
Nice variable for using the full UNC path to a file on the DP during a Task Sequence.  Note that since this is a UNC path it only works for SMB, not HTTPs.

http://blogs.1e.com/index.php/2009/05/22/configmgr-task-sequence-variable-for-distribution-point/
FYI, for those upgrading from Windows 7 to SP1.

Good talk on balancing work life.

http://www.ted.com/talks/nigel_marsh_how_to_make_work_life_balance_work.html

Interesting post for a Sunday afternoon, eh?

Mark Cochrane's RegKeyToMof v2.6

| No Comments
Sweet stuff for extending inventory.

http://www.myitforum.com/absolutenm/templates/Articles.aspx?articleid=22260&zoneid=89

Nice blog post!  For any of you using certificates for LOB functions, here's a good way to get a list of certificates that are expiring soon.  If the beginning of the blog seems confusing, just scroll down the function he wrote that you can download.

http://blogs.technet.com/b/heyscriptingguy/archive/2011/02/16/use-powershell-and-net-to-find-expired-certificates.aspx

Answers some questions about the WAIK and what's new in WinPE3.1.

http://blogs.technet.com/b/mniehaus/archive/2011/02/17/windows-aik-for-windows-7-sp1-released.aspx 


Chrome blows away the competition in another category too. :)  I don't think they'll be bragging about this one.

http://www.gfi.com/blog/top-vulnerable-applications-operating-systems-2010/ 

I want one!

http://www.educause.edu/blog/vvogel/InCommonAnnouncesEVPersonalCer/223875


Just a short list of programs that have compatibility issues with Win7 SP1.  It'll get added to as needed.

http://support.microsoft.com/kb/2492938/en-us


Windows 0-day SMB mrxsmb.dll vulnerability

| No Comments
FYI

http://isc.sans.edu/diary.html?storyid=10423


Remote Management of BIOS Configuration

| No Comments
It's a good read.  Has some nice scripts for querying information and using ConfigMgr for settings.  One word of caution though, is it is a vendor whitepaper so they show off there product.  But, it still contains some great information.

http://www.scribd.com/doc/47469455/Remote-Management-of-BIOS-Configuration


Information Systems Specialist at Luther Seminary in St. Paul, MN.

http://www.educause.edu/Professional+Development/JobOpportunities/InformationSystemsSpecialist/223761
More good information for SA customers (which includes us).


Here's and excerpt from the Windows team blog, at

We are also pleased to announce Windows Thin PC (WinTPC), an upcoming SA benefit. WinTPC is a smaller footprint, locked down version of Windows 7, designed to allow customers to repurpose their existing PCs as thin clients. PCs with WinTPC will not require the VDA license that regular thin clients will need to access VDI desktops. WinTCP is expected to be available for download from the Microsoft Connect Site in Q1 2011.

It does as the title says, it does some registry work and it also sets some stuff in the default user profile.  That section may be useful for anyone setting certain settings in the default user profile that can't be set for users through group policy.

http://myitforum.com/cs2/blogs/rbennett806/pages/vbscript-to-customize-the-os-during-deployment.aspx



 

How to Create a Notification Window - AngryGorilla

| No Comments

How to create a notification window with Microsoft Visual C++ 2010 Express Edition.

http://myitforum.com/cs2/blogs/rbennett806/pages/how-to-create-a-notification-window.aspx



 

VBScript to Eject WinPE Discs - AngryGorilla

| No Comments

This guy is good.  Nice little script for those that can't use PXE.

http://myitforum.com/cs2/blogs/rbennett806/pages/vbscript-to-eject-winpe-discs.aspx



 

Collection Queries - AngryGorilla

| No Comments

Microsoft's IE9: Don't believe the hype • The Register

| 1 Comment

Coolest part of the blog post, go to http://www.html5test.com to test your browser's HTML5 compatibility.

http://www.theregister.co.uk/2011/02/14/ie_9_release_candidate_review/



 

Short video on setting your execution policy through group policy.

http://www.techrepublic.com/blog/itdojo/video-set-the-powershell-execution-policy-via-group-policy/2395

Even though IE9 has worked out for me since beta and is 100x better in RC.  We may not be ready to push IE9 widely once it's released.  For those of you that run your own WSUS, you may want to download the IE9 blocker.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=a6169467-b793-4d17-837d-01776bf2bea4&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+MicrosoftDownloadCenter+%28Microsoft+Download+Center%29



 

IE9 RC Minor Changes List - EricLaw's IEInternals

| No Comments

Nice post on what's new in IE9 RC. 

http://blogs.msdn.com/b/ieinternals/archive/2011/02/11/ie9-release-candidate-minor-changes-list.aspx

Best improvement, see below:

  • The prefix JavaScript: is stripped from any text pasted into the IE9 address bar. This mitigates a socially-engineered XSS attack common on social networks wherein users were tricked into performing self-inflicted XSS injections upon themselves.  No, CTRL+C,ALT+D,CTRL+V, ENTER will not give you magical powers



 

Windows 7 Service Pack 1 (SP1) RTM information

| No Comments

SP1 will be availabe to volume license customers (us) on February 16th!

Overview of SP1

http://technet.microsoft.com/en-us/library/ff817622(WS.10).aspx

Windows Server team write up on SP1

http://blogs.technet.com/b/windowsserver/archive/2011/02/09/windows-server-2008-r2-and-windows-7-sp1-releases-to-manufacturing-today.aspx

shortlink:  http://bit.ly/hPvpoT

Deployment Guide for Windows Server 2008 R2 with SP1 and Windows 7 with SP1

http://technet.microsoft.com/en-us/library/ff817650(WS.10).aspx

Documentation for Windows 7 and Windows Server 2008 R2 Service Pack 1 Release Candidate (KB976932)

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=61924cea-83fe-46e9-96d8-027ae59ddc11&displaylang=en

shortlink:  http://bit.ly/eduyxe

Issues with RSAT if you try to install RSAT after you install SP1

http://blogs.technet.com/b/askds/archive/2011/02/10/rtm-rsat-and-sp1-win7-shot-over.aspx


And a follow up blog post

http://windowsteamblog.com/windows/b/bloggingwindows/archive/2011/02/16/windows-7-sp1-follow-up.aspx 

 

In development now, but beta in March.  And then, for all you MDOP subscribers, they're working at adding it to the MDOP package.

http://windowsteamblog.com/windows/b/springboard/archive/2011/02/09/microsoft-announces-microsoft-bitlocker-administration-and-monitoring-mbam.aspx

I signed up for the Beta notice, so I'll post again when it's released.

Some unpatched vulnerabilities in Office 2003 and 2007 have been publicly released by DVLabs.  Migitation strategies are listed in the article.

http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft

IPv6 Static Addressing and DNSv6 | Network World

| No Comments

Good article.  Especially for everyone with servers that may be doing static IPs.

http://www.networkworld.com/community/node/71252

eBook: WMI Query Language via PowerShell

| No Comments

Great book on working with WMI with PowerShell, it gives a really good overview of WMI and WQL also.  Well worth downloading to learn to use PowerShell in WMI and as reference.

It's really a PDF, not an eBook (since the standard is .epub now)

http://www.ravichaganti.com/blog/?p=1979



 

Gartner says ConfigMgr can execute better than anyone else.  But, lacks a bit in completeness of vision.  It's due time for MS to add non-Windows support natively...

From the article:  The PCCLM market continues to mature; however, most of the vendors decreased in Completeness of Vision, because they are behind the market in meeting several emerging requirements, including non-Windows device management, desktop virtualization management and software as a service.

http://www.gartner.com/technology/media-products/reprints/microsoft/vol2/article6/article6.html



 

Minn. governor names new state CIO

| No Comments

Former Director of NTS, Carolyn Parnell, is the new State of Minnesota CIO!

http://civsourceonline.com/2011/02/02/minn-governor-names-new-state-cio/


 

Two support useful links are given in the following post.

http://blogs.technet.com/b/configurationmgr/archive/2011/02/02/information-on-error-codes-in-configuration-manager-2007.aspx

The links themselves:

How to obtain error code descriptions in System Center Configuration Manager 2007 reports

http://support.microsoft.com/kb/944375/en-us

Custom Error Codes for Configuration Manager 2007

http://technet.microsoft.com/en-us/library/bb632794.aspx

Good read on IPv6.  Just a note, he's not saying leave all the tunneling protocols on, just IPv6.

http://blogs.technet.com/b/jlosey/archive/2011/02/02/why-you-should-leave-ipv6-alone.aspx



 

A Preview on App-V 4.6 SP 1

| No Comments

After a wonderful sequencing session today I found out a service pack is coming out for App-V 4.6.  It has some nice new features!  Find out more about it at the link below:

http://kirxblog.wordpress.com/2010/11/24/a-preview-on-app-v-46-sp-1/

PowerShell Code Repository - Get-DellWarranty

| No Comments

Nice script to do exactly as it's titled.  You can pass it an array or if no items are passed it'll grabe the local machines information.

http://poshcode.org/2482



 

It also touches on security issues while transitioning to IPv6.  Sooo, our security team had valid concerns...

http://www.securityweek.com/ddos-attacks-exceed-100-gbps-attack-surface-continues-expand

OK, enough love for OIT-SEC tonight.

They use the acronyms FDCC and NIST almost more than Paul Dokas did.  But, it's a good thing...  especially since Microsoft did the work for us!

http://blogs.technet.com/b/systemcenter/archive/2011/02/01/system-center-configuration-manager-extensions-for-scap-ver2-1-now-available.aspx

Very nice addin once we get rolling with DCM (Desired Configuration Management) see http://technet.microsoft.com/en-us/library/bb680553.aspx

Chemistry Add-in for Word

| No Comments

It's been in beta for awhile, but it's finally released and widely available. 

Overview

The Chem4Word Project (http://research.microsoft.com/chem4word) began in 2008 as a collaboration between Microsoft Research and the University of Cambridge, designed to make it easier to insert and modify chemical information (labels, formulas, 2-D depictions, etc.) from within Microsoft Office Word, and also to have the chemical information stored and manipulated in a semantically rich manner.

http://chem4word.codeplex.com/

For you security conscious folks out there that speak Itailian. :)

http://www.notageek.it/group-policy-workaround-kb2501696-cve-2011-0096.html

It's in Italian, but with good screen shots and you can download the admx template.  I haven't tested this, but am on a list where different admins have.  I did crack the .admx and it looks good, but make sure to test in your environment, the .adml will give you an overview in english of what the .admx does.  Both a veiwable in notepad.

About this Archive

This page is an archive of entries from February 2011 listed from newest to oldest.

January 2011 is the previous archive.

March 2011 is the next archive.

Find recent content on the main index or look in the archives to find all content.