February 2011 Archives
Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key. An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users.
Since the Microsoft Malware Protection Engine is a part of several Microsoft anti-malware products, the update to the Microsoft Malware Protection Engine is installed along with the updated malware definitions for the affected products. Administrators of enterprise installations should follow their established internal processes to ensure that the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly.
Typically, no action is required of enterprise administrators or end users to install this update, because the built-in mechanism for the automatic detection and deployment of this update will apply the update within the next 48 hours. The exact time frame depends on the software used, Internet connection, and infrastructure configuration.
Title: Microsoft Security Bulletin Re-Releases
Issued: February 22, 2011
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.
* MS10-077 - Critical
* MS10-070 - Important
* MS10-077 - Critical
- Reason for Revision: V3.0 (February 22, 2011): Announced a detection change to offer the Microsoft .NET Framework 4.0 update packages to customers who install Microsoft .NET Framework 4.0 after installing Windows 7 for x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, or Windows Server 2008 R2 for Itanium-based Systems Service Pack 1. Customers who have already successfully updated their systems do not need to take any action.
- Originally posted: October 12, 2010
- Updated: February 22, 2011
- Bulletin Severity Rating: Critical
- Version: 3.0
* MS10-070 - Important
- Reason for Revision: V4.0 (February 22, 2011): Announced a detection change to offer the Microsoft .NET Framework 4.0 (KB2416472) update packages to customers who install Microsoft .NET Framework 4.0 after installing Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, or Windows Server 2008 R2 for Itanium-based Systems Service Pack 1. Customers who have already successfully updated their systems do not need to take any action.
- Originally posted: September 28, 2010
- Updated: February 22, 2011
- Bulletin Severity Rating: Important
- Version: 4.0
- Get to ConfigMgr 2007 SP2 - Done
- Avoid mixing user and devices in collection definitions - Done
- Yep, this one is kind of meaningless right now since we don't *yet* offer user centric deployments
- Don't use collections with multiple query rules which limit to different collections.
- This could be a big one here since we do a fair amount of collection limiting. So, basically we all need to get really good at WQL so we can do all the limiting in in the query (using joins and other commands)
- Send questions to the list
- Package source path needs to be UNC - done
- I may have a couple I need to clean up centrally, but we should be pretty much set here
- Site codes between ConfigMgr 2007 and ConfigMgr 2012 site need to be unique - easy
- One that wasn't listed (since the have a migration strategy for that) is flatten your site - done, we're as flat as they come
- Running executions will show more details (Thanks to Mark Whittle)
- Advertisements for Task-Sequences do now have a different icon than normal advertisements.
- Packages from within a TS will be highlighted with a different color (green) in the advertisements list.
- some bug fixes...
It does as the title says, it does some registry work and it also sets some stuff in the default user profile. That section may be useful for anyone setting certain settings in the default user profile that can't be set for users through group policy.
How to create a notification window with Microsoft Visual C++ 2010 Express Edition.
This guy is good. Nice little script for those that can't use PXE.
Respository of collection queries.
Coolest part of the blog post, go to http://www.html5test.com to test your browser's HTML5 compatibility.
Short video on setting your execution policy through group policy.
Even though IE9 has worked out for me since beta and is 100x better in RC. We may not be ready to push IE9 widely once it's released. For those of you that run your own WSUS, you may want to download the IE9 blocker.
Nice post on what's new in IE9 RC.
Best improvement, see below:
SP1 will be availabe to volume license customers (us) on February 16th!
Overview of SP1
Windows Server team write up on SP1
Deployment Guide for Windows Server 2008 R2 with SP1 and Windows 7 with SP1
Documentation for Windows 7 and Windows Server 2008 R2 Service Pack 1 Release Candidate (KB976932)
Issues with RSAT if you try to install RSAT after you install SP1
And a follow up blog post
Information on what's new in IE 9 RC!
In development now, but beta in March. And then, for all you MDOP subscribers, they're working at adding it to the MDOP package.
I signed up for the Beta notice, so I'll post again when it's released.
Nice write up and usage of powershell for troubleshooting Windows 7.
Some unpatched vulnerabilities in Office 2003 and 2007 have been publicly released by DVLabs. Migitation strategies are listed in the article.
Good article. Especially for everyone with servers that may be doing static IPs.
Great book on working with WMI with PowerShell, it gives a really good overview of WMI and WQL also. Well worth downloading to learn to use PowerShell in WMI and as reference.
It's really a PDF, not an eBook (since the standard is .epub now)
Good article on IT maturity at an organization.
Gartner says ConfigMgr can execute better than anyone else. But, lacks a bit in completeness of vision. It's due time for MS to add non-Windows support natively...
From the article: The PCCLM market continues to mature; however, most of the vendors decreased in Completeness of Vision, because they are behind the market in meeting several emerging requirements, including non-Windows device management, desktop virtualization management and software as a service.
Here come the Adobe patches...
Former Director of NTS, Carolyn Parnell, is the new State of Minnesota CIO!
Two support useful links are given in the following post.
The links themselves:
How to obtain error code descriptions in System Center Configuration Manager 2007 reports
Good read on IPv6. Just a note, he's not saying leave all the tunneling protocols on, just IPv6.
After a wonderful sequencing session today I found out a service pack is coming out for App-V 4.6. It has some nice new features! Find out more about it at the link below:
Nice script to do exactly as it's titled. You can pass it an array or if no items are passed it'll grabe the local machines information.
It also touches on security issues while transitioning to IPv6. Sooo, our security team had valid concerns...
OK, enough love for OIT-SEC tonight.
They use the acronyms FDCC and NIST almost more than Paul Dokas did. But, it's a good thing... especially since Microsoft did the work for us!
Very nice addin once we get rolling with DCM (Desired Configuration Management) see http://technet.microsoft.com/en-us/library/bb680553.aspx
It's been in beta for awhile, but it's finally released and widely available.
The Chem4Word Project (http://research.microsoft.com/chem4word) began in 2008 as a collaboration between Microsoft Research and the University of Cambridge, designed to make it easier to insert and modify chemical information (labels, formulas, 2-D depictions, etc.) from within Microsoft Office Word, and also to have the chemical information stored and manipulated in a semantically rich manner.
It finally happened, fake AV is using a real AV's name.
For you security conscious folks out there that speak Itailian. :)
It's in Italian, but with good screen shots and you can download the admx template. I haven't tested this, but am on a list where different admins have. I did crack the .admx and it looks good, but make sure to test in your environment, the .adml will give you an overview in english of what the .admx does. Both a veiwable in notepad.