Archives
-
Protection metrics – November results
In our October results, we talked about a trio of families related to Win32/Sefnit. Our November results showed progress against Sefnit and the installers and downloaders of Sefnit (Win32/Rotbrow and Win32/Brantall). In comparison to September, active Sefnit infections have been reduced by 82 percent. As with prior months, our rate of incorrect detections also remained low and performance stayed consistent.
-
Turkey: Understanding high malware encounter rates in SIRv15
In our most recent version of the Security Intelligence Report (SIRv15), we compared the encounter rates of malware categories for the top 10 countries with computers reporting the most detections in 2Q13. Amongst these countries, Turkey stood out with considerably high encounter rates in multiple categories. Encounter rate is the percentage of computers in a country that reported at least one detection of malware.
-
New blog article about High Availability and Disaster Recovery with Lync Server 2013 Persistent Chat
There's a new article posted by Richard Schwendiman about High Availability and Disaster Recovery with Lync Server 2013 Persistent Chat: Lync 2013 Persistent Chat HA\DR Deep Dive Pt. 1 Abstract As everyone knows by now, with the release of Lync...(read more)
-
Updates: Coreinfo v3.21, Disk2vhd v2.0, LiveKd v5.31
Coreinfo v3.21: CoreInfo is a command-line tool for reporting processor topology, NUMA performance, and processor features. The v3.21 release adds microcode reporting.
-
KB: Current list of App-V 5.0 file versions
This article is a quick reference to determine Microsoft Application Virtualization 5.0 (App-V 5.0) file versions. This is helpful to support personnel in determining whether an environment is using the latest binaries.
-
Here are David Rothschild’s data-powered predictions for 2014, from the Super Bowl to Hillary Clinton
-
Predictions for 2014 and the December 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the December 2013 Security Bulletin Webcast Questions & Answers page. We answered 17 questions in total, with the majority of questions focusing on the Graphics Component bulletin (MS13-096), Security Advisory 2915720 and Security Advisory 2905247.
-
Hotfix Package 3 for Microsoft Application Virtualization 5.0 SP1 now available
Hotfix Package 3 for Microsoft Application Virtualization 5.0 SP1 (App-V 5.0 SP1) is now available for download. To see what’s fixed and get a download link, please see the following:
-
Be a real security pro - Keep your private keys private
One of the many unusual characteristics of the Stuxnet malware that was discovered in 2010 was that its files were distributed with a valid digital signature, created using authentication credentials that belonged to two unrelated legitimate software companies. Normally the signature would verify that the program was issued by the company listed in the signing certificate, and that the contents of the program had not been tampered with since it was signed. By using other companies’ authentication credentials to sign their own files, malware distributors are able to make it appear that their files have come from a more trustworthy source.
-
Hotfix Package 4 for Microsoft Application Virtualization 4.6 Service Pack 2 is now available
Hotfix Package 4 for Microsoft Application Virtualization 4.6 Service Pack 2 is now available for download. It contains the latest hotfixes for Microsoft Application Virtualization 4.6 Service Pack 2 (App-V 4.6 SP2). To see what’s fixed and get a download link, please see the following:
-
KB: How to deploy and manage Office 2013 on App-V 5.0
This article describes the supported scenarios for various versions of Microsoft Office and Microsoft Application Virtualization (App-V). The following product versions are included in this article:
-
Microsoft and Dell’s Continued Collaboration on VDI Solutions on Display at Dell World
In October, we announced Windows Server 2012 R2 which delivers several exciting improvements for VDI solutions. Among the benefits, Windows Server 2012 R2 reduces the cost per seat for VDI as well as enhances your end user’s experience. The following are just some of the features and benefits of Windows Server 2012 R2 for VDI:
-
The case of the big AD LDS database
recently we were working with customers, who did run into issues where the AD LDS database grew very large and they ended up with a full disc on System Drive.
-
More details on some interesting updates we made to App-V 5.0 SP2
Microsoft’s Ben Hunter has a great new post on some of updates we made to App-V 5.0 SP2:
-
Support Tip: OpsMgr 2012 console issues fixed in Update Rollup 4 for System Center 2012 Service Pack 1
Just a quick note to let you know about a couple issues you may see with the System Center 2012 Operations Manager (OpsMgr 2012) admin console when installed on Windows 7 x64 (64-bit) with .Net 4.5 or .Net 4.5.1. Both of these are fixed in Update Rollup 4 for System Center 2012 Service Pack 1.
-
Rotbrow: the Sefnit distributor
This month's addition to the Microsoft Malicious Software Removal Tool is a family that is both old and new. Win32/Rotbrow existed as far back as 2011, but the first time we saw it used for malicious purposes was only in the past few months.
-
Omphaloskepsis and the December 2013 Security Update Release
There are times when we get too close to a topic. We familiarize ourselves with every aspect and nuance, but fail to recognize not everyone else has done the same. Whether you consider this myopia, navel-gazing, or human nature, the effect is the same. I recognized this during the recent webcast when someone asked the question – “What’s the difference between a security advisory and a security bulletin?” The answer was simple to me, as I’ve been doing this for years, but the question was valid and it reminded me that not every person on the planet knows all of the ins and outs of Update Tuesday.
-
KB: System Center 2012 R2 Data Protection Manager upgrade fails with ID: 4323 and "A member could not be added"
When you try to upgrade Microsoft System Center 2012 Data Protection Manager (DPM 2012) Service Pack 1 (SP1) to System Center 2012 R2 Data Protection Manager (DPM 2012 R2), the upgrade fails and you receive the following error message:
-
Security Advisory 2916652 released, Certificate Trust List updated
Microsoft is updating the Certificate Trust List (CTL) for all supported releases of Microsoft Windows to remove the trust of a mis-issued third-party digital certificate, which could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties. With this action, customers will be automatically be protected against this issue. Additionally, the Enhanced Mitigation Experience Toolkit (EMET) 4.0 and newer versions help mitigate man-in-the-middle attacks by detecting untrusted or improperly issued SSL certificates through the Certificate Trust feature.
-
Nokia Transitions
-
Important notes regarding the App-V 5.0 SP2 update
Please be aware that Microsoft Application Virtualization 5.0 Service Pack 2 (App-V 5.0 SP2) does not include a new version of the App-V Server. This means that currently the most recent version of the App-V 5.0 Server component is App-V 5.0 SP1. In addition, please make note of the following regarding App-V 5.0 SP2 clients:
-
KB: The System Center Management service stops responding after an instance of SQL Server goes offline
After an instance of Microsoft SQL Server that hosts the OperationsManager database goes offline, the System Center Management service of the Microsoft System Center 2012 Operations Manager Service Pack 1 (SP1) management server may stop responding.
-
Hotfix Package 2 for Microsoft Application Virtualization 5.0 Service Pack 1 now available
This Knowledge Base article describes a hotfix package that contains the latest hotfixes for Microsoft Application Virtualization 5.0 (App-V 5.0) Service Pack 1 (SP1). This hotfix package is applicable only to the server that is running App-V 5.0 SP1. We recommend that you test hotfixes before you deploy them in a production environment. Because the builds are cumulative, each new hotfix release contains all the hotfixes and all the security fixes that were included with the previous update package. We recommend that you consider applying the most recent fix release that contains the most necessary hotfixes.
-
Advance Notification Service for December 2013 Security Bulletin Release
Today we’re providing advance notification for the release of 11 bulletins, five Critical and six Important, for December 2013. The Critical updates address vulnerabilities in Internet Explorer, Windows, Microsoft Exchange and GDI+. The Critical update for GDI+ fully addresses the publicly disclosed issue described in Security Advisory 2896666.
-
Attempts to schedule a mailed report in DPM 2012 fail with “Reporting Services Server cannot connect to the DPM database”
~ Mike Jacquet
-
Bing Maps Preview app combines immersive, 3D imagery with information at your fingertips
-
KB: The DPM service crashes with Event ID 917 after you change a protection group
After you change a protection group in Microsoft System Center 2012 Data Protection Manager (DPM 2012), the DPM service crashes with Event ID 917 and the console shuts down. This affects only protection groups that are configured for long-term protection (for example, groups that are configured for tape backup), especially if those groups contain data sources that are SQL AlwaysOn databases.
-
Using Azure to provide a monitoring gateway into Operations Manager
Cameron Fuller, a System Center: Cloud and Datacenter Management MVP, just published a great post about the integration of Azure and System Center. As we start to see new features in both solutions, it begins to make the sum greater than the individual parts. Examples of these integrations include backup to the cloud in DPM, cloud-based distribution points in Configuration Manager and Global Service Monitor in Operations Manager. In this blog post, the first in a series Cameron is putting together, he discusses how to use Azure to provide a cost effective solution to monitor Windows servers regardless of their location or domain membership through the introduction of Azure Monitoring Gateway (AMGW).
-
Join the conversation about art and technology in this ‘Instance’ of found images and 3D scans
-
KB: Update rollup packages for System Center 2012 Operations Manager
This article lists all update rollup packages that were released for Microsoft System Center 2012 Operations Manager and Microsoft System Center 2012 Operations Manager Service Pack 1 (SP1). The updates are listed according to build number. Update rollup build numbers that have a larger numeric value include the fixes from all previously released update rollup packages. Any version of System Center 2012 Operations Manager can be updated to a later-version update rollup. You cannot uninstall a later-version update rollup to downgrade to an earlier-version update rollup.
-
App-V 5.0 SP2 and UE-V 2.0 are now available
We are excited to announce the broad availability of Microsoft Desktop Optimization Pack (MDOP) 2013 R2 for download. MDOP is a suite of virtualization, management and security technologies available as a subscription for Software Assurance customers that helps maximize the benefits offered by Windows.
-
How to automate the creation of App-V 5.0 Connection Group debug commands
As a follow up to his last article on how to automate the creation of App-V 5.0 debug command prompts, Microsoft’s Dave Falkus has another great post that explains how to automate the creation of App-V 5.0 connection group debug commands. As with his last article, if this is something you’ve struggled with or just want an easier way to do it, this is one you won’t want to miss.
-
FIXED: KB2775511 triggers Event 2115 in Operations Manager
As previously reported on this site, the Operations Manager support team identified a regression in a Windows update where installing 2775511 on Operations Manager Management Servers can cause agents or servers to deadlock. Once in deadlock, Management Servers will generate HeartBeat failures and will go into a “grayed out” state, thus devices managed by these Management Servers will also go into a “greyed out” or “not monitored state.”
-
KB: Upgrade to DPM 2012 fails if you use a manually installed instance of SQL Server 2008 R2
You may discover that you cannot select the "Use the dedicated instance of SQL Server" option when you upgrade to Microsoft System Center Data Protection Manager 2012 (DPM 2012) because the option is unavailable. When you point the installer to an existing local installation of DPM, you receive the following error message:
-
ChronoZoom is teaming up with teachers to rewrite history