by Mark | Feb 16, 2016 | SCCM
SCCM – version 1511 New Features
The latest version of Microsoft’s System Centre Configuration Manager has been released. (SCCM 1511). While we all expected this to be called SCCM 2016, it is in fact now called SCCM 1511. The new versioning is due to the fact that SCCM update cycle will be frequent. Every new version will be named as SCCM YYMM (Year and Month). Version 1511 was released on the 15th of November, hence 1511.
The new features as part of this release are as follows;
Windows 10
- Windows 10 servicing
- Sideloading apps in Windows 10
- Compliance settings for Windows 10
Infrastructure
- Preferred management points
- Single Primary site supports up to 150k clients and 700k client in a hierarchy
- Support for Microsoft Azure virtual machines
- Diagnostics and Usage Data
- Service a server cluster
- Support for SQL Server AlwaysOn for highly available databases
- Integration with Windows Update for Business
Console
- Natively manage Office 365 desktop client update
- Deploy Windows Business Store applications
- Support for multiple Automatic Deployment Rules
- Client deployment status in console monitoring
- Schedule and run the WSUS clean up task from the Configuration Manager console
- Updates and servicing
- Client piloting to preproduction
- Software Center
Operating System Deployment
- Windows 10 in-place upgrade task sequence
- Windows PE Peer Cache
Mobile Device Management
- Mobile device management (MDM) feature parity between Intune stand-alone and Configuration Manager
- Mobile Application Management
- Data protection for mobile devices
- On-premises mobile device management (MDM)
- App deployment to Windows 10 devices with on-premises MDM
- Certificate provisioning is supported for Windows 10 devices that you manage using on-premises mobile device management.
- Improved workflow for creating mobile device configuration items
- Bulk enrollment of Windows 10 devices with on-premises MDM
- Wipe and retire for on-premises mobile device management
A perfect addon for SCCM patching deployment to your virtual machines, is our product known as SnaPatch. Click here to see how SnaPatch can help you reduce the risk of patch deployment.
by Mark | Feb 10, 2016 | How To, Patch Management, Patch Releases, SCCM
The following thirteen Patch Tuesday updates / patches have been released by Microsoft for the Febuary 2016 Update deployment.
Are you ready to start deploying and remove the patching risk using SnaPatch Patch Management Software?
MS16-009 – Critical
Cumulative Security Update for Internet Explorer (3134220)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-011- Critical
Cumulative Security Update for Microsoft Edge (3134225) This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-012 – Critical
Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3138938) This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if Microsoft Windows PDF Library improperly handles application programming interface (API) calls, which could allow an attacker to run arbitrary code on the user’s system. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. However, an attacker would have no way to force users to download or open a malicious PDF document.
MS16-013 – Critical
Security Update for Windows Journal to Address Remote Code Execution (3134811)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS16-014 – Important
Security Update for Microsoft Windows to Address Remote Code Execution (3134228) This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.
MS16-015 – Important
Security Update for Microsoft Office to Address Remote Code Execution (3134226) This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-016 – Important
Security Update for WebDAV to Address Elevation of Privilege (3136041) This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker uses the Microsoft Web Distributed Authoring and Versioning (WebDAV) client to send specifically crafted input to a server.
MS16-017 – Important
Security Update for Remote Desktop Display Driver to Address Elevation of Privilege (3134700)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an authenticated attacker logs on to the target system using RDP and sends specially crafted data over the connection. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
MS16-018 – Important
Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3136082)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
MS16-019 – Important
Security Update for .NET Framework to Address Denial of Service (3137893) This security update resolves vulnerabilities in Microsoft .NET Framework. The more severe of the vulnerabilities could cause denial of service if an attacker inserts specially crafted XSLT into a client-side XML web part, causing the server to recursively compile XSLT transforms..
MS16-020 – Important
Security Update for Active Directory Federation Services to Address Denial of Service (3134222)
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow denial of service if an attacker sends certain input data during forms-based authentication to an ADFS server, causing the server to become nonresponsive.
MS16-021 – Important
Security Update for NPS RADIUS Server to Address Denial of Service (3133043)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could cause denial of service on a Network Policy Server (NPS) if an attacker sends specially crafted username strings to the NPS, which could prevent RADIUS authentication on the NPS.
MS16-022 – Important
Security Update for Adobe Flash Player (3135782) This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
by Mark | Jan 13, 2016 | Features, Patch Management, Patch Releases, SCCM
Microsoft’s January 2016 Patch Releases
The following nine Patch Tuesday updates / patches have been released by Microsoft for the January 2016 Update deployment.
MS16-001 – Critical
Cumulative Security Update for Internet Explorer (3124903)
This security update resolves vulnerabilities in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-002- Critical
Cumulative Security Update for Microsoft Edge (3124904)
This security update resolves vulnerabilities in Microsoft Edge. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-003 – Critical
Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540)
This security update resolves a vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-004 – Critical
Security Update for Microsoft Office to Address Remote Code Execution (3124585)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-005 – Critical
Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584)
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user visits a malicious website.
MS16-006 – Critical
Security Update for Silverlight to Address Remote Code Execution (3126036)
This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. An attacker would have no way to force users to visit a compromised website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email or instant message that takes users to the attacker’s website.
MS16-007 – Important
Security Update for Microsoft Windows to Address Remote Code Execution (3124901)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker is able to log on to a target system and run a specially crafted application.
MS16-008 – Important
Security Update for Windows Kernel to Address Elevation of Privilege (3124605)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.
MS16-010 – Important
Security Update in Microsoft Exchange Server to Address Spoofing (3124557)
This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow spoofing if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content.
by Mark | Dec 30, 2015 | Features, Patch Management, Patch Releases, SCCM
Adobe Flash Player – Critical Security updates released
Adobe has released critical security updates for Adobe Flash Player this month
These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
The exploit for CVE-2015-8651 is being used in limited, targeted attacks.
Effected versions are;
- Adobe Flash Player Desktop Runtime 20.0.0.235 and earlier
- Adobe Flash Player Extended Support Release 18.0.0.268 and earlier
- Adobe Flash Player for Google Chrom e20.0.0.228 and earlier
- Adobe Flash Player for Microsoft Edge and Internet Explorer 1120.0.0.228 and earlier
- Adobe Flash Player for Internet Explorer 10 and 1120.0.0.228 and earlier
- Adobe Flash Player for Linux 11.2.202.554 and earlier
- AIR Desktop Runtime 20.0.0.204 and earlier
- AIR SDK20.0.0.204 and earlier
- AIR SDK & Compile r20.0.0.204 and earlier
- AIR for Android 20.0.0.204 and earlier
Effecting Windows, Macintosh, Android and IOS devices
Adobe has relased a security update that fixes the vulnerability. Users are advised to update their versions of Flash to the latest versions available on the Adobe website.
Details on how to update and remediate this issue supplied by Adobe below;
- Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows and Macintosh update to 20.0.0.267 by visiting the Adobe Flash Player Download Center, or via the update mechanism within the product when prompted.
- Adobe recommends users of the Adobe Flash Player Extended Support Release should update to version 18.0.0.324 by visiting http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html.
- Adobe recommends users of Adobe Flash Player for Linux update to Adobe Flash Player 11.2.202.559 by visiting the Adobe Flash Player Download Center.
- Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 20.0.0.267 for Windows, Macintosh, Linux and Chrome OS.
- Adobe Flash Player installed with Microsoft Edge and Internet Explorer for Windows 10 will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.267.
- Adobe Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.267.
- Adobe recommends users of the AIR desktop runtime, AIR SDK and AIR SDK & Compiler update to version 20.0.0.233 by visiting the AIR download center or the AIR developer center.
- Please visit the Flash Player Help page for assistance in installing Flash Player.
by Mark | Dec 14, 2015 | How To, Patch Management, Patch Releases, SCCM
The Ultimate Patch Management Strategy to Alleviate Your Pain
Are you tired of experiencing patch management pain every time you need to update and patch your servers? If yes, then you are not alone. Many administrators have found themselves in a daunting task of keeping their servers and workstations up to date. Fortunately, creating a great patch management strategy is not as complicated as you might think. In this article, we will show you how to implement an effective patch management strategy that will remove the pain from your process.
Infrastructure is Key
The first step towards having an effective patch management strategy is having the correct infrastructure in place. Fortunately, there are several fantastic tools that have been developed by Microsoft, such as Microsoft System Centre Configuration Manager (SCCM), Windows Update Services (WSUS), and Windows Update for Business (WUB). These tools can be used to keep your servers and workstations up to date, and they all report on patching compliance. Additionally, you can set them to deploy updates as you define, which makes the process more manageable
The Ideal World
In an ideal world, where you have Development/Test, UAT, and Production environments that mimic one another, you can successfully deploy security updates to the lower environments. This allows you to perform successful UAT to ensure that no new issues are introduced by any of the patches. Should a patch cause an issue, you can stop deployment to your Production servers, delaying deployment until a fix has been released that will address the issue or not deploying the patch at all.
The Real World
Unfortunately, not everyone has the luxury of lower environments that match the Production environment. The ability to successfully UAT patches prior to deployment to Production systems isn’t available to most administrators, making the patch deployment process fraught with risk. Administrators would have to manually confirm all backups were successful prior and perform and confirm a successful snapshot of their virtual servers for added confidence. Only then could they deploy the updates to their client servers, typically outside of business hours. If there was an issue that arose from a patch, many late-night hours would be spent either trying to uninstall the patch (if that worked) or restoring from tape backup. Either way, it was many hours and weekends late at night keeping everything up to date.
How We Can Help
We understand the pain that comes with patch management, and we have a solution to help you. SnaPatch Patch Management Software interfaces with Microsoft’s SCCM and VMWare’s vCentre and Microsoft’s System Centre Virtual Machine Manager, also known as SCVMM. This software automates the patch deployment process and allows administrators to have their weekends back. With the SnaPatch console, you can choose the servers you want to patch, what patches you want to deploy, what servers you require to be snapshotted, and what time you would like this all scheduled (a maintenance window will be set for this deployment). SnaPatch will automate all this and alert you with progress emails. Should a server’s snapshot not be successful, you will be alerted by email, and that server will be excluded from patch deployment. Should an issue arise with one of the deployed patches, you can either uninstall the patch, revert to the snapshot created by SnaPatch, or restore from backup tape.
SnaPatch – Your Solution
SnaPatch is the best patch management add-on for Microsoft’s SCCM that will help you alleviate the patching risk. With our software, you can simplify your patch management process and enjoy your weekends without the hassle of patching. Like our motto says, “Let’s make Administration EASY!” Contact us today to learn more about how SnaPatch can help you.
by Mark | Dec 12, 2015 | Features, SCCM
SCCM Version 1511 – New Features Overview
With the release of version 1511, Microsoft introduced a major shift in how System Center Configuration Manager (SCCM) is updated and versioned. Instead of the expected “SCCM 2016,” Microsoft adopted a continuous update model, naming releases based on the year and month. SCCM 1511, for example, was released in November 2015.
This update marked the beginning of Microsoft’s “as-a-service” approach to Configuration Manager, providing more frequent updates and enhanced integration with Windows 10 and Microsoft cloud services. Below is a summary of the new features introduced in this release.
Windows 10 Management
- Windows 10 servicing support for streamlined update management
- Support for sideloading Windows 10 applications
- Enhanced compliance settings tailored for Windows 10
Infrastructure Improvements
- Preferred management points for optimized client communication
- Single primary site supports up to 150,000 clients
- Hierarchy support extended up to 700,000 clients
- Full support for Microsoft Azure virtual machines
- Diagnostics and usage data for proactive management
- Support for servicing server clusters
- SQL Server AlwaysOn support for high availability
- Integration with Windows Update for Business
Console Enhancements
- Native management of Office 365 desktop client updates
- Deploy apps from the Windows Store for Business
- Support for multiple automatic deployment rules
- Improved client deployment status visibility in the console
- WSUS cleanup task can be scheduled and run from the console
- New updates and servicing dashboard
- Client piloting to pre-production collections
- Enhanced Software Center experience
Operating System Deployment
- In-place upgrade task sequences for Windows 10
- Peer cache support for Windows PE
Mobile Device Management
- Feature parity between Intune stand-alone and SCCM-managed MDM
- Mobile Application Management (MAM) capabilities
- Data protection and security enhancements for mobile devices
- Support for on-premises mobile device management
- App deployment to Windows 10 devices via on-prem MDM
- Certificate provisioning for managed Windows 10 devices
- Streamlined workflow for creating mobile configuration items
- Bulk enrollment of Windows 10 devices
- Wipe and retire functionality for on-prem MDM
SCCM 1511 set the foundation for modern device management and Windows 10 readiness. These updates offered enhanced flexibility, scalability, and integration for enterprise IT environments moving toward a hybrid or cloud-first model.
