Monday 15 October 2012

Managing Applications in 64-bit Environments

I was fortunate enough to be invited to the PDS Packaging Event last week and had a great time with the Quest UWM team and the DELL Kace team.

You can read about the event here: http://aokcompat.blogspot.co.uk/2012/10/packaging-event-amsterdam-october-11-12.html

During the event I met up with Darwin Sanoy who runs the CSI Windows training company. Darwin has been a true leader in the packaging and desktop management space for years. As you could imagine, we had plenty to chat about.

One of the topics that came up was the challenges involved in packaging applications for 64-BIT environments. In fact, assessing applications for 64-BIT compatibility  was a key challenge for some of our larger engineering and financial customers and was a key feature of the Windows 7 migration effort.

Luckily for us - Darwin has written a book that will help guide you through the pitfalls of getting applications successfully installed and correctly configured on a 64-BIT platform.

You can buy the book here - I did:  http://www.csi-windows.com/ebooks/windows-64-bit
And for your $9.99 you can choose an e-book and training bundle that I feel is priced a little too low. In fact, for the money, this is an absolute no-brainer for any sysadmin or application packager

Here is a quick snap-shot of the Table of Contents:

I recommend buying the e-book and training bundle -while the deal lasts!

Thursday 11 October 2012

Patch Tuesday: October 2012

Executive Summary
 With this October Microsoft Patch Tuesday update, we see a set of 7 updates; 1 of which is Critical, and 6 with rating of Important.
The Patch Tuesday Security Update analysis was performed by the Quest ChangeBASE Patch Impact team identified a small percentage of applications from the thousands of applications included in testing for this release which showed an Amber issue.
Patches MS12-068 and MS12-069 both require a reboot for the patch to be installed correctly.

Sample Results

Here is a sample of the results for one package against the patch Tuesday updates:





And, here is a sample Summary Report of the potential impact of these Microsoft updates;

















Testing Summary
MS12-064
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
MS12-065
Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670)
MS12-066
Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517)
MS12-067
Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)
MS12-068
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2724197)This security update resolves a privately reported vulnerability in all supported releases of Microsoft Windows except Windows 8 and Windows Server 2012. This security update is rated Important for all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-069
Vulnerability in Kerberos Could Allow Denial of Service (2743555)
MS12-070
Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849)



Security Update Detailed Summary

MS12-064
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
Description
This security update resolves two privately reported vulnerabilities in Microsoft Office. The more severe vulnerability could allow remote code execution if a user opens or previews a specially crafted RTF file. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
WinWord.exe, WordIcon.exe, WordCnv.dll, Wwlib.dll
Impact
Critical - Remote Code Execution

MS12-065
Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670)
Description
This security update resolves a privately reported vulnerability in Microsoft Works. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Word file using Microsoft Works. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
kwpqrtf.dll, kwpqd.dll, ksssdb.dll, kimg90.dll, kcvqd01.dll, kcvqr01.dll, orks632.cnv, kproof.dll, kimgl90.dll, orksup.dll
Impact
Important - Remote Code Execution

MS12-066
Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517)
Description
This security update resolves a publicly disclosed vulnerability in Microsoft Office, Microsoft Communications Platforms, Microsoft Server software, and Microsoft Office Web Apps. The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user.
Payload
No Specific File Information
Impact
Important - Elevation of Privilege

MS12-067
Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)
Description
This security update resolves publicly disclosed vulnerabilities in Microsoft FAST Search Server 2010 for SharePoint. The vulnerabilities could allow remote code execution in the security context of a user account with a restricted token. FAST Search Server for SharePoint is only affected by this issue when Advanced Filter Pack is enabled. By default, Advanced Filter Pack is disabled.
Payload
No Specific File Information
Impact
Important - Remote Code Execution

MS12-068
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2724197)This security update resolves a privately reported vulnerability in all supported releases of Microsoft Windows except Windows 8 and Windows Server 2012. This security update is rated Important for all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Description
The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Payload
Ntkrnlmp.exe, Ntkrnlpa.exe, Ntkrpamp.exe, Ntoskrnl.exe
Impact
Important - Elevation of Privilege

MS12-069
Vulnerability in Kerberos Could Allow Denial of Service (2743555)
Description
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote attacker sends a specially crafted session request to the Kerberos server. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Payload
Kerberos.dll
Impact
Important - Denial of Service

MS12-070
Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849)
Description
This security update resolves a privately reported vulnerability in Microsoft SQL Server on systems running SQL Server Reporting Services (SSRS). The vulnerability is a cross-site-scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the SSRS site in the context of the targeted user. An attacker could exploit this vulnerability by sending a specially crafted link to the user and convincing the user to click the link. An attacker could also host a website that contains a webpage designed to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability.
Payload
Microsoft.reportingservices.diagnostics.dll, Microsoft.reportingservices.nullrendering.dll, Ms.rs.dataextensions.dll, Ms.rs.designer.dll, Ms.rs.designer.import.dll, Ms.rs.designer.wizards.dll, Ms.rs.diagnostics.dll, Ms.rs.interfaces.dll, Ms.rs.library.dll, Ms.rs.nativeclient.dll, Ms.rs.pabin.csvrendering.dll, Ms.rs.pabin.excelrendering.dll, Ms.rs.pabin.htmlrendering.dll, Ms.rs.pabin.imagerendering.dll, Ms.rs.pabin.webserver.dll, Ms.rs.pabin.xmlrendering.dll, Ms.rs.processing.dll, Ms.rs.reportpreview.dll, Ms.rs.sqlsortwrapper.dll, Reportingservices.authorization, Reportingservices.csvrendering.dll, Reportingservices.dataextensions, Reportingservices.diagnostics.dll, Reportingservices.excelrendering, Reportingservices.htmlrendering.dll, Reportingservices.imagerendering, Reportingservices.interfaces.dll, Reportingservices.processing.dll, Reportingservices.xmlrendering.dll, Reportingservicescompression.dll, Reportingservicesemaildeliveryprovider.dll, Reportingservicesfilesharedeliveryprovider.dll, Reportingserviceslibrary.dll, Reportingservicesnativeclient.dll, Reportingservicesnativeserver.dll, Reportingservicesnulldeliveryprovider.dll, Reportingservicesservice.exe, Reportingservicessqlsortwrapper.dll, Reportingserviceswebserver.dll, Rs.exe, Rsactivate.exe, Rsclientprint.cab, Rsconfig.exe, Rsemaildeliveryprovider.dll, Rskeymgmt.exe, Rsreporthost.exe, Rswebuserinterface.dll
Impact
Important - Elevation of Privilege


*All results are based on an AOK Application Compatibility Lab’s test portfolio of over 1,000 applications.

Monday 8 October 2012

April 9, 2014: Every day a Zero Day

Gabe Knuther over at Brian Madden had a timely reminder about the dangers of the coming Windows XP support "wall" that we are rapidly approaching.

Quickly referencing the Windows XP support lifecycle table, Microsoft stopped selling Windows XP in October 2010. You can see similar information for Windows Vista and Windows 7 here;


More importantly in the second table, we see the dates for the end of support for each operating system. 


As you can see, April 8th is the final day for Windows XP support. As Gabe points out in his article (see reference below), you may not care as you have been managing Windows XP for more than a decade now. 

However, the issue is not you, but them - and, by them I mean the bad guys. 

As, of April 9th 2014, there will be no more patches, update or security updates for Windows XP. You have been managing a finely tuned and reasonably secure desktop for the past little while, and as of that date final date for Windows XP - you are now completely on your own. Any vulnerability that remains un-patched from April 9th, will stay that way - forever. And, any exploit discovered after April 9th (or maybe secretly discovered prior to that) - you will be vulnerable. Until, you migrate to either Windows 7/8 or choose another platform altogether.

Not a great situation - I guess it's fair to say that you have been warned.



References: 

Windows LifeCycle

Friday 5 October 2012

DELL Technical Demos: Now online

Sometimes a picture is a worth a thousand words... And in the case of technical demos, a video is worth even more.

I found these little gems a few days ago. Here is a list of some great technical demoes that have put online covering some of the ChangeBASE/ScriptLogic/Quest/DELL offerings;


Desktop Authority 
Smart IT administrators are beginning to realize that centrally configuring the user environment and application automation are critically important to keeping their jobs.  That’s automation in delivering applications, as well as controlling their configurations across desktops, virtual desktops, and remote sessions.  In this webcast, we will cover:
  • Targeting configurations to the right users
  • Complementing existing client management technologies
  • Centrally delivering  applications to physical and virtual desktops



HelpDesk
You need a comprehensive help desk solution that can help your staff efficiently track, identify and resolves issues quickly and automatically with self-service and integrated management tools.
In this webcast, we will show you how to:
  • Remotely identify, track and close issues faster through our “Virtual Desk Visit”
  • Include asset management information for your software and hardware on help desk tickets
  • Automate routine tasks and empower users with self-service tools to resolve basic issues
  • Use Event Management to save time and money by detecting and resolving infrastructure problems automatically
  • Implement Information Technology Infrastructure Library (ITIL) best practices



Asset Manager 
Implementing a software asset management solution will save you time, headaches and can help ensure that you stay in compliance with your license agreements. In this webcast, we will discuss why no one likes asset management, what tools are and are not helpful and why you need to tie assets back to contracts. This webinar will cover the following;
  • Automatically discover and identify software, including bundles
  • Track actual software usage and costs
  • Tie software licenses back to contracts
  • Easily run software usage and compliance reports



Privilege Manager
Do you have administrator rights or don’t you, have been the only options at our disposal.
Yet simply killing off Administrator doesn’t solve the problem.  Something must fill the hole its death leaves behind.  In its place, IT dreams of a more granular approach to privilege management that aligns the actions users want to accomplish with those that you’ve specifically permitted.
In this webcast, we will show you how to:
  • Increase productivity through policy based elevation of user privileges
  • Minimize security issues caused by unauthorized access
  • Manage user privileges by giving them access to what they need
  • Create custom elevation rules by leveraging Group Policy Objects
  • Get immediate ROI by using over 100 Pre-Defined elevation policies


Enjoy!

Wednesday 3 October 2012

Packaging Event: Amsterdam, October 11-12


The ChangeBASE team will be working and presenting at the upcoming Packaging Event in Amsterdam next week. It would be great to see you there.

What is the Packaging event all about?
The Packaging Event is organized to get the latest technology information about application management, packaging, application deployment, desktop management and application virtualization to the end-user. Packaging Event aspires to be “the portal” for these topics in the whole EMEA region.

And where is it?
You can join us at the Amsterdam Arena located here:
Arena Boulevard 1
1101 AX Amsterdam Zuidoost
Tel. 0031 (0)20 - 311.1333

More Importantly we have  some great workshops with the following agenda(s):


Ben Cook, Systems Consultant and Christophe Jonot, Systems Consultant
Thursday 10.00-12.25 h
You will learn the key features of ChangeBASE. Through loading  a small number of applications we will learn how to run the Windows 7 64-bit, Virtualisation and Office checks and fixes against the applications. Time permitting, we  may also cover running the Virtualisation reports and will go through the recommended process for implementing AOK into your migration programme at a high level.

Please bring your own application for us to test!

In this session Ben will cover the following:

  • Import applications into ChangeBASE including automated repackaging of legacy applications
  • Run Windows 7, App-V and Office 2010 reports against the applications
  • Review the results in the Dashboard reporting solution
  • Run through fixing and explain the results
  • Editing applications in MSI Studio
  • Review the log files and package history
  • Automated application sequencing

And then there is a more technical  Session that includes:


Ben Cook Systems Consultant
Technical Session – Thursday 14.15 – 14.45
User Workspace Management and Application Readiness
During this session  you will learn how IT is moving towards a User Workspace model. We will specifically focus on Application Readiness and will provide you with the knowledge you need to easily prepare your applications for migration to new Microsoft Windows and Office platforms, new Internet Explorer versions, and virtualized desktop and application environments. You’ll see how Quest solutions can help you rapidly discover applications and then assess and fix application compatibility issues before automatically virtualising them to your chosen application virtualisation format. Don’t miss this chance to learn how you can carry out timely, successful migrations of your applications to fully leverage business-critical Microsoft infrastructure.

Hope to see you there!



Monday 1 October 2012

The DELL Deal: It's done.

OK - a new day - a new company.

The ChangeBASE team has gone from a small-start-up software company to be acquired by Quest and now today marks the completion of another acquisition - Quest Software has now been acquired by DELL.

The deal has been done. Here is a quick comment from John Swainson, president of Dell Software;
The close of the Quest acquisition is a tremendous milestone in Dell's journey to strengthen our end-to-end IT capabilities, empowering our customers to unlock greater value in their Dell technology investments, as well as their overall IT environments,” said John Swainson, president, Dell Software. “We are addressing key needs for our customers, helping them leverage the cloud, support ‘bring-your-own-device' in their enterprise, and deploy mobile applications and virtualization to drive improved business
You can also read more about the completion of the acquisition of Quest by DELL in the following articles;

Dell closes $2.4 billion buyout of Quest Software
BusinessWeek (AP)

Dell Completes Acquisition of Quest Software
SC Magazine

Dell Completes Quest Software Acquisition
Equities.com

Dell Closes Acquisition Of Quest Software - Quick Facts
RTT News

Done deal: Dell Now Owns Quest Software
myITForum