Snapshot before Patching

Snapshot before Patching

Automate Snapshot Creation Before Deployment

Reduce Patching Risks with SnaPatch

System administrators are responsible for ensuring the smooth functioning of their organization’s computer systems. They are the ones who deploy new software and updates, perform maintenance tasks, and troubleshoot any issues that arise. However, keeping these systems up-to-date can be a daunting task, especially when new updates and patches are released frequently. This is where taking a snapshot before patching comes into play.

A snapshot before patching is a crucial tool that system administrators can use to protect their systems from vulnerabilities. In this article, we will discuss why taking a snapshot before patching is essential and how it can help system administrators safeguard their systems.

What is a Snapshot Before Patching?

A snapshot before patching is a backup copy of your system’s current state. This copy can be used to restore your system to its previous state in case something goes wrong during the patching process. Taking a snapshot before patching ensures that you have a stable and reliable system to fall back on if the patching process fails.

Why is a Snapshot Before Patching Important?

Taking a snapshot before patching is essential for several reasons. Here are some of the main reasons why system administrators should make this a standard practice:

  1. Protects Against System Failure: Patching can sometimes cause system failures. Having a snapshot before patching ensures that you can quickly restore your system to its previous state in case of such failures.
  2. Provides a Safe Environment for Testing: Taking a snapshot before patching allows system administrators to test the patches in a safe environment. This ensures that any issues that arise during the testing process can be addressed before the patches are applied to the live system.
  3. Helps in Disaster Recovery: Snapshots can be used as part of a disaster recovery plan. In case of a disaster, snapshots can be used to restore your system to a previous state.

Best Practices for Using Snapshots Before Patching

Here are some best practices for using snapshots before patching:

Always Test Patches:

Test patches in a safe environment before applying them to the live system.

Schedule Regular Snapshots:

Schedule regular snapshots so that you always have an up-to-date backup of your system.

Name Your Snapshots:

Give your snapshots meaningful names so that you can easily identify them.

Store Snapshots Securely:

Store your snapshots in a secure location to prevent unauthorized access.

Snapshots Before Patching FAQs

What is the difference between a snapshot and a backup?

A snapshot is a point-in-time copy of your system, whereas a backup is a copy of your system’s data that is stored separately.

How often should I take a snapshot before patching?

It depends on your organization’s needs. However, it is a good practice to take a snapshot before each patching session.

Can I take a snapshot of a virtual machine?

Yes, you can take a snapshot of a virtual machine. In fact, taking snapshots of virtual machines is a common practice in virtualized environments.

What happens if I don’t take a snapshot before patching?

If you don’t take a snapshot before patching, you run the risk of losing important data or causing system failures.

How to Snapshot before deploying Patches.

How SnaPatch Can Help You Take Snapshots Before Patching

When it comes to taking snapshots before patching, it can be a time-consuming and manual process for system administrators. However, there is a tool that can simplify the process and make it more efficient: SnaPatch.

What is SnaPatch?

SnaPatch is a software application that interacts with your Microsoft System Centre Configuration Manager (SCCM) environment to pull in all your machine information. It uses SCCM as the source of truth for all your VM information.

Next, it interfaces with either your vCentre or System Centre Virtual Machine Manager (SCVMM), or both. It takes control of your VM environment, allowing it to create and delete snapshots of your VMs.

How does SnaPatch work?

SnaPatch simplifies the snapshot process by automating it. It creates a snapshot of any virtual machine before allowing it to be patched. If the snapshot fails, the VM will not receive updates and will be removed from the patching schedule. SnaPatch streamlines the process and frees up your time by automating the snapshot and patching processes, while keeping you updated on progress via email notifications.

How do you deploy SnaPatch?

Deploying SnaPatch is easy and straightforward. After installation, the application discovers your SCCM environment and allows you to configure various settings such as email notifications, snapshot creation, and patch deployment.

Why use SnaPatch?

SnaPatch helps you take snapshots before patching in a more efficient and streamlined manner. It complies with SOX regulations and minimizes risk, and its automated snapshot creation feature ensures that you can easily roll back updates if necessary, giving you peace of mind and more time to focus on other critical tasks.

Conclusion

In conclusion, taking snapshots before patching is a critical step in ensuring the security and stability of your systems. SnaPatch can help simplify and automate this process, allowing you to deploy Microsoft updates in your VM environment safely and efficiently. Try SnaPatch today and streamline your patching process!

MICROSOFT’S March 2017 PATCH RELEASES

MICROSOFT’S March 2017 PATCH RELEASES

MICROSOFT’S March 2017 PATCH RELEASES

Well after an absence last month of the usual Microsoft Patch Tuesday releases, Microsoft have bundled more in to this months release, with 18 Windows Updates for the month of March 2017.

March 2017 Patch Tuesday

See how you can remove the risk of patch deployment by adding SnaPatch to your SCCM patching infrastructure?

MS17-006 – Critical

Cumulative Security Update for Internet Explorer (4013073)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS17-007 – Critical

Cumulative Security Update for Microsoft Edge (4013071)
This security update resolves vulnerabilities in Microsoft Edge. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS17-008 – Critical

Security Update for Windows Hyper-V (4013082)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

MS17-009 – Critical

Security Update for Microsoft Windows PDF Library (4010319)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.

MS17-010 – Critical

Security Update for Microsoft Windows SMB Server (4013389)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.

MS17-011 – Critical

Security Update for Microsoft Uniscribe (4013076)
This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS17-012 – Critical

Security Update for Microsoft Windows (4013078)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.

MS17-013 – Critical

Security Update for Microsoft Graphics Component (4013075)
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS17-014 – Important

Security Update for Microsoft Office (4013241)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

MS17-015 – Important

Security Update for Microsoft Exchange Server (4013242)
This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.

MS17-016 – Important

Security Update for Windows IIS (4013074)
This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user’s browser to obtain information from web sessions.

MS17-017 – Important

Security Update for Windows Kernel (4013081)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.

MS17-018 – Important

Security Update for Windows Kernel-Mode Drivers (4013083)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

MS17-019 – Important

Security Update for Active Directory Federation Services (4010320)
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.

MS17-020 – Important

Security Update for Windows DVD Maker (3208223)
This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.

MS17-021 – Important

Security Update for Windows DirectShow (4010318)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.

MS17-022 – Important

Security Update for Microsoft XML Core Services (4010321)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.

MS17-023 – Important

Security Update for Adobe Flash Player (4014329)
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.


Now that you have made it this far, a quick shameless plug for our software portfolio. 🙂

SnaPatch – Patch Management Addon for Microsoft’s SCCM.

SnapShot Master – Take control of your virtual machine snapshots, works with both Hyper-V and Vmware.

Azure Virtual Machine Cloner – Quickly and easily clone your Azure VMs, you can even migrate your VMs between ARM and ASM.

Azure Virtual Machine Scheduler – Save money and schedule the shutdown and power on of your virtual machines within Microsoft’s Azure Cloud.

Azure Virtual Machine Deployer – Deploy VMs to Microsoft’s Azure cloud easily, without the need for powershell.

SCCM update 1610 Hotfix KB4010155

SCCM update 1610 Hotfix KB4010155

SCCM update 1610 Hotfix KB4010155

If you are using Microsoft’s System Center Configuration Manager (SCCM), you may have experienced known bugs and issues. Fortunately, Microsoft released a hotfix on February 16, 2017, to fix them. In this article, we will discuss the hotfix, its features, and how it addresses some of SCCM’s known issues.

Fixing Known Bugs and Issues The following are some of the known bugs and issues that are fixed by this update rollup:

SCCM update 1610 Hotfix KB4010155

An update has been released for Microsoft’s System Centre Configuration Manager on the 16 of February 2017.

This update rollup for SCCM is to fix the following known bugs and issues;

Component Bug/Issue
Client
Internet-only clients can’t connect to management points or distribution points when proxy auto-configuration is used, and they change networks without restarting.
Client
The Content Transfer Manager component of the Configuration Manager client repeatedly checks for content after the client roams to a location without available distribution points.
Microsoft Intune and Mobile Device Management
Communication between a Configuration Manager site server and the Microsoft Intune service may fail randomly.
Microsoft Intune and Mobile Device Management
After integrating Lookout mobile threat protection with Microsoft Intune, Windows devices are incorrectly displayed in the Device Threat Protection Compliance Status (iOS/Android) charts in the Administrator Console.
Site systems
The Microsoft.Management.Services.ClientManagementService.Host.exe process doesn’t start if the Process ID (PID) assigned by Windows is greater than 32,767.
Site systems
After you upgrade to Configuration Manager current branch, version 1610, the cloud management gateway connection point doesn’t start.
Site systems
When you configure the SQL Server Service Broker for a database replica server, execution of the sp_BgbConfigSSBForRemoteService stored procedure fails.
Site systems
Installing the Service Connection Point on a computer that’s not a site server triggers CPU usage of 100%.
Operating system deployment
Deployment of the Windows 10 Anniversary Update (1607) to Windows 10 clients triggers a “0x80091007 (Hash value is not correct)” error.
Software distribution and content management
The transfer of package contents between sites over slow network connections fails intermittently.
Software distribution and content management
Every time content is sent to a distribution point, site control data is updated unnecessarily.
Administrator console
After you add a new boundary to the Default-Site-Boundary-Group, that group is no longer listed on the Boundary Groups tab of the boundary properties.
Administrator console
Individual threat details are not displayed as expected on the Device Threat Protection Details tab of the Devices screen in the Administrator console.
Administrator console
The UpdatesDeployment.log file contains errors that resemble the following: Failed to get SDM CI for update (Site_{guid} SUM_{guid}) from type store, error = 0x80070002 Failed to GetSupersededUpdatesFromDigest for the update
Administrator console
After you upgrade to Configuration Manager current branch, version 1610, resolving conflicting records fails for non-mobile device clients.
Software updates
When an Alternate Content Provider encounters an error or retry condition while downloading an Office 365 job, the client does not fall back to the default download system as expected.
Software updates
After you start installation of Office updates from Software Center, users do not receive a notification message to exit all open Office 365 applications.
Software updates
The Allow clients to use Microsoft Update as a fallback source option doesn’t work as expected when you use it in a software update deployment or automatic deployment rule (ADR).

How to install KB4010155 update rollup for SCCM 1610

Now that you have learnt about what are the fixes for this update rollup, now lets look at how to install this next. It is quite a simple process and should take you no longer than 30 minutes.


Step 1 – Open your SCCM console.

Open your SCCM console and navigate to Administration, then expand Cloud Services and finally highlight Updates and Servicing. Your SCCM should have downloaded the update and have it ready to deploy to your SCCM infrastructure.

KB4010155 SCCM step 1


Step 2 – Run Prerequisite Check

Highlight the Configuration Manager 1610 Hotfix (KB4010155), then right click and choose Run Prerequisite Check. 

KB4010155 SCCM step 2

The prerequisite check should take no longer than five minutes as sn the background, SCCM will run and verify that you are able to install this hotfix.

KB4010155 SCCM step 3

Refresh your console until you see that the Prerequisite check passed notification.

KB4010155 SCCM step 4


Step 3 – Install Update Pack (KB4010155)

Hopefully the KB4010155 update pack is compatible with your SCCM environment and you are now ready for the installation. Again, highlight the update pack, right click and choose Install Update Pack.

KB4010155 SCCM step 2

Now the Configuration Manager Updates Wizard starts up. Click Next to proceed.

KB4010155 SCCM step 5

On the Client Updates Options window, you have the option to Upgrade without Validating or to Validate in pre-production collection. In this example, Im choosing to go ahead and update without validation. Click Next when ready to proceed.

KB4010155 SCCM step 6

The next window is the License Agreement window. You have to check the checkbox to accept the license terms and privacy statement before you can continue to install. Once you have done so, click Next to continue.

KB4010155 SCCM step 7

The Summary window details your installation options. Confirm these are correct before clicking on Next and continuing and then the installation will not start.

KB4010155 SCCM step 8

Now KB4010155 will install and update your SCCM environment. Once complete you will be presented with the following screen and KB4010155 will install in the background. Keep refreshing your SCCM console to confirm when it has udpated. You can additionally view the installation progress by looking at the CMUPDATE.LOG.

 KB4010155 SCCM step 9

Conclusion

In summary, Microsoft released an update for System Center Configuration Manager (SCCM) on February 16, 2017, to address various known bugs and issues. These issues include problems with client connectivity, increased CPU activity, communication failures between Configuration Manager and Microsoft Intune, and errors during the deployment of Windows 10 Anniversary Update (1607) to Windows 10 clients. Other issues addressed by the update include software distribution and content management, problems with the Administrator console, and software updates. The update aims to resolve these issues to improve the performance and functionality of SCCM.

MICROSOFT’S February 2017 PATCH RELEASES

MICROSOFT’S February 2017 PATCH RELEASES

February 2017 Patch Tuesday

Well this is completely out of the usual. This month, being February 2017 Microsoft has decided to delay the normal patch release cycle as, and I quote

“Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.

After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan.

MSRC”

Make sure to sign up and revisit our blog, as once we have confirmation from Microsoft if or when they will release their February Patch Tuesday releases, we will update our blog.

As always, dont forget to check out our software.

SnaPatch – Extends the capability of your SCCM patching infrastructure

SnapShot Master – Schedule snapshot creations and deletions plus lots more.

AVMC -Quickly and easily clone or migrate your Azure VMs.

AVMS – Schedule power downs and ons of your Azure VMs with ease. Now include orchestration.

AVMD – Deploy VMs to Azure without powershell