by Mark | Nov 13, 2016 | Deployment, Patch Management, Patch Releases, SCCM, Security
MICROSOFT’S November 2016 PATCH RELEASES
Microsoft have released 14 new Patch Tuesday releases for deployment this month of November.
See how you can remove the risk of patch deployment by adding SnaPatch to your SCCM patching infrastructure?
MS16-129 – Critical
Cumulative Security Update for Microsoft Edge (3199057)
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.
MS16-130 – Critical
Security Update for Microsoft Windows (3199172)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a locally authenticated attacker runs a specially crafted application.
MS16-131 – Critical
Security Update for Microsoft Video Control (3199151)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution when Microsoft Video Control fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. However, an attacker must first convince a user to open either a specially crafted file or a program from either a webpage or an email message.
MS16-132 – Critical
Security Update for Microsoft Graphics Component (3199120)
This security update resolves vulnerabilities in Microsoft Windows. The most severe being of the vulnerabilities could allow a remote code execution vulnerability exists when the Windows Animation Manager improperly handles objects in memory if a user visits a malicious webpage. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-133 – Important
Security Update for Microsoft Office (3199168)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-134 – Important
Security Update for Common Log File System Driver (3193706)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerability could allow elevation of privilege when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit these vulnerabilities by running a specially crafted application to take complete control over the affected system. An attacker who successfully exploits this vulnerability could run processes in an elevated context.
MS16-135 – Important
Security Update for Windows Kernel-Mode Drivers (3199135)
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
MS16-136 – Important
Security Update for SQL Server (3199641)
This security update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an attacker could to gain elevated privileges that could be used to view, change, or delete data; or create new accounts. The security update addresses these most severe vulnerabilities by correcting how SQL Server handles pointer casting.
MS16-137 – Important
Security Update for Windows Authentication Methods (3199173)
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege. To exploit this vulnerability, the attacker would first need to authenticate to the target, domain-joined system using valid user credentials. An attacker who successfully exploited this vulnerability could elevate their permissions from unprivileged user account to administrator. The attacker could then install programs; view, change or delete data; or create new accounts. The attacker could subsequently attempt to elevate by locally executing a specially crafted application designed to manipulate NTLM password change requests.
MS16-138 – Important
Security Update to Microsoft Virtual Hard Disk Driver (3199647)
This security update resolves vulnerabilities in Microsoft Windows. The Windows Virtual Hard Disk Driver improperly handles user access to certain files. An attacker could manipulate files in locations not intended to be available to the user by exploiting this vulnerability.
MS16-139 – Important
Security Update for Windows Kernel (3199720)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application to access sensitive information. A locally authenticated attacker could attempt to exploit this vulnerability by running a specially crafted application. An attacker can gain access to information not intended to be available to the user by using this method.
MS16-140 – Important
Security Update for Boot Manager (3193479)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if a physically-present attacker installs an affected boot policy.
MS16-141 – Critical
Security Update for Adobe Flash Player (3202790)
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
MS16-142 – Critical
Cumulative Security Update for Internet Explorer (3198467)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Now that you have made it this far, a quick shameless plug for our software portfolio. 🙂
SnaPatch – Patch Management Addon for Microsoft’s SCCM.
SnapShot Master – Take control of your virtual machine snapshots, works with both Hyper-V and Vmware.
Azure Virtual Machine Scheduler – Save money and schedule the shutdown and power on of your virtual machines within Microsoft’s Azure Cloud.
Azure Virtual Machine Deployer – Deploy VMs to Microsoft’s Azure cloud easily, without the need for powershell.
by Mark | Oct 23, 2016 | How To, Patch Releases, SCCM
Configuration Manager 1606 Hotfix KB3180992
If you’re using System Center Configuration Manager (SCCM) and haven’t updated to build 5.00.8412.1204 yet, it’s time to do so. Microsoft has released a hotfix KB3180992 to fix various issues with SCCM. In this article, we’ll guide you through the installation process and explain how to fix the known issues that this hotfix addresses.
What’s New in SCCM 1606 Hotfix KB3180992
This hotfix addresses several known issues with SCCM, including:
- An exception error that occurs when selecting the “Update all clients in the hierarchy using production client” option on the Client Upgrade tab of Hierarchy Settings Properties.
- Software update installation freezing on SCCM clients.
- Inaccurate client counts on the Production and Preproduction Client Deployment dashboards.
- Incorrectly showing a state of Compliant on the Device Compliance section of the Software Center application.
- Incorrectly showing an error state that indicates the role is not available on the Service Connection Point after upgrading to version 1606.
- The SMS Agent Host process consuming excessive CPU resources on Pull Distribution Points after updating to version 1606.
- The ccmexec.exe process stopping responding when distributing a software update package containing many updates to a Pull Distribution Point.
SCCM 1606 Hotfix FAQ
| Question |
Answer |
What is System Centre Configuration Manager?
|
System Centre Configuration Manager (SCCM) is a software management tool that allows administrators to manage large numbers of computers and devices from a single location. |
What is Configuration Manager 1606 Hotfix KB3180992?
|
Configuration Manager 1606 Hotfix KB3180992 is an update for SCCM that fixes various issues identified with SCCM, including a freeze during software update installation and inaccurate client counts. |
How do I install Configuration Manager 1606 Hotfix KB3180992?
|
To install this update, go to Administration, then expand Cloud Services and highlight Updates and Servicing. In the main console window, you should see the SCCM 1606 Hotfix has downloaded and is available for deployment. Highlight the update (KB3180992), right-click, then run the prerequisite pack. This will now check that your SCCM meets the prerequisites for this update. Once the prerequisite check has completed, highlight the update once again, right-click, and choose Install Update Pack. |
What should I do if the Service Connection Point incorrectly shows an error state after upgrading to version 1606?
|
If the Service Connection Point is already showing an error state after upgrading to version 1606, you need to change the Availability State registry value from 1 to 4 under HKEY_LOCAL_MACHINE-SOFTWARE-Microsoft-SMS-Operations Management-SMS Server Role-SMS Dmp Connector, then restart the SMS Executive service on the site server. |
How do I validate the client update on my preproduction SCCM members?
|
On the Client Update Options Tab of the Configuration Manager Updates Wizard, you have the chance to validate the client update on your preproduction SCCM members. Simply select the checkbox next to “Validate in pre-production collection” and choose the pre-production collection to use for validation. |
How long does it take to install SCCM 1606 Update 1?
|
Installation of SCCM 1606 Update 1 may take some time, as it installs in the background. Keep refreshing the window to see when KB3180992 shows a status of installed. |
How to upgrade SCCM
To install this update, go to Administration, then expand Cloud Services and highlight Updates and Servicing.
In the main console Window, you should now see the SCCM 1606 Hotfix has downloaded and is available for deployment.
Highlight the update (KB3180992), Right Click then Run Prerequisite Pack. This will now check that your SCCM meets the prerequisites for this update.
This may take some time, so be patient and be sure to refresh the console to make sure the prerequisite check has been successful.
Now that the prerequisite check has completed, highlight the update once again, right click and choose Install Update Pack
Next you are presented with the Configuration Manager Updates Wizard. Click on Next to start the installation.
On the Client Update Options Tab, you have the chance to validate the client update on your preproduction SCCM members. In this example, I am upgrading without validation.
Click Next to continue.
Accept the License Terms and click Next.
Review you are happy with the options you have selected on the Summary Tab, then click Next.
Installation of the SCCM 1606 Update 1 will now occur. If all goes well, you should see the Completion Window as below. SCCM will install this in the background, so it may take some time. Keep refreshing the Window, to see when KB3180992 shows a status of installed.
by Mark | Aug 18, 2016 | Deployment, Errors, Fixes, Security
Microsoft August Patch Tuesday Release Causes Printing Issues: How to Fix it
Are you experiencing printing problems on your Windows PC after installing the latest security updates from Microsoft? If yes, then you are not alone. Two recent patches released by Microsoft, KB3177725 and KB3176493, seem to be causing printing issues on multiple Windows versions. In this article, we will discuss the details of this issue and how to fix it.
What are KB3177725 and KB3176493?
KB3177725 and KB3176493 are two security updates released by Microsoft in its August Patch Tuesday Release. These updates were designed to patch security vulnerabilities that could allow remote code execution on Windows 7, 8, 8.1, 10, and server editions of their software, including Windows server 2008, 2008 R2, 2012, and 2012 R2.
What is the issue caused by these updates?
The issue caused by these updates is the inability to print more than one page at a time. Some users have reported that it corrupts all print jobs with an error. Initially, Microsoft claimed that the problem was due to incompatibility issues between Windows and Printer Drivers. However, the company later acknowledged that the issue was caused by these two updates.
What is the fix for this issue?
UPDATE: Previously we mentioned the only work around is to uninstall either or both KB3177725 and KB3176493.
Well Microsoft have come through and have released another patch that will fix the issues caused by these two security updates. KB3187022 – Print functionality is broken after any of the MS16-098 security updates are installed
Patch is available to download from the Microsoft site https://support.microsoft.com/en-us/kb/3187022
There has been other issues this month, caused by the August Security Patches. Microsoft Patch KB3179575 causing authentication issues with Windows 2012 servers and KB3176934 breaks Windows 10 Powershell
If you are a SnaPatch customer, you are in luck. SnaPatch allows you to quickly and easily roll back your virtual machines to the prior security update deployment snapshot, thereby avoiding further issues. To learn more about what SnaPatch offers and how it can help you avoid similar issues, click the link provided.
In conclusion, if you are experiencing printing issues on your Windows PC after installing the latest security updates from Microsoft, then you are not alone. The patches causing these problems are KB3177725 and KB3176493. However, Microsoft has released a fix for this issue in the form of KB3187022. We recommend that you download and install this patch to resolve the issue.
by Mark | Aug 11, 2016 | Fixes, Patch Management, Patch Releases, SCCM, Security
MICROSOFT’S August 2016 PATCH RELEASES
The following nine Patch Tuesday updates / patches have been released by Microsoft for the August 2016 Update deployment.
Are you ready to start deploying and remove the patching risk using SnaPatch Patch Management Software?
MS16-095 – Critical
Cumulative Security Update for Internet Explorer (3177356)
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-096 – Critical
Cumulative Security Update for Microsoft Edge (3177358)
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.
MS16-097 – Critical
Security Update for Microsoft Graphics Component (3177393)
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, and Microsoft Lync. The vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS16-098– Critical
Security Update for Windows Kernel-Mode Drivers (3178466)
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
MS16-099 – Critical
Security Update for Microsoft Office (3177451)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS16-100 – Important
Security Update for Secure Boot (3179577)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker installs an affected boot manager and bypasses Windows security features.
MS16-101 – Important
Security Update for Windows Authentication Methods (3178465)
This security update resolves multiple vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system.
MS16-102 – Critical
Security Update for Microsoft Windows PDF Library (3182248)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
MS16-103– Important
Security Update for ActiveSyncProvider (3182332)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Universal Outlook fails to establish a secure connection.
by Mark | Jul 28, 2016 | Features, How To, Patch Releases, SCCM
SCCM 1606 Update
So what was the most exciting thing released this month? Well if you said Pokemon GO, you are on the wrong blog.
It was in fact the release of a well received update to System Centre Configuration Manager, known as update SCCM 1606.
SCCM 1606 (released on the 22nd of July 2016) introduces some great new features to an already excellent product by Microsoft. Particularly new enhancements in application management, deployment and provisioning, the experience of the end user, security and data protection and content distribution. Administrators that use SCCM in a hybrid mode with Microsoft Intune receive additional functionality. This update also includes support for the Windows 10 Anniverary update.
Exciting New Features of SCCM 1606
SCCM 1606 includes enhancements to application management, deployment and provisioning, end-user experience, security, data protection, and content distribution. If you’re using SCCM in hybrid mode with Microsoft Intune, this update provides additional functionality. Additionally, it includes support for the Windows 10 Anniversary update. Here’s a quick overview of some of the new features:
Windows Information Protection:
Create and deploy information protection policy, including choosing your protected apps and defining your EDP-protection level.
Windows Defender Advanced Threat Protection:
On-board and off-board Windows 10 clients to the cloud service and view agent health in the monitoring dashboard (requires a Windows Defender ATP tenant in Azure).
Windows Store for Business Integration:
Manage and deploy applications purchased through the Windows Store for Business portal for both online and offline licensed apps.
Windows Hello for Business policies:
Set policies for domain-joined Windows 10 devices managed by the Configuration Manager client
SCCM 1606 FAQs
| Question |
Answer |
What is SCCM 1606?
|
SCCM 1606 is a well-received update to System Centre Configuration Manager, released on July 22nd, 2016. It introduces new features to an already excellent product by Microsoft. |
What are the new features introduced in SCCM 1606?
|
SCCM 1606 introduces new enhancements in application management, deployment and provisioning, the experience of the end user, security and data protection, and content distribution. |
What are the enhancements in application management?
|
SCCM 1606 includes Windows Information Protection features that allow you to create and deploy information protection policies, including the ability to choose protected apps and define protection levels. |
What are the enhancements in deployment and provisioning?
|
SCCM 1606 includes Windows Defender Advanced Threat Protection features that enable the ability to onboard and off-board Windows 10 clients to the cloud service and view agent health in the monitoring dashboard. |
What are the enhancements in end-user experience?
|
SCCM 1606 includes Windows Store for Business Integration, allowing you to manage and deploy applications purchased through the Windows Store for Business portal for both online and offline licensed apps, as well as Windows Hello for Business policies for domain-joined Windows 10 devices managed by the Configuration Manager client. |
What are the enhancements in security and data protection?
|
SCCM 1606 includes Windows Information Protection features for creating and deploying information protection policies. |
What are the enhancements in content distribution?
|
SCCM 1606 includes Windows Store for Business Integration for managing and deploying applications purchased through the Windows Store for Business portal. |
What is the process for updating to SCCM 1606?
|
To update to SCCM 1606, ensure you have a recent backup or snapshot prior to upgrading the system. Then, highlight the SCCM 1606 update, right-click, and choose Run Prerequisite Check. Once the prerequisite check passes, highlight the SCCM 1606 update again, right-click, and choose Install Update Pack. Follow the prompts to complete the installation. |
How can I check the status of the SCCM 1606 update download?
|
You can check the download status by looking into the dmpdownloader.log file. |
What should I do if the SCCM 1606 update download freezes?
|
If the download freezes, refresh the console, and if the update is still shown as downloading, restart the SMS_EXECUTIVE service. |
How can I view the ConfigMgrPrereq.log file?
|
The ConfigMgrPrereq.log file should be located in the root of your C Drive. |
What should I do if there are issues with the prerequisite check?
|
If there are issues with the prerequisite check, review the ConfigMgrPrereq.log file to troubleshoot the issue. |
Can I deploy the SCCM 1606 update to Pre-Production environments?
|
Yes, you can select to deploy the client update to Pre-Production environments before doing a full-scale deployment to Production. |
How long will the SCCM 1606 installation take?
|
The installation process will take some time, so be patient. Once completed, you will see the update has been completed, and you can click on CLOSE. |
Updating SCCM to 1606
If you cannot see the SCCM 1606 update in your console (go to Administration, then expand Cloud Services, then highlight Updates and Servicing there is an available powershell script you can run that is supplied by Microsoft to kick off the download. (SCCM 1606 Powershell script here).
As in the above picture, you can see that the 1606 update is still downloading. You can check to see the download status, by looking in to the dmpdownloader.log.
There have been some reports of the download freezing. If after sometime you refresh the console and the update is still shown as downloading, restart the SMS_EXECUTIVE service.
Once the update has downloaded, you can start to plan for the update process. As always, make sure you have a recent backup or snapshot prior to upgrading the system, then highlight the SCCM 1606 update, RIGHT CLICK and choose Run Prerequisite Check.
Give SCCM some time to verify the update is suitable for your environment. You can view the ConfigMgrPrereq.log file (should be located in the root of your C Drive) to see if there are any issues.
Once you see Prerequisite Check Passed , again highlight the SCCM 1606 update, RIGHT CLICK and then choose Install Update Pack.
Now we start the installation. Click on NEXT.
Next you have the option to install
- VPNv2 support for third party providers
- Passport for Work
- Pre-Declare Corporate Owned Devices
- VPN for Windows 10
- Switch Software Update Point
Choose the options you wish to install then click NEXT.
If you have a Pre-Production environment you can select to deploy the client update to them before you do a full scale deployment to Production. As this is one of our many test labs, Ill choose to Upgrade without Validating. Click on NEXT.
Accept the license terms and click NEXT
On the Summary Tab, check that you are happy with the selection then click on NEXT again to proceed to then start the installation.
All going well, the progress of the installation will take some time, so be patient. You should finally see the update has now been completed and can click on CLOSE
Conclusion
SCCM 1606 provides an impressive set of new features, making it a valuable tool for managing applications and deployments. The update process is straightforward, but it’s always important to ensure you have a recent backup or snapshot prior to upgrading the system. If you’re looking for a robust solution to manage your organization’s systems, SCCM is definitely worth considering.
