April 2009 - Posts

[MMS] System Center Configuration Manager 2007 Service Pack 2

In this demo Jeff Wettlaufer demonstrates how to use ConfigMgr SP2 to deploy Windows 7 WIRELESSLY using vPro. AND with Windows 7 and the new version of USMT you can do an in-place upgrade WITHOUT having to move the user data off the machine, re-image it and then squirting the user data back down to the machine again - WOW how cool is that?

PS - Check out the “Accountants” ;-)

<iframe src="http://www.microsoft.com/presspass/silverlightApps/videoplayer2/standalone.aspx?contentId=MMSKeynoteDay2Clip1&src=/presspass/presskits/infrastructure/channel.xml&WT.cg_n=xInfra&WT.z_convert=embed" width="400" height="334" frameborder="0" scrolling="no"></iframe>

[MS Security Bulletin] Security Advisory Notification - Issued: April 29, 2009

Security Advisories Updated or Released Today
* Microsoft Security Advisory (960715)
  - Title: Update Rollup for ActiveX Kill Bits
  - http://www.microsoft.com/technet/security/advisory/960715.mspx
  - Revision Note: V1.1 (April 29, 2009): Added an entry to Frequently Asked Questions to communicate that users with Windows Server 2008 Server Core installation do not need to
    install this update.   

[MS Security Bulletin] Minor Revisions - Issued: April 29, 2009

Summary
The following bulletins have undergone a minor revision increment.  Please see the appropriate bulletin for more details.
  * MS09-013 - Critical


Bulletin Information:
* MS09-013 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms09-013.mspx
  - Reason for Revision: V1.1 (April 29, 2009): Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, to communicate that the Known issues with this security update section in the associated Microsoft Knowledge Base Article 960803 has been updated. This is an informational change only. 
  - Originally posted: April 14, 2009
  - Updated: April 29, 2009
  - Bulletin Severity Rating: Critical
  - Version: 1.1

[MS Security Bulletins] Major Revisions - Issued: April 29, 2009

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.
  * MS09-012 - Important
  * MS08-076 - Important
  * MS08-069 - Critical

Bulletin Information:
* MS09-012 - Important
- http://www.microsoft.com/technet/security/bulletin/ms09-012.mspx
- Reason for Revision: V2.0 (April 29, 2009): Added an entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update to communicate the rerelease of the
    Norwegian-language update for Microsoft Windows 2000 Service Pack 4 (KB952004). Customers who require the Norwegian-language update need to download and install the
    rereleased update. No other updates or locales are affected by this rerelease. 
- Originally posted: April 14, 2009
- Updated: April 29, 2009
- Bulletin Severity Rating: Important
- Version: 2.0


* MS08-076 - Important
- http://www.microsoft.com/technet/security/bulletin/ms08-076.mspx
- Reason for Revision: V4.0 (April 29, 2009): Added Windows Media Services 2008 (KB952068) on 32-bit and x64-based editions of Windows Server 2008 Service Pack 2 as affected software. Also, added Windows Server 2008 for Itanium-based Systems Service Pack 2 as non-affected software. This is a detection change only; there were no changes to the binaries. Customers who have already successfully installed KB952068 do not need to reinstall. 
- Originally posted: December 9, 2008
- Updated: April 29, 2009
- Bulletin Severity Rating: Important
- Version: 4.0


* MS08-069 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
- Reason for Revision: V2.0 (April 29, 2009): Added Microsoft XML Core Services 4.0 (KB954430) on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2 as affected software. Also added as non-affected software:
    Microsoft XML Core Services 3.0 and Microsoft XML Core Services 6.0 on 32-bit and x64-based editions of Windows Vista Service Pack 2 and on 32-bit, x64-based, and Itanium-based editions of Windows Server 2008 Service Pack 2.
    This is a detection change only; there were no changes to the binaries. Customers who have already successfully installed KB954430 do not need to reinstall. 
- Originally posted: November 11, 2008
- Updated: April 29, 2009
- Bulletin Severity Rating: Critical
- Version: 2.0

[MMS] HP Delivers Industry-first Management Capabilities for Microsoft System Center

HP today announced HP Insight Control suite for Microsoft® System Center (HP ICE-SC), the industry’s first integrated management environment to lower infrastructure costs and improve uptime of HP server and Microsoft software environments.

By integrating the server management features of HP ProLiant and HP BladeSystem into Microsoft System Center consoles, administrators can gain increased visibility into, and greater control of, their technology environments. This enhanced visibility into the health of IT systems enables a faster response in the event of server failure, reducing the risk of downtime. By automating server deployments and updates, administrative productivity is also greatly improved...

http://www.hp.com/hpinfo/newsroom/press/2009/090428c.html

[MS KBs] New KB Articles At Microsoft 28 Apr 2009 - Weekly Summary

.NET Framework 2.0


970519 You receive a "The incoming tabular data stream (TDS) remote procedure call (RPC) protocol stream is incorrect" exception when using NVarchar parameters with Sqlclient


Internet Information Services 6.0

967853 FIX: IIS 6.0 may close a connection unexpectedly when a client application sends approximately 4,000 POST requests by using chunked transfer encoding on the same HTTP connection


Operations Manager (MOM) 2005

969286 A script that was embedded by an authenticated MOM 2005 user in an alert object's alert history field is executed unexpectedly on the MOM 2005 SP1 Web console


Outlook 2003

969599 Outlook: Disabling Meeting Regeneration is not recommended as it may cause problems with your calendar


SQL Server 2000

959678 FIX: When you run the SPSBackup.exe utility to back up a SQL Server 2000 database that is configured as a back-end database for a Windows SharePoint Services server, the backup operation fails


SQL Server 2005

968872 How do I open the firewall port for SQL Server on Windows Server 2008?

967909 Cumulative update package 3 for SQL Server 2005 Service Pack 3

961811 FIX: The CPU usage and the memory usage increase gradually and many session IDs are in the dormant status in SQL Server 2005

967908 Cumulative update package 13 for SQL Server 2005 Service Pack 2

969021 FIX: A query that contains the IS NOT NULL clause returns an incorrect result in SQL Server 2005

967101 FIX: The performance of database mirroring decreases when you run a database maintenance job that generates a large number of transaction log activities in SQL Server 2005

968864 FIX: Error message when you run a query in SQL Server Compact 3.5: "The column name cannot be resolved to a table. Specify the table to which the column belongs"

968381 FIX: All records in the query log table are truncated when you synchronize a database in SQL Server 2005

967522 FIX: The SQL Server engine in SQL Server 2005 may consume large amounts of memory during the setup configuration phase

961106 FIX: Error message when you run a query in SQL Server 2005: "Internal Query Processor Error: The query processor could not produce a query plan"

961050 FIX: When you run a query that has a parallel execution plan in parallel under the READ COMMITTED isolation level on a database that is set the READ COMMITTED SNAPSHOT option in SQL Server 2005, the query that you may obtain may return uncommitted data

968449 FIX: A query that runs in parallel on a multiprocessor computer returns incorrect results in SQL Server 2005

968914 FIX: When you convert a TEXT column to a VARCHAR(MAX) column, an NTEXT column to a NVARCHAR(MAX) column, or an IMAGE column to a VARBINARY(MAX) column, the original NULL values in these columns may become empty strings in SQL Server 2005

967337 FIX: When you run a stored procedure that contains a query that uses the FOR XML EXPLICIT clause, you may obtain a schema that is badly formed in SQL Server 2005

969466 FIX: Error message when you run a query that uses the CASE function in SQL Server 2005: "Conversion failed when converting the value '' to data type "

967199 FIX: The Wmiprvse.exe host process stops responding when you run a SQL Server 2005-based application that sends a Windows Management Instrumentation (WMI) query to the SQL Server WMI provider

961049 FIX: When you run a query that uses the NOLOCK table hint in SQL Server 2005 to retrieve BLOB data, the query runs very slowly

962903 FIX: The population process stops responding when you create an additional full-text catalog in SQL Server 2005

968233 FIX: A SQL Server 2005 database becomes offline unexpectedly when you run an application that uses service broker on this database

967206 FIX: You obtain incorrect values for a column when you use the OPENROWSET function to import data from a data file by using an XML format file in SQL Server 2005


Windows Server 2003

969550 A Stop error occurs on an HP ProLiant server that has the firmware from an E200/E200i HP Smart Array SAS/SATA controller installed on any Windows Server platform

962965 A Windows Server 2003 SP2-based computer stops responding when you move lots of files from one directory to another

969880 Event ID 50 is logged when you try to restore a large sparse file on a Windows Server 2003-based computer

956114 You cannot use a UPN-formatted user name to log on to a Windows Server 2003-based FTP server that is running IIS 6.0 if the domain controller for authentication is running Windows Server 2008

968502 A system state backup operation fails on a Windows Server 2003-based computer if the computer belongs to a site that uses high latency WAN links


Windows Vista Enterprise

970453 Error message when filtering on more than 22 Event Sources in Event Viewer: "The Specified Query is Invalid"

967776 Stop errors in Windows Vista or Windows Server 2008: “Stop: 0x00000018” or “STOP: 0x000000C2”

950666 You cannot set the file create attribute or the update time attribute for some files that you want to burn to a CD-R/RW disc by using Image Mastering API (IMAPI) version 1 in Windows Vista and Windows Server 2008

970511 Windows File Backup fails with error 0x81000008 on a Windows Vista-based computer

970378 Unexpected behavior occurs after monitor cable disconnected during DVD playback in Windows Media Player.

970415 The settings on the "Define power buttons and turn on password protection" dialog box may not match the Advanced power settings

970465 You may not be able to open the Volume Mixer window using a touch screen on a Windows Vista-based computer

[MMS] Cinderella you CAN go to the ball

Thinking you’re missing out by NOT being at MMS?

Well you CAN be there thanks to Microsoft’s new Virtual Attendee package that gives you:

  • Access to the MMS 2009 CommNet now and after MMS
  • Live Webcast of the MMS 2009 Keynotes*
  • Video Recordings of Breakout session topics**
  • Downloadable PowerPoint slide decks from the Breakout sessions
  • Hands-on Lab Manuals
  • Sample files shared by Speakers
  • Access to the MessagePoint system for online discussions with other attendees
  • Copy of the MMS 2009 Post-show DVD set mailed shortly after the event (a $275 value)
  • Copy of the MMS 2009 Hands-on Lab Walkthrough DVD mailed after the event (a $125 value)
  • Access to all MMS 2009 Online content for 3 months after the event closes

How much? ONLY $350 which to me is a bargain.

To find out more goto the MMS 2009 Online Attendee Registration Site

And in case you’re wondering what sessions are being offered you can either view the list of sessions online or download a PDF.

[Misc] Network Monitor V3.3 is now available

Looks like some good stuff in this latest release:

Please download Network Monitor 3.3 from Microsoft.com. Visit the Network Monitor 3.3 Release Blog to get more information about this release.

To provide feedback, go to our scenario voting page, and let your opinion be heard.

What’s New in Network Monitor 3.3?

· Ability to capture on WWAN and Tunnel interfaces on Win7.

· Critical fixes to NM3.3 to operate correctly with Hyper-V.

· Right-click-add-to-alias. Right-click a frame in the Frame Summary window with an IPv4, IPv6, or MAC address to add that address as a new alias.

· Right-click-go-to-definition: Right-click a field in the Frame Details windows and select Go To Data Field Definition or Go To Data Type Definition to see where the field is defined in the NPL parsers.

· Auto-scroll. See the most recent traffic as it comes in. In a live capture, click the Autoscroll button on the main toolbar to have the Frame Summary window automatically scroll down to display the most recent frames as they come in. Click Auto-scroll again to freeze the view in its present location.

· Experts available online: Experts are stand-alone applications that analyze Network Monitor capture data. Various experts are available online at http://go.microsoft.com/fwlink/?LinkID=133950.

· Frame Comments: Attach comments to frames in a saved capture file. Select the Frame Comments tab in the lower-right window to add, view, edit, or delete comments.

· API Extensions: API methods have been added to enable access to conversation information, properties, field display strings, and comments.

· Ability to open ETL files and correlate information by Network Tracing scenario.

· Set of core parsers to improve parsing performance. These can be accessed by changing the Common and Windows set of parsers to stubs:

From the Tools menu, select Options

· Go to the Parsers Tab

· Select the folder you want to stub out (Common or Windows)

· Click on the Stubs button on toolbar

· See our Release Notes for a complete list of new features and known issues.

· Experts: Experts are stand-alone applications that analyze Network Monitor capture data. Network Monitor 3.3 provides a simple interface for registering experts with the product and invoking them on a saved capture file. We have made some initial experts available online. Do you have a network troubleshooting need that is not currently met by Network Monitor or our available experts? Why not suggest your own expert? Please use the feedback link on the left to submit a description of the analysis task you want to solve (you must first join our connection) and we will work with you to create an expert for the community to enjoy.

[MS Security Bulletin] Minor Revisions - Issued: April 22, 2009

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
  * MS09-016 - Important
  * MS09-014 - Critical
  * MS09-012 - Important
  * MS09-011 - Critical
  * MS09-009 - Critical

Bulletin Information:
===============
* MS09-016 - Important
  - http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx
  - Reason for Revision: V1.1 (April 22, 2009): Corrected registry
    key verification entries in the deployment reference tables
    for ISA Server 2004 and ISA Server 2006. 
  - Originally posted: April 14, 2009
  - Updated: April 22, 2009
  - Bulletin Severity Rating: Important
  - Version: 1.1

* MS09-014 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms09-014.mspx
  - Reason for Revision: V1.2 (April 22, 2009): Corrected the FAQ,
    "Is it possible to enable the Internet Explorer
    defense-in-depth protection for the blended threat
    vulnerability on Microsoft Windows 2000" in the section,
    Frequently Asked Questions (FAQ) Related to This Security Update. 
  - Originally posted: April 14, 2009
  - Updated: April 22, 2009
  - Bulletin Severity Rating: Critical
  - Version: 1.2

* MS09-012 - Important
  - http://www.microsoft.com/technet/security/bulletin/ms09-012.mspx
  - Reason for Revision: V1.2 (April 22, 2009): Added entry to the
    section, Frequently Asked Questions (FAQ) Related to This
    Security Update, to communicate that the Known issues with
    this security update section referenced in the associated
    Microsoft Knowledge Base Article 959454 has been updated.
    This is an informational change only. 
  - Originally posted: April 14, 2009
  - Updated: April 22, 2009
  - Bulletin Severity Rating: Important
  - Version: 1.2
* MS09-011 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms09-011.mspx
  - Reason for Revision: V1.1 (April 22, 2009): Added Microsoft
    Windows 2000 Service Pack 4 with DirectX 7.0 to the
    Non-Affected Software table. This is an informational change only. 
  - Originally posted: April 14, 2009
  - Updated: April 22, 2009
  - Bulletin Severity Rating: Critical
  - Version: 1.1


* MS09-009 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms09-009.mspx
  - Reason for Revision: V1.1 (April 22, 2009): Added Excel Viewer
    2003 Service Pack 3 to the MBSA and SMS tables in the
    section, Detection and Deployment Tools and Guidance. This is
    an informational change only. There were no changes to the
    security update binaries or detection logic. 
  - Originally posted: April 14, 2009
  - Updated: April 22, 2009
  - Bulletin Severity Rating: Critical
  - Version: 1.1

[MS KBs] New KB Articles At Microsoft 21 Apr 2009 - Weekly Summary

Internet Information Services 6.0


970268 Internet Information Services (IIS) 6.0 responds with an HTTP 200 status to requests handled by ssinc.dll that are appended with an extra URI segment

970140 "HTTP Error 404 - File or Directory not found" error message when you request dll or exe files with IIS 6.0


Operations Manager (MOM) 2005

969286 A script that was embedded by an authenticated MOM 2005 user in an alert object's alert history field is executed unexpectedly on the MOM 2005 SP1 Web console


Outlook 2003

969599 Outlook: Disabling Meeting Regeneration is not recommended as it may cause problems with your calendar


System Center Operations Manager 2007

969572 Agent push installation fails when Operations Manager 2007 tries to read the PROCESSOR_ARCHITECTURE environment variable, and the PATH variable is over 1,024 characters

970219 OpsMgr 2007: Backup programs may fail to backup the event log when the 64-bit agent is installed

969573 System Center Operations Manager 2007 considers an object that contains a wildcard string to be a member of the group when a group uses a wildcard inclusion formula that targets a principal name


Visio 2003

970266 Printing to Postscript printers using A4 page size at 300DPI causes text to become bitmapped


Windows Server 2003

960803 MS09-013: Vulnerabilities in Windows HTTP services could allow remote code execution

969289 All network share access through the SMB protocol (client-side redirector) may fail on a Windows Server 2003-based computer

960477 MS09-010: Vulnerability in WordPad and Office text converters could allow remote code execution

959454 MS09-012: Vulnerabilities in Windows could allow elevation of privilege

969219 RPC 0x800706ba and 0x800706bf errors occur when backup software tries to create VSS shadow copies on a computer that is running Windows Server 2003 SP2

969299 A DNS zone transfer between two Windows Server 2003-based DNS servers generates incomplete zone data when the DNS transfer process stops unexpectedly

923561 MS09-010: Description of the update for Windows WordPad Converter: April 14, 2009

956572 MS09-012: Description of the security update for Windows Service Isolation: April 2009

959426 MS09-015: Blended threat vulnerability in SearchPath could allow elevation of privilege

969429 Windows 7 clients cannot locate the Active Directory Management Gateway service that is installed on Windows Server 2003-based domain controllers

961373 MS09-011: Vulnerability in Microsoft DirectShow could allow remote code execution

967176 A Windows Server 2003-based file server may return file identifiers (Fids) that have the 0xffff value under heavy stress

970084 A hotfix is available to update the Daylight Saving Time for the "(GMT +5:00) Islamabad, Karachi" time zone for the year 2009 for Windows Vista-based and Windows Server 2008-based computers

952004 MS09-012: Description of the security update for MSDTC Transaction Facility: April 2009

957910 A Windows Server 2003 SP2-based iSCSI boot server cannot generate dump files if the server uses a Storport virtual miniport as the LUN controller

968597 The Tcpipv6.sys driver stops responding to any TCP/IPv6 requests on a Windows Server 2003 SP2-based computer when the driver binds to many network adapters

962994 Windows Server 2003 SP2-based domain controllers return incorrect error code to Kerberos requests during the shutdown process

959976 Event ID 24 is logged when you install WMI SNMP Provider on a computer that is running an x64-based version of Windows Server 2003


Windows Vista Enterprise

958069 Stop error when you start a Windows Vista-based computer even though hotfix 946084 is installed on the computer: "0x0000C1F5"

969853 Stop error message when you try to put a Windows Vista-based computer or a Windows Server 2008-based computer into hibernation: "STOP: 0x000000A0 (0x00000009, 0xc000009a, 0x00000000, 0x00000000) INTERNAL_POWER_ERROR (a0)"

969417 How do I enable User Account Control in Windows Vista?

968873 The Recycle Bin icon does not refresh automatically in Windows Vista or in Windows XP

960490 You experience some issues when you use external storage media in Windows Media Player 11

970313 The Default Gateway may have been set to 0.0.0.0 on a Windows Vista-based or later OS running Apple’s Bonjour service

[MMS] MMS Alumni help needed at Freshmen Orientation sessions

My good friend Warren Byle has devised and been running a Freshman’s Orientation which is one of the very first sessions at MMS to help newbies (and oldies alike), get an understanding of what to expect at MMS, how it works, things to look out for and a whole bunch of tips that prove invaluable.

One part of the session I think is great is volunteers from the various countries/ regions stand around the outside of the room and Warren introduces each person and their region so once the session is over people can go and stand with other people from their country/ region.

GREAT way to meet folks from your part of the world and network.

Now unfortunately I can’t make MMS this year so can’t help Warren out and I know he needs other country/ region volunteers so if you can help ping me a mail and I’ll pass your details on him.

Safe trip if you’re going to MMS (commiserations if you’re not we can mope around together next week) and don’t have too much fun ;-)

[MMS] BOF Sessions announced

The Birds-of-a-Feather Topics have now been announced and there looks like there are some crackers. More details at:

http://www.mms-2009.com/public/boftopics.aspx

There’s also still time to register at www.mms-2009.com but get in quick.

[MS Security Bulletins] Minor Revisions - Issued: April 16, 2009

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
  * MS09-010 - Critical

Bulletin Information:
==============
* MS09-010 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx
  - Reason for Revision: V1.1 (April 16, 2009): Added a warning
    message to the workarounds for disabling the converters,
    stating you must undo the workaround before installing this
    security update. This is an informational change only. 
  - Originally posted: April 14, 2009
  - Updated: April 16, 2009
  - Bulletin Severity Rating: Critical
  - Version: 1.1

[MS Security Bulletins] Minor Revisions - Issued: April 15, 2009

Summary
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
  * MS09-015 - Moderate
  * MS09-014 - Critical
  * MS09-012 - Important

Bulletin Information:
* MS09-015 - Moderate
  - http://www.microsoft.com/technet/security/bulletin/ms09-015.mspx
  - Reason for Revision: V1.1 (April 15, 2009): Added FAQs in the section, Frequently Asked Questions (FAQ) Related to This Security Update as well as in the Vulnerability section for
    CVE-2008-2540 to explain the relationship between CVE-2008-2540 in this bulletin and in MS09-014. Also added Microsoft Knowledge Base Article 959426 as a reference for
    instructions in implementing SetSearchPathMode in Microsoft Windows 2000. 
  - Originally posted: April 14, 2009
  - Updated: April 15, 2009
  - Bulletin Severity Rating: Moderate
  - Version: 1.1


* MS09-014 - Critical
  - http://www.microsoft.com/technet/security/bulletin/ms09-014.mspx
  - Reason for Revision: V1.1 (April 15, 2009): Added FAQs in the section, Frequently Asked Questions (FAQ) Related to This Security Update as well as in the Vulnerability section for
    CVE-2008-2540 to explain the relationship between CVE-2008-2540 in this bulletin and in MS09-015.  
  - Originally posted: April 14, 2009
  - Updated: April 15, 2009
  - Bulletin Severity Rating: Critical
  - Version: 1.1


* MS09-012 - Important
  - http://www.microsoft.com/technet/security/bulletin/ms09-012.mspx
  - Reason for Revision: V1.1 (April 15, 2009): Corrected the FAQ for the Windows Thread Pool ACL Weakness Vulnerability (CVE-2009-0080) to remove an erroneous "What does the update do" entry. This is an informational change only.  
  - Originally posted: April 14, 2009
  - Updated: April 15, 2009
  - Bulletin Severity Rating: Important
  - Version: 1.1

More Posts Next page »