Last week, I wrote on the arrival of Microsoft’s security bulletin MS14-066, containing a security update addressing several vulnerabilities in the Secure Channel. Yesterday, Microsoft issued an updated version of the update.

Source : The things that are better left unspoken | Update on MS14-066
References : It’s time to update your Secure Channel (MS14-066, CVE-2014-6321)

Read More
LAN Speed Test Lite is a very simple network performance test utility that doesn’t have to be installed. You can simply launch it from your USB stick and then measure the upload and download speed for a network share of your choice. After you click Start Test, you can configure the size of the file you want to use for the test.

Source : FREE: Network performance test – LAN Speed Test Lite - 4sysops

Read More
JavaScript Object Notation (JSON) is quickly becoming the most used data-interchange format. XML enjoyed the top spot for a long time but slowly people have been moving towards JSON. JSON is a first-class citizen in Windows PowerShell. With many automation frameworks and software products adopting JSON, it is important for system administrators to understand what is JSON and how to use it. This article is a JSON primer to give you an overview of this data-interchange format and how to use it.

Source : PowerShell Magazine » A JSON primer for administrators

Read More
Anyone who is familiar with RDCMan will be thrilled to hear that there is an updated version available! For those of you who are new to RDCMan – it is a tool that allows you to easily manage multiple remote desktop sessions:

Source : Update for RDCMan - Ben Armstrong - Site Home - MSDN Blogs

Read More
Onetastic is a free multi-purpose addin for Microsoft OneNote 2010 and 2013.
Includes OneCalendar

Source : Onetastic for OneNote

Read More
ABC-Update is a free command-line tool that allows you to install Windows updates. It is easy to use and gives you the flexibility of deploying only specific updates in your scripts.

Source : FREE: ABC-Update – Install Windows updates at the command prompt - 4sysops

Read More
NEW YORK — Nov. 12, 2014 — On Wednesday, Microsoft Corp. reinforced its commitment to cross-platform developer experiences by open sourcing the full server-side .NET stack and expanding .NET to run on the Linux and Mac OS platforms. Microsoft also released Visual Studio Community 2013, a new free edition of Visual Studio that provides easy access to the Visual Studio core toolset. The announcements kicked off Microsoft’s Connect (); event, where the company released Visual Studio 2015 Preview and .NET 2015 Preview.

Source : Microsoft takes .NET open source and cross-platform, adds new development capabilities with Visual Studio 2015, .NET 2015 and Visual Studio Online | News Center

Read More
I think that I will start this Diary with the following statement: If you use an open source CMS, and you do not update it frequently, there is a very high chance that your website if not only compromised but also part of a botnet.
"You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement"

Source : InfoSec Handlers Diary Blog - The Wonderful World of CMS strikes again

Read More
If you have read some of my previous blog posts and IIS.NET articles about WebDAV, you will see that I often use the WebDAV Redirector that is built-in to Windows in order to connect to various WebDAV websites. This allows me to access my files via a mapped drive letter, which also enables me to use WebDAV with applications that do not have native WebDAV support. (Like Visual Studio.) I'm also a big fan of OneDrive, but sometimes I'm on a legacy system where I don't have OneDrive installed. With that in mind, I thought that I would put together a quick blog series to show you how to map a drive letter to your OneDrive files.
Source : http://blogs.iis.net/
Read More
The other day I was troubleshooting 100%  CPU utilization on a SQL Server 2008 database server. The server had 100 or so databases of varying sizes however none were larger than a few hundred MB and each database had a corresponding web site on a separate web server.  Since the server hosted quite a few databases the high CPU needed to be resolved quickly because it was causing issues for everyone.  High CPU on a database server can often be symptomatic of a issues occurring outside the server. In this case the real issue was in fact being caused by a SQL Injection attack on a web server.

Source : Solving SQL Server High CPU with IIS Request Filtering | Peter Viola

Read More
Another one of the great built-in features of IIS 8 is Dynamic IP Restrictions (DIPR). With a few simple configuration steps you can quickly set limits for blocking IP addresses based on the number of concurrent requests or frequency of requests over a period time. With these parameters in place IIS will take over blocking requests unattended thereby making your server more secure.

Source : Preventing Automated Attacks with IIS Dynamic IP Restrictions | Peter Viola

Read More
Microsoft is pleased to announce the final release of security baseline settings for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11. Some of the highlights of the new security baselines (many of which we intend to backport to older versions of Windows and IE):
  • Use of new and existing settings to help block some Pass the Hash attack vectors;
  • Recommendations to control the storage of plaintext-equivalent passphrases;
  • Blocking the use of web browsers on domain controllers;
  • Incorporation of the Enhanced Mitigation Experience Toolkit (EMET) into the standard baselines;
  • Removal of the recommendation to enable "FIPS mode" (this is discussed in greater detail in this blog post: Why We’re Not Recommending “FIPS Mode” Anymore);
  • Removal of almost all service startup settings, and all server role baselines that contain only service startup settings.

Source : Microsoft Security Guidance

Read More
We have made a small number of changes in the baseline security guidance for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11 since we released the beta version of our guidance last April. This blog post discusses those changes and the reasons for them.

Source : blogs.technet.com/b/secguide

Read More
Microsoft released the new Sysinternals tools, Sysmon, which allows you to monitor Windows process creations, file creation time changes, and network connections in the Windows Event Log.

Source : 4sysops.com

Read More
Many online articles suggests using the MakeCert.exe tool available in the Windows SDK for creating a self-signed certificate, but now there is an easier approach available.
New-SelfSignedCertificate-DnsNametest.powershellmagazine.com-CertStoreLocationcert:\LocalMachine\My

Source : PowerShell Magazine » #PSTip Generating a self-signed certificate

Read More

Kansa, a free, open source, PowerShell-based incident response framework hosted at https://github.com/davehull/Kansa.

Kansa is modular. It features a core script, dozens of collector modules and analysis scripts to help make sense of the data collected. Kansa takes advantage of Windows Remote Management and PowerShell remoting. It uses PowerShell’s default non-delegated Kerberos network logons, not CredSSP and therefore does not expose credentials to harvesting.

Source : PowerShell Magazine

Read More

FREE Microsoft eBooks! Who doesn’t love FREE Microsoft eBooks? Well, for the past few years, I’ve provided posts containing almost 150 FREE Microsoft eBooks and my readers, new and existing, have loved these posts so much that they downloaded over 3.5 Million free eBooks as of last June, including over 1,000,000 in a single week last year (and many, many more since then).

Source : Eric Ligman, Microsoft Senior Sales Excellence Manager, Blog 

Read More
Microsoft this week detailed an obscure command line tool for Connected Standby (now InstantGo)-based PCs and devices that will help identify which applications are causing battery drain while the machine is sleeping. Dubbed Sleep Study, the tool is part of the powercfg.exe utility in Windows 8.1/RT 8.1 and will tell you how well the system slept and how much activity it experienced during that time.

Source : Paul Thurrott's SuperSite for Windows

Read More
With Internet Explorer 11, we’ve done work to make signing into sites faster and more reliable as well as give users more control when saving credentials. In addition, IE11 will now roam credentials to IE11 on Windows Phone 8.1!
We are giving control back to the user when deciding to save passwords on a given site.  IE11 will now prompt the user to save passwords even if the autocomplete=off attribute is set on login forms.

Source : IEBlog

Read More

Excellent post with a step-by-step procedure to create a an inbox for all your accounts in Outlook 2013.

Ref : TinkerTry

Read More
We are removing FRS from Windows Server Today I’ll talk about what this means and how to get ready. We want this to be as easy as possible and I welcome any conversations that help you move forward with migrating to DFSR for SYSVOL replication.

Source : The Storage Team at Microsoft

Read More
You may have heard about InstantGo in Windows 8.1 (known as Connected Standby in Windows 8 and Windows RT), and how it has replaced the traditional sleep or standby function in many Windows 8.1 and Windows RT 8.1 systems. What you might not know is how fundamentally different—and better—it is, and why.

Source : InstantGo: a better way to sleep

Read More
Today we’re excited to announce the release of the Internet Explorer Developer Channel, a fully functioning browser designed to give Web developers and early adopters a sneak peek at the Web platform features we’re working on. The Developer Channel is available for download today for both Windows 8.1 and Windows 7 SP1 customers running Internet Explorer 11.
IE Developer Channel can run alongside and independently of IE11, and has all of the browser features that you love in IE11, as well as the latest platform features we’re working on. As you test drive these features, make sure to give us feedback through @IEDevChat or Connect.
Source : IEBlog
Read More

Installing Android on VirtualBox is a bit more complicated than with Windows. I’ll give you a few tips on how to install and configure a virtual machine for your Android lab.

Source : 4sysops

Read More

The name of the free tool Bulk Password Control is perhaps a bit misleading because the free tool enables you to automate all kinds of bulk modifications on Active Directory user objects with a fast to use GUI.

You know this popular picture of the GUI admin who clicks all day to reset user passwords after a security breach. Bulk Password Control is a nice example that proves that such tasks can be quickly done with a GUI tool without much click-click.

Source : 4sysops.com, www.wisesoft.co.uk

Read More

To reuse script samples on the Internet, the following steps seem quite familiar to IT Pros: wandering through different script galleries, forums and blogs, switching back and forth between webpages and scripting environment, and countless download, copy and paste operations. But all of these will drive one as dizzy as a goose. Need a simpler way of searching and reusing scripts? Try out the new Script Browser add-in for PowerShell ISE!

Source : Windows powershell Blog

Read More
 There is a known issue which causes some PCs updated with the Windows 8.1 Update (KB 2919355) to stop scanning against Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2 or WSUS 3.2) servers which are configured to use SSL and have not enabled TLS 1.2.
Microsoft plans to issue an update as soon as possible that will correct the issue and restore the proper behavior for Windows 8.1 Update KB 2919355 scanning against all supported WSUS configurations. Until that time, we are temporarily suspending the distribution of the Windows 8.1 Update KB 2919355 to WSUS servers.

Source : blogs.technet.com/b/wsus/
Read More

Microsoft is taking an important step towards helping businesses stay up to date with the latest software, services, and devices. Enterprise Mode for Internet Explorer 11, announced today as an update for Windows 7 and Windows 8.1, provides better compatibility for older versions of Internet Explorer and tools to manage which Web apps use it.

Source  : IEBlog

Read More

Security Compliance Manager (SCM) is a great free tool for helping with deployments and environment hardening. This article explains what’s new in version 3.0 and describes how you can use SCM in your deployment process to secure builds.

Source : 4sysops.com

Read More

So, let me kick off this series in which I’ll be sharing what it feels like to virtualize and clone Active Directory Domain Controllers safely on both platforms, with a blogpost on finding out whether your virtual Domain Controllers may benefit from the VM-GenerationID on the VMware-based hypervisors and, thus, may be safely virtualized and cloned.

Source : The things that are better left unspoken

Read More
The rumors are true: Microsoft confirmed today that it is making a version of OneNote available for free on every major desktop and mobile computing platform, including even the Mac. Additionally, the firm has announced some new OneNote tools, OneNote Clipper and Office Lens, as well as new partner services and a new extensibility model that will make it possible for any cloud service to integrate with this amazing note-taking and thought organization solution.
You can download OneNote 2013 for Windows from OneNote.com
Read More
Check out UptimeRobot. This is a free external monitoring tool that will check your site every five minutes and send you an email, text message, twitter notification, and more. What’s even better is that it will allow you to specify up to 50 monitors in total.

Source : life as a sysadmin

Read More
Good reading from Microsoft Malware Protection Center : Malicious Proxy Auto-Config redirection
Read More
Reading view is a new feature in Internet Explorer 11 for Windows 8.1 that helps you focus on the main content of the Web page you want to read. Reading view is a way to experience just the article or blog post you want to read, without the distractions of related (or unrelated) content surrounding the story. Find an article you want to read, switch to reading view, and settle into a great reading experience. When you’re done, just exit reading view to continue browsing on the site.

Source : IEBlog

Read More

Have you ever heard about IE Enhanced Protected Mode or Mark-of-the-Web (MOTW) ?

Well, if you encounter one of those problems you should :

  • Opening IIS Failed Request Logs files (XML+XSL) from you local machine with IE result in a text page without formatting.
  • Trying to access your local web server with the 127.0.0.1 ip (not localhost) or the real local ip of your computer with IE results in an error page.

You have to blame the IE Enhanced Protected Mode for those ‘problems’. Here’s two solutions :

1) Disable the Enhanced Protected Mode
  • Open Internet Options
  • click on the Advanced tab
  • Unselect ‘Enable Enhanced Protected Mode’ in the Security Section
  • Restart IE
2) Add you site to the Intranet Zone
  • Open Internet Option
  • Click on the Security tab
  • Select the Intranet zone
  • Click on the Sites button
  • Click on the Advanced button
  • Add the following address :
http://127.0.0.1 To allow access to your local web site
about:internet To allow access to file with a MOTW (ex: IIS Failed Request Logs)

Personally I prefer option 2.

References :
Read More
KitKat is the latest Android release from Google with a lot of attractive changes both inside and outside. Before it hits every Android phone out there, you certainly have a new way to experience it with a very simple set up in VMware Workstation 10.

Source : VMware Workstation Zealot

Read More
A couple of weeks ago, I delivered a presentation on Work Folders deployments, and there was a slide on how Work Folders interoperates with other file server technologies. It occurred to me that it is worth writing a blog post about it.
  • File classification infrastructure (FCI)
  • RMS encryption
  • Quotas and File screen
  • DFS Replication
  • Failover Clustering
  • SMB
  • Dynamic Access Control (DAC)

Source : The Storage Team at Microsoft - File Cabinet Blog

Read More

In Silicon Valley (and in media satellites that take the NoCal mindset to New York and beyond), everyone has an iPhone, a MacBook Pro, and a Gmail account. Microsoft products and services might as well be from Mars. So be skeptical when you read analyses or predictions of what's coming next from Redmond.

  • “The Nokia acquisition is a colossal mistake”
  • “Microsoft hates Open Source”
  • “Everyone hates Microsoft Office”
  • “Internet Explorer is a buggy, incompatible mess”
  • “Bing is a money-losing flop”
  • “Windows is fundamentally insecure and unreliable”
  • “Xbox should be spun off into a separate business”
  • “The ‘One Microsoft’ reorg is just rearranging deck chairs on the Titanic”
  • “Windows Phone is a failed experiment”
  • “Windows RT is dead”

Read the full article at The Ed Bott Report

Read More

Hello everyone, I am Palash Acharyya, Support Escalation Engineer with the Microsoft Platforms Core team. In the past decade, we have come a long way from Windows Server 2003 to all the way to Windows Server 2012R2. There has been a sea-change in the overall Operating System as a whole, and we have added/modified a lot of features. One of these is Disk Defragmentation and I am going to talk about it today.

Source : blogs.technet.com/b/askcore

Read More

Must read article about WinSXS folder and what’s new in Windows 8.1/2012 R2

  • Component Store Analysis Tool
  • Component Store Cleanup

Ref : blogs.technet.com/b/askcore

Read More
Apple's solidly built PCs have developed a cult following over the years, but they never made a dent in the enterprise. Why did the Mac fail to crack the enterprise code? I've found six reasons.

Source : The Ed Boot Report

Read More
No matter the application, I’ve always had three issues with MSIs. First,editing the MSI is a pain. Orca makes this a little less painful but the tool is starting to show some age. Second, distributing drivers with the original MSI is nearly impossible! Most of the time, the solution is using a mixture of DEVCON/PNPUTIL or a deployment share. Finally, custom actions (such as activations or follow-up procedures) have to be manually ran or deployed with Group Policy. There isn’t a simple way to embed these into an MSI.
There is one easy free solution to all of these issues. Today, we are going to use Scalable’s Smart Packager to make your MSI maintenance simple.

Source : DeployHappiness

Read More
Next PostNewer Posts Previous PostOlder Posts Home