Security: MS Security Advisory 2286198 (Zero-day)

security-ms-security-advisory-2286198-zero-day

The lastest zero-day Windows vulnerability (All versions) can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV.

Chester Wisniewski’s Blog (working at Sophos) describes the use of a GPO to protect you against the exploit. The GPO should disallow the use of executable files that are not on the C: drive. If you need to run executable files from a network drive (old programs?) just specify the specific network paths in the GPO.

The exploit in action

, ,

No Comments

MDT 2010: Creating a repository

mdt-2010-creating-a-repository

When doing a simple setup I create 3 folders – MDT, MDTLogs and MDTSetup. MDT is the production share, MDTLogs is for log files and MDTSetup is for my drivers (to be imported), my custom scripts and the applications (copy of).

Every installation is different – some use DELL, others HP and some even ACER, so what about creating a batch that can setup folders within the repository for a specific hardware vendor.

A simple batch like this with 4 parameters (make, model, architecture & revision) will create the folder structure for you

Note. If you are deploying DELL machines then just go here and download their CAB files, extract them (using WINRAR) to the newly created folders and finish off with importing them into MDT using the workbench.

,

No Comments

Starting a New Job at Systemtech A/S

starting-a-new-job-at-systemtech-as

I’ll start as System Consultant at Systemtech A/S August 2., so if you need help with WDS/MDT or MDT/SCCM -> call us at +45 70 30 00 00

,

No Comments

MDT 2010: Injecting Intel storage drivers into a XP WIM

mdt-2010-injecting-intel-storage-drivers-into-a-xp-wim

This is GREAT news for admins working with MDT and Windows XP deployments – a script that can inject Intel storage drivers into a XP WIM.

So build your base XP image using Virtual PC and do a capture. Now deploy the WIM and during the deployment use the script to inject the storage drivers like you would do in SCCM.

If I count the hours that I’ve spent on written the perfect sysprep.inf file to build my XP Master image and at the end do a capture … damn

Get the script here and give the man some love and respect!

, , ,

No Comments

PatchMan: Adobe Reader in “protected mode”

patchman-adobe-reader-in-protected-mode

I use Foxit Reader to view PDF’s simply because of the many vulnerabilities in Adobe Reader.

Adobe has now announced, that Adobe Reader will be available in “protected mode” in the next major release (Protected mode has also been used in applications like Internet Explorer, Google Chrome and Microsoft Office 2010). In “protected mode” Adobe Reader will display the PDF file on the PC in a “very restricted manner” inside a sandbox.

Read more on The Adobe Reader and Acrobat Security Initiative here
Read more on Adobe Reader Protected here

, ,

No Comments

PatchMan: iTunes 9.2.1 is out – update now!

patchman-itunes-9-2-1-is-out-update-now

I love my iPod and with it follows iTunes. The latest vulnerability in iTunes was reported to Apple by Clint Ruoho of Laconic Security and it has been fixed in version 9.2.1.

This is a buffer overflow in the handling of “itpc:” URLs. Accessing a malicious site through this protocol could lead to remote code execution (itpc URLs are used iTunes to access podcast feeds).

Read more here
Download the updated version here

, , ,

No Comments

Security: Secure web browsing (Follow-Up)

security-secure-web-browsing-follow-up

I’m currently testing the Secure Web Browser (Firefox) from Dell KACE.

Before that came out I’ve used a simular setup -> VMware Player and the Browser Appliance from VMware’s Virtual Appliance Marketplace.

Download VMware Player here
and find the Browser Appliance here

, , ,

No Comments

Security: Dell KACE offers free secure web browser

security-dell-kace-offers-free-secure-web-browser

Based on Firefox 3.6 with add-ons like Adobe Flash and Adobe Reader.

The browser is virtualized using Dell KACE’s “Virtual Kontainer” technology and the initial release is for 32-bit versions of Windows 7, Vista, and XP only.

Get the download here (MSI package)

, ,

No Comments

WSUS: Publish your own updates to WSUS

wsus-publish-your-own-updates-to-wsus

Local Update Publisher … just found this App on SourceForge
It allows you to publish your own updates to WSUS

Gotta check it out later today …

, ,

No Comments

Downloads: VMware ESXi 4.1 released

downloads-vmware-esxi-4-1-released

Well I’m a few days behind on this one …
Some of the new features are:

  • USB Passthrough
  • Seriel Passthrough
  • vCenter Converter Hyper-V Import

Read more here

One of the things that I’ll look into after the upgrade is the possibility of booting ESXi from SAN (iSCSI, FCoE, and Fibre Channel boot are supported).

, ,

No Comments