Vol. 23, #6 - February 12, 2018 - Issue #1168

WServerNews: Last word (for now) on Meltdown/Spectre

Avoiding GDPR Penalties – 5 Key Principles

 Image

The GDPR grace period for businesses to get themselves compliant ends on May 25, 2018. Join this exclusive session with Mike Resseler, Veeam Product Management Director, as he discusses our insights and five key lessons that we learned through our compliance to help you on the path to thinking about GDPR compliance. Find out the existing data management strategies and tactics for efficient IT assessment. 

Register now.


Editor's Corner

This week's newsletter takes one last look at Meltdown/Spectre and highlights one of the best resources available for learning more about these vulnerabilities and how to deal with them. We also have an Ask Our Readers question which we're hoping some of our readers will be able to help out with. And be sure also to check out the New on Techgenix.com section below which has some links to articles whose technical content has been contributed by some of our newsletter readers. And finally, we also have our usual "par for the course" collection of tips, tools, articles, and fun stuff that we've been "putting" forth for you for many years. Oh sorry that's a really bad pun, I hope I haven't "teed off" anyone…

Speaking of golf though, how many of our readers hit the links after work on a beautiful summer afternoon? Or like many IT pros do you prefer to play it on your PlayStation or Xbox? Guess which one Dilbert prefers:

http://www.wservernews.com/go/hg7yo1a4/

And who says fresh air is good for your health?

By the way, if it's health your looking for, make sure you're subscribed to our other weekly newsletter FitITproNews and join the F2F (Farewell to Fat) Revolution! Go here for the most recent issue of FitITproNews:

http://www.wservernews.com/go/lk9vbz60/

And go here to subscribe to FitITproNews and other TechGenix newsletters:

http://www.wservernews.com/go/me4w9n27/

 

Ask Our Readers - Issue with network printers with Win10 in WS2008R2 domain

A reader named David reached out to us with the following problem:

I have recently built some new desktops for our nonprofit, and after installing Windows 10 Professional on the local machines, joined the machines to the Server 2008 R2 domain (as domain administrator) and logged into the domain. As a domain admin, I have no control over any of the network printers on the new machines! If the printer was not installed by the local administrator, then is does not appear on the new desktop, and cannot be added by anyone in the domain. I am not running a print server on the domain, as Windows 7 machines did not require it, and I can still control the printers on the Windows 7 machines without any problems. Other Windows 10 Professional machines installed earlier are working just fine with the existing network printers.

So far, I have tried changing the User Access policy, adding the domain admins to the security tab on each printer as a local admin, added a print server to the domain controller (Yikes! What a nightmare!), and tried adding printers as the domain admin (won't work. HP printers want me to use an app. Its a desktop people. Why an app?). I changed the Group Policy on the server (Nope!). Help, please?

Do any of our readers have any suggestions concerning David's problem? Email us at wsn@mtit.com


Ask Our Readers 

WServerNews now has over 400,000 subscribers worldwide! That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at wsn@mtit.com

 

From the Mailbag

In Issue #1166 Intel Melts Down we talked about the Intel Meltdown/Spectre patch fiasco and seeks advice from our readers how best to deal with it and similar issues. One reader named Chris who works for an office products company replied with some simple but wise advice:

With over 30 years' experience in the IT industry, I have learned that this situation requires patience. I did not install any BIOS updates on the couple dozen servers and hundreds of desktops I maintain. I figured I would wait for the dead bodies to rise to the surface first. And that is exactly what happened.

And back in Issue #1164 IT the China way your Editor ruminated on the subject of China and its impact on in our IT-driven world. This precipitated the following fascinating response from Charles Lewis, a reader based in Tallahassee, Florida, USA:

Mitch, I subscribe to several YouTube vlogs, they're my window on the world in my old age. In case you might be interested, here are links to two living-in-China vloggers:

1. An aspiring travel journalist living in Shenzhen, China (just over the border from Hong Kong).

http://www.wservernews.com/go/zd3vdtxt/

(9:53, using apps & technology to communicate in China)

http://www.wservernews.com/go/agqdnqnn/

(All her vlogs)

To make it more complex, the patches weren't properly tested, because the news leaked out too fast. As a result, the available patches were rolled out while lacking proper testing and their results. So companies like Microsoft found themselves in a split. Either to make the patches available and make them look bad because the patches themselves introduced new issues and challenges, or not to roll them out and make them look bad as well. So now the patches are available but do have warnings because there are potential risks attached to them. As a workaround - for the Microsoft patches - you can prevent the installation. But when you do that, future patches won't install either. Meaning, somewhere in time, the patches for Meltdown HAVE to be installed, because the alternative is even worse, making your systems vulnerable to other exploits as well for which are patches available but not installed...

2. This vlogger has nothing to do with servers, technology, etc. She is an Indonesian who teaches English at a private Muslim school in Yinchuan, China (northwest China, near inner Mongolia):

http://www.wservernews.com/go/4xa8eafr/

(17:25, Cashless in China)

http://www.wservernews.com/go/k92lakii/

(11:21, Bank and Supermarket in China)

http://www.wservernews.com/go/hchw6hpc/

(13:16, Muslim in Northwest China)

http://www.wservernews.com/go/j2j9d9l6/

(All her vlogs)

And a little late, but... Happy New Year!

Thanks for this, we appreciate all our readers' comments even if they aren't specifically IT-related.

And now on to the main topic of this week's newsletter…

 

Last word (for now) on Meltdown/Spectre

I don't know about you but I've had difficulty keeping up with processing the flood of information coming out concerning the Meltdown and Spectre vulnerabilities. As a result I thought it would be cool if someone could set up a Wiki or other site with a detailed Q&A and demos and the latest news could be made available for IT pros. Not wanting to make so much work for myself I thought maybe I could conscript a few of our readers to set up and manage something like this, but then I thought most of our readers are probably too busy with their work to even consider doing something like this. So I googled and binged and quackquacked around to see if someone else has already done something like this, but came up empty. 

Then a colleague pointed me to this site:

http://www.wservernews.com/go/ubwfp3tv/

This site is the closest I can find to a comprehensive Meltdown/Spectre Wiki/Q&A so you might want to browse through and add it to your favorites. Note that the site doesn't render well in IE but looks fine in Edge. 

If any of our readers finds a better site than this one, please let me know by emailing me at wsn@mtit.com

More Meltdown/Spectre news

Dell is apparently recommending that their customers do not install the BIOS updates that are supposed to resolve Spectre v2 vulnerabilities. BleepingComputer has more about this here:

http://www.wservernews.com/go/iu75ugys/

There's also a Dell KB article about this:

http://www.wservernews.com/go/30yb3x45/

Intel apparently plans to release new chips later this year that will include built-in protections against the Spectre and Meltdown attacks. You can read more about this on BusinessInsider here:

http://www.wservernews.com/go/lqizy5or/

Finally, Windows admins may want to read this post on Rod Trent's site myITforum which concerns receiving Windows security updates when using third-party antimalware products:

http://www.wservernews.com/go/pabpygjf/

If you find more Meltdown/Spectre news you feel we should share with our readers, email us at wsn@mtit.com

 

Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at wsn@mtit.com


Recommended for Learning

Download the Truly consistent hybrid cloud with Microsoft Azure whitepaper

If you are planning on integrating and extending your on-premises infrastructure with Azure, download the Truly Consistent Hybrid Cloud With Microsoft Azure whitepaper:

http://www.wservernews.com/go/f79n2at2/

 

Microsoft Virtual Academy

SQL Database Fundamentals

Would you like to learn the basics of relational databases? Join us for this look at SQL Database fundamentals, along with those of database management systems and database components. Get an in-depth introduction to the terminology, concepts, and skills you need to understand database objects, administration, security, and management tools. Plus, explore T-SQL scripts, database queries, and data types:

http://www.wservernews.com/go/slgxmcuw/


Factoid of the Week - Movies about trains

Last week's factoid and questionwas this:

A new study reportedly exposes the sugar industry's decades-old effort to stifle research linking the eating of lots of sugar to heart disease. How much sugar do you consume each day? And do you use any sugar substitutes? If so, which ones and why?

Several of our health-conscious newsletter readers responded to this one:

Hi Mitch, I try to avoid sugar as much as I can, but it's in everything. Even though I prepare my own lunches, I am sure that there is some sugar in the condiments I use. I don't add sugar to my food and drink as a rule, unless I'm baking a dessert. Even then I tend to use less than called for. As a substitute, I like sucralose. It seems to be the most bio neutral, and has the least offensive after taste. But I'm not against aspartame, despite the dire warnings being shouted from the fringes. They seem to be mere panic, not supported by the massive number of studies done on its use. None of the substitutes them work very well in baking, though I can use sucralose to make apple pie that is passable, especially for my diabetic friends who would get none otherwise! When I do use sugar in cooking, I choose the least refined that I can get. I understand that the minerals in unrefined sugar may help the body metabolize it. Not sure how much of a difference it makes, but I also prefer the taste, so even if it's not much better I'll still stick with the raw version. --Todd who is in the US Military

Hello Mitch, the only time I ever use sugar is at restaurants, for my coffee. My sugar substitute of choice is a product from KAL, called Pure Stevia plus Luo Han (aka monk fruit). That stuff is incredibly sweet. A long time ago, I walked into a health food store, looked at the various sugar substitutes they had, and just bought one of each type. I wasn't really happy with any of them. They wouldn't dissolve properly in my coffee or they just weren't very sweet... except for KAL's product, Pure Stevia plus Luo Han. I don't know what they did different from all the others, but it dissolves properly and is very very sweet. It's a bit pricey, but, to me, worth every penny. --Michael

Now let's move on to this week's factoid:

Fact: Some people at Microsoft love trains.

Source: Chuck Timon, a Senior Premiere Field Engineer (PFE) at Microsoft who has contributed his expertise to several books I've written for Microsoft Press, sent me an email this morning saying, "Thanks very much for the trains plowing through snow video.....I love trains." The video he refers to was one of the Flixxy videos in the WServerNews FAVE Links section of last week's newsletter "Issue #1167 Some reflections on Meltdown/Spectre" which is archived here:

http://www.wservernews.com/go/mhlgc6jk/

I responded to Chuck's kind email by saying, "Me too. Here's one of my favorite train movies" and pointed Chuck to the IMDB page for the movie "Death Train" that stars Mathis Landwehr and Arnold Vosloo:

http://www.wservernews.com/go/xee43frt/

Question: What's *your* favorite train movie? :-)

Email your answer to us at wsn@mtit.com

Until next week, 

 

Mitch Tulloch

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at wsn@mtit.com

Veeam is happy to provide you with a study guide for Microsoft Certification Exam 74-409. The guide will take you through the exam objectives, helping you to prepare for and pass the examination.

http://www.wservernews.com/go/lt8dfw8j/


Active Directory Replication PowerShell Module makes checking Active Directory replication easier and richer than repadmin.exe:

http://www.wservernews.com/go/zwnxs61k/


HP offers a BIOS Utility for automated configuration of BIOS/UEFI settings:

http://www.wservernews.com/go/fg5cgvtq/


ConvertPOLtoDCM is a utility to convert Group Policy .pol files into Configuration Manager 2012 Compliance Cis:

http://www.wservernews.com/go/q77dcxzc/



This Week's Tips

Azure - Add a public IP address to a VM

Srinath Vasireddy explains how you can add a public IP address to an Azure VM when your Connect button is grayed out and you are not connected to Azure via an Express Route or Site-to-Site VPN connection:

http://www.wservernews.com/go/fvh6w0t4/


SharePoint - Populate a site for testing purposes

Mike Lee shares a script you can use to create and populate data in a SharePoint Farm for testing purposes:

http://www.wservernews.com/go/6yh7ufmg/


Azure - Save money!

The TechNet UK Blog provides some tips that can help you avoid "bill shock" with your Azure subscription:

http://www.wservernews.com/go/t18hoj2o/



Events Calendar


Microsoft Tech Summit on March 5-6, 2018 in Washington, D.C. USA

http://www.wservernews.com/go/0m7itxkw/

Microsoft Tech Summit on March 14-15, 2018 in Paris, France

http://www.wservernews.com/go/9nxkp7j8/

Microsoft Tech Summit on March 19-20, 2018 in San Francisco, California USA

http://www.wservernews.com/go/gm14cqd2/

Microsoft Tech Summit on March 28-29, 2018 in Amsterdam, Netherlands

http://www.wservernews.com/go/jeua5kvf/

Microsoft Ignite 2018 on September 24-28, 2018 in Orlando, Florida USA

http://www.wservernews.com/go/f6gtgfpp/


Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact info@techgenix.com


New on TechGenix.com

Up close and personal with Windows AutoPilot

While self-driving cars might be the future of driving, Windows AutoPilot is definitely going to be the future of Windows device provisioning.

http://www.wservernews.com/go/g136dcfb/


Prevent cyberattacks with application whitelisting with Windows AppLocker

Want to keep nasty programs from running on your Windows computers? Application whitelisting with AppLocker is your key to making this happen.

http://www.wservernews.com/go/bnabssap/


Under the hood: Hyper-V shutdown registry settings

Knowing how things work under the hood can help you when a troubleshooting issue arises. Case-in-point: Hyper-V shutdown registry settings.

http://www.wservernews.com/go/640umfef/


The importance of being earnest with software licensing

Software licensing often takes a back seat to other priorities, but the last thing your business wants is for the License Police to come knocking!

http://www.wservernews.com/go/ch8q4115/


Get your geek on: Building a VMware home lab

Setting up a VMware home lab for learning and testing doesn't need to be expensive or difficult. Here's how you can do it.

http://www.wservernews.com/go/7lx1urnz/

 

Tech Briefing - Networking

SCCM: For those nasty incremental collections

From Lee Stevens Technical Blogs

http://www.wservernews.com/go/5bqvdf5m/


Connecting Configuration Manager to OMS

From the TechNet UK blog

http://www.wservernews.com/go/gskzrb8r/


Comanagement and migrating from ConfigMgr hybrid to standalone Intune

From Gerry Hampton Device Management

http://www.wservernews.com/go/nv4dzaty/


Using ConfigMgr to Monitor Intel Vulnerability INTEL-SA-00086

From Windows Management Experts

http://www.wservernews.com/go/0vjb6jwi/

Time for a Tune-up

From Michael Griswold's SCCM Tips and Tricks

http://www.wservernews.com/go/gt7bqoif/

 

Other Articles of Interest

Use AWS cost optimization tools to avoid billing surprises

Several AWS tools enable organizations to dissect their cloud bills, visualize spending and estimate future costs. Learn when -- and when not -- to use each.

http://www.wservernews.com/go/1jbjasi3/


How to win in the AI era? For now, it's all about the data

Deep learning pioneer Andrew Ng explains why data, not algorithms, gives companies a first-mover advantage in the current AI era. Plus: the four traits of an AI company. 

http://www.wservernews.com/go/0lon1b1j/


Data center GPU use on the rise thanks to AI, big data

GPU vendors have added new devices and cards for data center servers, as data demanding workloads infiltrated the data center and overwhelmed traditional CPUs.

http://www.wservernews.com/go/k4ojqedm/


Upgrade your IT admin career options with these tips

Don't get stuck with habits from a time when Microsoft released updates every few years. Admins need to build their proficiency in PowerShell and cloud products to remain relevant.

http://www.wservernews.com/go/ij6iqkof/

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

Image

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at wsn@mtit.com

This Is Not Science Fiction

'Falcon Heavy' - the most powerful operational rocket in the world - will launch a Tesla Roadster electric car into space:

http://www.wservernews.com/go/83mm9ei2/


Watch SpaceX Launching A Car To Mars

SpaceX successfully launched the 'Falcon Heavy' rocket with a payload of a Tesla Roadster electric car going into an elliptical orbit towards Mars and around the Sun:

http://www.wservernews.com/go/rewz1yb8/


Toyota Super Bowl Commercial 2018

http://www.wservernews.com/go/3abx4l57/


Monkey Taunts Tiger

A young tiger sits beneath a tree, trying to relax, when a monkey shows up and decides to have some fun with him:

http://www.wservernews.com/go/gjjwolzp/

 

WServerNews - Product of the Week

Avoiding GDPR Penalties – 5 Key Principles

 Image

The GDPR grace period for businesses to get themselves compliant ends on May 25, 2018. Join this exclusive session with Mike Resseler, Veeam Product Management Director, as he discusses our insights and five key lessons that we learned through our compliance to help you on the path to thinking about GDPR compliance. Find out the existing data management strategies and tactics for efficient IT assessment. 

Register now.

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.