Vol. 23, #20 - May 21, 2018 - Issue #1182

WServerNews: Security briefs

Free Tool for Monitoring Exchange Server Status & Performance 

Image

SolarWinds® Exchange Monitor is a free tool that allows users to monitor Microsoft® Exchange™ Server 2013 and 2016. Get basic information about the server’s metrics, services, and database availability group (DAG) status. Add as many Exchange Servers as you wish. Simply click the “Add Server” button and fill IP address/domain name and credentials.

Download Free Tool


Editor's Corner

In this week's newsletter we catch up with some news and stuff relating to IT security. And of course we have lots of other interesting stuff so be sure to read everything from start to finish! Are you ready? Are you set? Go! Hurry!!

And here's a totally off-topic Dilbert comic today:

http://www.wservernews.com/go/32jxcbwe/

Ever have nightmares like that?

 

Ask Our Readers - Moving server folders in Windows Server 2012 Essentials

A reader named Kevin from Colorado, USA sent us the following question:

Hi fellow techies. I've been a Windows desktop tech for over 20 years, but haven't done that much with servers until recently. One of the things I've done for years to protect user files is move the user folders off of the OS drive so if you lose Windows, you don't lose the user files. The blogs I've read seem to indicate that this has NOT been recommended in Windows Server through version 2008. However, 2012 Server Essentials Experience actually has an option to move the "server folders", including the "users" folder, off the C drive, and you will get an alert if you don't.

What I'd like to know is why they went to so much trouble to do this when it DOESN'T WORK. I've tried it a half-dozen times and it crashes and undoes the changes each time. Usually I get an error message that says there's a file open, so the whole process aborts. I've found the 'phantom users' in the process, and shut down services to free up files, but the last time the error was the nt.dat file for MY username being open. Does anyone know how to get this to work?

If any WSE experts out there can suggest anything for Kevin please email us at wsn@mtit.com


Ask Our Readers! - Need help from the IT pro community?

WServerNews goes out each week to more than 500,000 subscribers worldwide! That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at wsn@mtit.com


From the Mailbag

Last week in Issue #1181 Windows alert and what's coming in Windows Server 2019 we mentioned that an alert reader named Charles had discovered that upgrading Windows 10 to the April 2018 Update (v.1803) had deleted his existing Restore Points and turned System Restore off on several systems he upgraded. I asked readers whether anyone else had experienced something similar and one reader named Carl replied as follows:

All Restore Points were deleted, but System Restore settings were left alone.

Now as if this isn't bad enough, we now have word from James O'Neill a former IT pro Evangelist at Microsoft that upgrading to v.1803 also trashes a bunch of functionality of the PowerShell ISE. Here is James's twitter post on the issue:

http://www.wservernews.com/go/bpclnt8r/

Personally I feel that Microsoft made a mistake laying off most of their software test engineers back in mid-2014. The idea was that FTE testers weren't needed since tens of millions of users would help shake the bugs out of Windows 10 and allow for more rapid development of the platform. Here's a ComputerWorld article from early 2015 that tried to paint a positive picture of Microsoft's decision:

http://www.wservernews.com/go/yazcbctu/

Now I don't know about you but personally I don't like being made a "coal mine canary" to help Microsoft improve its products. I want an OS that works, one that has been tested for a broad range of consumer and business scenarios *before* it's offered to me for purchase. In my opinion one skilled tester is worth a million consumers in terms of ensuring product quality. But that's just my own two cents.

And now on to the main topic of this week's newsletter…

 

More patches coming for Intel CPUs

BleepingComputer reports that OS vendors have been releasing more security patches for Intel CPU flaws because they didn't properly understand the problem in the first place:

http://www.wservernews.com/go/5hyo2so7/


FWIW the problem may have been Intel's whose documentation of their CPU features may not have been complete or comprehensive enough.

Another Intel CPU vulnerability

And if Meltdown and Spectre aren't enough to try and deal with, security researchers have found another side-channel attack against Intel CPUs that they've named BranchScope that can be exploited by an attacker to obtain potentially sensitive information they normally would not be able to access directly. SecurityWeek has the details:

http://www.wservernews.com/go/hawrj47q/



Malware targeting MikroTik routers

Kaspersky Labs has discovered a powerful multi-layer malware that is spread through routers. The malware which has been named "Slingshot" has been active since 2012 and currently affects only MikroTik routers and can be fixed via a firmware update. But the possibility it may be infecting other manufacturers' routers must be considered. Read more on the Kaspersky website:

http://www.wservernews.com/go/6e5ie5f6/

Check with your router vendor to see whether your routers might be vulnerable to Slingshot and whether the vendor has released updated firmware. 

 

SSO implementations based on SAML may be vulnerable

A widespread vulnerability has been discovered in single sign-on (SSO) products that is caused by an issue with SAML libraries used by these products. Duo Labs discovered this issue and describes it in detail here:

http://www.wservernews.com/go/ky5md0ue/

To find out whether your SSO product might be effected, see this page from CERT:

http://www.wservernews.com/go/jcb8vuwf/


Chrome users beware!

Motherboard repoprts that Andrey Meshkov the cofounder of AdGuard has discovered that the AdRemover extension for Chrome may actually be malware:

http://www.wservernews.com/go/j8meeibf/

If you still have AdRemover installed in Chrome you may want to remove it.



Hacking a Point-of-Sale scanner

The Register reports that a security researcher has discovered it can be possible to use the mere reflection of a QR code on a PoS scanner to take ownership of tokens used for making mobile payments:

http://www.wservernews.com/go/e89wse0r/



Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at wsn@mtit.com


Recommended for Learning

Azure Security and Compliance

When placing your software and services in the cloud, security is a critical requirement. If you're tasked with addressing security and compliance concerns in your organization, you'll want to take this free on-demand course from edX to learn to build a trusted cloud platform. This course shows you how Microsoft Azure provides a secure infrastructure that is industry verified with global compliance standards. You'll learn how to manage and implement certificates with Microsoft Azure, how to implement Azure Key Vault to protect cloud applications and services, and how to protect, detect and respond to threats using Microsoft Azure Security Center. Enroll now!

http://www.wservernews.com/go/9jrjl6gg/


Factoid of the Week - I love my Beemer

Last week's factoid and question  was this:

Businesses are sabotaging one another by pushing false information into Google Maps. Has anyone ever experienced Google Maps leading you astray (scroogling you) like this? Or heard about it happening in their local area?

Bruce who works in IT for the Minnesota State Government, USA responded:

I've often have Google Maps lead me astray on my Meals on Wheels routes in Saint Paul. However, I attribute that more the Saint Paul's asinine method of naming streets and numbering addresses.

Hmm if you think that's bad check out Langley, BC, Canada where "A" streets (e.g. 216A Street) often go on for a few blocks, then break for several blocks, then reappear again for three blocks, then break for six blocks, then resume again for several blocks and so on and so forth. Insane!!

Now let's move on to this week's factoid:

Fact: While the new autonomous driving capabilities of the latest cars are amazing, the dashboard technology of most new cars sucks.

Sourcehttp://www.wservernews.com/go/pky76hy3/

Question: What's your opinion on this? Seven years ago I bought one of the last BMW models not to have a touchscreen on the dashboard. The reason I bought it was because I wanted a dashboard where I could reach for the controls I needed without taking my eyes off the road. As someone said somewhere, a good user interface must be easy to navigate, put frequently used controls where you can easily reach them, and give you clear feedback (preferably tactile) when you make a change to a control. The dashboard of my BMW has all these features and I intend to keep driving it until the wheels fall off. 

Email your answer to us at wsn@mtit.com

Until next week, 

Mitch Tulloch

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at wsn@mtit.com

Veriato employee monitoring software provides unmatched visibility into the online and communications activity of employees and contractors so you can protect your company’s most valuable assets, your data.

http://www.wservernews.com/go/bim4b2oa/

The EU’s GDPR is closing in on the 25th of May. A professional email archiving solution like MailStore Server is helpful in gaining back control over your business emails. FREE trial and eBook are available here:

http://www.wservernews.com/go/hlk4h2h6/


Limited time offer: production license for Veeam Backup for Microsoft Office 365 with no feature limitations for FREE – 3 months!

http://www.wservernews.com/go/7w7cbs1f/

Dynatrace synthetic monitoring provides all the information you need to understand your service levels, system availability and the availability of key business transactions:

http://www.wservernews.com/go/439gzof6/

deleteold.ps1 is a script to delete files older than x-days that is built to be used as a scheduled task:

http://www.wservernews.com/go/yffa4wxm/

Convert-WindowsImage is the new version of WIM2VHD designed specifically for Windows 8 and above:

http://www.wservernews.com/go/1zcfeptw/



This Week's Tips


PowerShell - Boost performance

James O'Neill has an excellent blog post explaining some simple ways you can boost the performance of your PowserShell script:

http://www.wservernews.com/go/2muhbsme/

 

PowerShell - Writing scripts others can understand

Ever write a script that another PowerShell expert had trouble understanding? Or maybe you can't even understand your own script several months after you wrote it. James O'Neill deals with this issue in a couple of blog posts:

http://www.wservernews.com/go/4r2t9zdj/

http://www.wservernews.com/go/wn7e1uq1/


PowerShell - The power of parallel processing

James O'Neill has a fascinating post from a while back called "Do the job 100 times faster with Parallel Processing in PowerShell". It's well worth a read if you're trying to become a PowerShell warrior:

http://www.wservernews.com/go/y1g61v9m/

 

Events Calendar


Infosecurity Europe in London, England on June 5-9


http://www.wservernews.com/go/0wtaq3b9/

Computex in Taipei, Taiwan on June 5-9

http://www.wservernews.com/go/0vmj4j14/

Cloud & DevOps World in London, England on June 12-14

http://www.wservernews.com/go/gh39ou0o/

OfficeCamp in Gelsenkirchen, Germany on June 18-20

http://www.wservernews.com/go/ezp5a63x/

HPE Discover in Las Vegas, Nevada on June 18-21

http://www.wservernews.com/go/w472an1x/

Microsoft Inspire in Las Vegas, Nevada on July 15-19

http://www.wservernews.com/go/w1b2n1ak/

Microsoft Ignite 2018 on September 24-28, 2018 in Orlando, Florida USA

http://www.wservernews.com/go/js7uh2jc/


Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact info@techgenix.com


New on TechGenix.com

Windows Defender System Guard runtime attestation coming to Windows systems

Windows Defender System Guard runtime attestation is coming to all Windows editions. Here are some of the technology and security benefits the update will offer.

http://www.wservernews.com/go/0je6c6iq/


Website security: A guarantee your company can be trusted

No matter what type of company you run, website security should be a primary concern. The slightest suspicion your website has been compromised can lead to mass exodus of clients.

http://www.wservernews.com/go/prkajf01/


7 essential soft skills you must have to excel in your IT career

Being successful in your IT career is more than computers and coding. It also takes collaboration and communication and other soft skills many IT pros don't realize they need.

http://www.wservernews.com/go/xzx5c6bm/


Shopping for a backup and disaster recovery solution? Ask these questions

You know your company needs a good backup and disaster recovery solution. But before you sign the contract, make sure to ask the vendors these questions.

http://www.wservernews.com/go/hofg9mqo/


Avoid these Azure virtual machines 'gotchas'

Deploying or migrating your server workloads to Azure virtual machines is easy, right? It can be, but only if you sidestep these common traps and speed bumps.

http://www.wservernews.com/go/bcnqllnc/

 

Tech Briefing - Enterprise IT

PS without BS: Creating Random Test Users in Active Directory

Lee Stevens

http://www.wservernews.com/go/8b4b6crp/


Using Azure Active Directory in Microsoft Azure Germany for Microsoft Azure Stack

Daniel's Tech Blog

http://www.wservernews.com/go/lzeukbo0/


Protecting from Accidental Deletion (or not)

Lee Stevens

http://www.wservernews.com/go/7lkyqopv/


Part2 Ultimate Step to Remote Desktop Services HTML5 QuickStart Deployment

Robert Smit MVP Blog

http://www.wservernews.com/go/2c9x4kk5/


Remote Desktop web client public preview

Enterprise Mobility + Security

http://www.wservernews.com/go/929w7oxp/

 

Other Articles of Interest

Try this data science experiment for deep learning insights

Deep learning professionals require a specific set of skills and tools. Follow this simple example of a data science project to learn more about the technology and related careers.

http://www.wservernews.com/go/tuxmnbpo/


Developers, prepare for the caveats of serverless frameworks

While serverless has gained the attention of many developers, those that adopt serverless must stay on top of issues that it may bring, including portability challenges.

http://www.wservernews.com/go/uim665yb/


Testing tools for continuous deployment

Continuous testing and integration are the basis for continuous deployment without disasters. Expert Tom Nolle discusses the steps for automated and regressions tests.

http://www.wservernews.com/go/l6jwzwb2/


Use LinuxKit to increase container portability

With LinuxKit, Docker continues its push for better container portability. Learn how the tool can help your apps run across various platforms, as well as its potential limitations.

http://www.wservernews.com/go/s99szdit/

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at wsn@mtit.com

Top Freeride Mountain Bike Highlights - Red Bull Rampage

Sit back and enjoy some of the top highlights and best action from the Mountain Bike Freeride finals at Red Bull Rampage 2015:

http://www.wservernews.com/go/amrmub86/


Human Flight - Amazing Wingsuit Flying

A tribute to the world's most dangerous sport - a compilation of base jumping, proximity flying and skydiving:

http://www.wservernews.com/go/plvejon2/


Fantasy Illusionists Magus Utopia - 'Nightmare'

Prepare to be amazed by the Magus Utopia, a group of fantasy illusionists from the Netherlands, that wowed the judges and audience of Britain's Got Talent 2018

http://www.wservernews.com/go/iq0b5s5e/


ISMO - The EARTHworm

Finnish comedian Ismo Leikola's favourite animal - the EARTHworm:

http://www.wservernews.com/go/opyjdi7f/


Have any other readers found similar content they'd like to recommend for our Fave Links section? Email us at wsn@mtit.com

 

WServerNews - Product of the Week

Free Tool for Monitoring Exchange Server Status & Performance 

Image

SolarWinds® Exchange Monitor is a free tool that allows users to monitor Microsoft® Exchange™ Server 2013 and 2016. Get basic information about the server’s metrics, services, and database availability group (DAG) status. Add as many Exchange Servers as you wish. Simply click the “Add Server” button and fill IP address/domain name and credentials.

Download Free Tool

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.