Vol. 23, #20 - May 21, 2018 - Issue #1182
WServerNews: Security briefs
- Editor's Corner
- Ask Our Readers - Moving server folders in Windows Server 2012 Essentials
- Ask Our Readers! - Need help from the IT pro community?
- From the Mailbag
- More patches coming for Intel CPUs
- Another Intel CPU vulnerability
- Malware targeting MikroTik routers
- SSO implementations based on SAML may be vulnerable
- Chrome users beware!
- Hacking a Point-of-Sale scanner
- Send us your feedback
- Recommended for Learning
- Factoid of the Week - I love my Beemer
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- This Week's Tips
- PowerShell - Boost performance
- PowerShell - Writing scripts others can understand
- PowerShell - The power of parallel processing
- Events Calendar
- More upcoming events
- New on TechGenix.com
- Recommended articles from TechGenix.com
- Tech Briefing - Enterprise IT
- PS without BS: Creating Random Test Users in Active Directory
- Using Azure Active Directory in Microsoft Azure Germany for Microsoft Azure Stack
- Protecting from Accidental Deletion (or not)
- Part2 Ultimate Step to Remote Desktop Services HTML5 QuickStart Deployment
- Remote Desktop web client public preview
- Other Articles of Interest
- Try this data science experiment for deep learning insights
- Developers, prepare for the caveats of serverless frameworks
- Testing tools for continuous deployment
- Use LinuxKit to increase container portability
- WServerNews FAVE Links
- Top Freeride Mountain Bike Highlights - Red Bull Rampage
- Human Flight - Amazing Wingsuit Flying
- Fantasy Illusionists Magus Utopia - 'Nightmare'
- ISMO - The EARTHworm
- WServerNews - Product of the Week
- Free Tool for Monitoring Exchange Server Status & Performance
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to [email protected] if you have any comments or suggestions!
In this week's newsletter we catch up with some news and stuff relating to IT security. And of course we have lots of other interesting stuff so be sure to read everything from start to finish! Are you ready? Are you set? Go! Hurry!!
And here's a totally off-topic Dilbert comic today:
Ever have nightmares like that?
Ask Our Readers - Moving server folders in Windows Server 2012 Essentials
A reader named Kevin from Colorado, USA sent us the following question:
Hi fellow techies. I've been a Windows desktop tech for over 20 years, but haven't done that much with servers until recently. One of the things I've done for years to protect user files is move the user folders off of the OS drive so if you lose Windows, you don't lose the user files. The blogs I've read seem to indicate that this has NOT been recommended in Windows Server through version 2008. However, 2012 Server Essentials Experience actually has an option to move the "server folders", including the "users" folder, off the C drive, and you will get an alert if you don't.
What I'd like to know is why they went to so much trouble to do this when it DOESN'T WORK. I've tried it a half-dozen times and it crashes and undoes the changes each time. Usually I get an error message that says there's a file open, so the whole process aborts. I've found the 'phantom users' in the process, and shut down services to free up files, but the last time the error was the nt.dat file for MY username being open. Does anyone know how to get this to work?
If any WSE experts out there can suggest anything for Kevin please email us at [email protected]
Ask Our Readers! - Need help from the IT pro community?
WServerNews goes out each week to more than 500,000 subscribers worldwide! That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]
From the Mailbag
Last week in Issue #1181 Windows alert and what's coming in Windows Server 2019 we mentioned that an alert reader named Charles had discovered that upgrading Windows 10 to the April 2018 Update (v.1803) had deleted his existing Restore Points and turned System Restore off on several systems he upgraded. I asked readers whether anyone else had experienced something similar and one reader named Carl replied as follows:
All Restore Points were deleted, but System Restore settings were left alone.
Now as if this isn't bad enough, we now have word from James O'Neill a former IT pro Evangelist at Microsoft that upgrading to v.1803 also trashes a bunch of functionality of the PowerShell ISE. Here is James's twitter post on the issue:
Personally I feel that Microsoft made a mistake laying off most of their software test engineers back in mid-2014. The idea was that FTE testers weren't needed since tens of millions of users would help shake the bugs out of Windows 10 and allow for more rapid development of the platform. Here's a ComputerWorld article from early 2015 that tried to paint a positive picture of Microsoft's decision:
Now I don't know about you but personally I don't like being made a "coal mine canary" to help Microsoft improve its products. I want an OS that works, one that has been tested for a broad range of consumer and business scenarios *before* it's offered to me for purchase. In my opinion one skilled tester is worth a million consumers in terms of ensuring product quality. But that's just my own two cents.
And now on to the main topic of this week's newsletter…
More patches coming for Intel CPUs
BleepingComputer reports that OS vendors have been releasing more security patches for Intel CPU flaws because they didn't properly understand the problem in the first place:
FWIW the problem may have been Intel's whose documentation of their CPU features may not have been complete or comprehensive enough.
Another Intel CPU vulnerability
And if Meltdown and Spectre aren't enough to try and deal with, security researchers have found another side-channel attack against Intel CPUs that they've named BranchScope that can be exploited by an attacker to obtain potentially sensitive information they normally would not be able to access directly. SecurityWeek has the details:
Malware targeting MikroTik routers
Kaspersky Labs has discovered a powerful multi-layer malware that is spread through routers. The malware which has been named "Slingshot" has been active since 2012 and currently affects only MikroTik routers and can be fixed via a firmware update. But the possibility it may be infecting other manufacturers' routers must be considered. Read more on the Kaspersky website:
Check with your router vendor to see whether your routers might be vulnerable to Slingshot and whether the vendor has released updated firmware.
SSO implementations based on SAML may be vulnerable
A widespread vulnerability has been discovered in single sign-on (SSO) products that is caused by an issue with SAML libraries used by these products. Duo Labs discovered this issue and describes it in detail here:
To find out whether your SSO product might be effected, see this page from CERT:
Chrome users beware!
Motherboard repoprts that Andrey Meshkov the cofounder of AdGuard has discovered that the AdRemover extension for Chrome may actually be malware:
If you still have AdRemover installed in Chrome you may want to remove it.
Hacking a Point-of-Sale scanner
The Register reports that a security researcher has discovered it can be possible to use the mere reflection of a QR code on a PoS scanner to take ownership of tokens used for making mobile payments:
Send us your feedback
Got feedback about anything in this issue of WServerNews? Email us at [email protected]
Recommended for Learning
Azure Security and Compliance
When placing your software and services in the cloud, security is a critical requirement. If you're tasked with addressing security and compliance concerns in your organization, you'll want to take this free on-demand course from edX to learn to build a trusted cloud platform. This course shows you how Microsoft Azure provides a secure infrastructure that is industry verified with global compliance standards. You'll learn how to manage and implement certificates with Microsoft Azure, how to implement Azure Key Vault to protect cloud applications and services, and how to protect, detect and respond to threats using Microsoft Azure Security Center. Enroll now!
Factoid of the Week - I love my Beemer
Last week's factoid and question was this:
Businesses are sabotaging one another by pushing false information into Google Maps. Has anyone ever experienced Google Maps leading you astray (scroogling you) like this? Or heard about it happening in their local area?
Bruce who works in IT for the Minnesota State Government, USA responded:
I've often have Google Maps lead me astray on my Meals on Wheels routes in Saint Paul. However, I attribute that more the Saint Paul's asinine method of naming streets and numbering addresses.
Hmm if you think that's bad check out Langley, BC, Canada where "A" streets (e.g. 216A Street) often go on for a few blocks, then break for several blocks, then reappear again for three blocks, then break for six blocks, then resume again for several blocks and so on and so forth. Insane!!
Now let's move on to this week's factoid:
Fact: While the new autonomous driving capabilities of the latest cars are amazing, the dashboard technology of most new cars sucks.
Question: What's your opinion on this? Seven years ago I bought one of the last BMW models not to have a touchscreen on the dashboard. The reason I bought it was because I wanted a dashboard where I could reach for the controls I needed without taking my eyes off the road. As someone said somewhere, a good user interface must be easy to navigate, put frequently used controls where you can easily reach them, and give you clear feedback (preferably tactile) when you make a change to a control. The dashboard of my BMW has all these features and I intend to keep driving it until the wheels fall off.
Email your answer to us at [email protected]
Until next week,
GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]
Veriato employee monitoring software provides unmatched visibility into the online and communications activity of employees and contractors so you can protect your company’s most valuable assets, your data.
The EU’s GDPR is closing in on the 25th of May. A professional email archiving solution like MailStore Server is helpful in gaining back control over your business emails. FREE trial and eBook are available here:
Limited time offer: production license for Veeam Backup for Microsoft Office 365 with no feature limitations for FREE – 3 months!
Dynatrace synthetic monitoring provides all the information you need to understand your service levels, system availability and the availability of key business transactions:
deleteold.ps1 is a script to delete files older than x-days that is built to be used as a scheduled task:
Convert-WindowsImage is the new version of WIM2VHD designed specifically for Windows 8 and above:
PowerShell - Boost performance
James O'Neill has an excellent blog post explaining some simple ways you can boost the performance of your PowserShell script:
PowerShell - Writing scripts others can understand
Ever write a script that another PowerShell expert had trouble understanding? Or maybe you can't even understand your own script several months after you wrote it. James O'Neill deals with this issue in a couple of blog posts:
Infosecurity Europe in London, England on June 5-9
Cloud & DevOps World in London, England on June 12-14
OfficeCamp in Gelsenkirchen, Germany on June 18-20
HPE Discover in Las Vegas, Nevada on June 18-21
Microsoft Inspire in Las Vegas, Nevada on July 15-19
Microsoft Ignite 2018 on September 24-28, 2018 in Orlando, Florida USA
Add Your Event
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]
Windows Defender System Guard runtime attestation coming to Windows systems
Windows Defender System Guard runtime attestation is coming to all Windows editions. Here are some of the technology and security benefits the update will offer.
Website security: A guarantee your company can be trusted
No matter what type of company you run, website security should be a primary concern. The slightest suspicion your website has been compromised can lead to mass exodus of clients.
7 essential soft skills you must have to excel in your IT career
Being successful in your IT career is more than computers and coding. It also takes collaboration and communication and other soft skills many IT pros don't realize they need.
Shopping for a backup and disaster recovery solution? Ask these questions
You know your company needs a good backup and disaster recovery solution. But before you sign the contract, make sure to ask the vendors these questions.
Avoid these Azure virtual machines 'gotchas'
Deploying or migrating your server workloads to Azure virtual machines is easy, right? It can be, but only if you sidestep these common traps and speed bumps.
PS without BS: Creating Random Test Users in Active Directory
Using Azure Active Directory in Microsoft Azure Germany for Microsoft Azure Stack
Daniel's Tech Blog
Protecting from Accidental Deletion (or not)
Part2 Ultimate Step to Remote Desktop Services HTML5 QuickStart Deployment
Robert Smit MVP Blog
Remote Desktop web client public preview
Enterprise Mobility + Security
Try this data science experiment for deep learning insights
Deep learning professionals require a specific set of skills and tools. Follow this simple example of a data science project to learn more about the technology and related careers.
Developers, prepare for the caveats of serverless frameworks
While serverless has gained the attention of many developers, those that adopt serverless must stay on top of issues that it may bring, including portability challenges.
Testing tools for continuous deployment
Continuous testing and integration are the basis for continuous deployment without disasters. Expert Tom Nolle discusses the steps for automated and regressions tests.
Use LinuxKit to increase container portability
With LinuxKit, Docker continues its push for better container portability. Learn how the tool can help your apps run across various platforms, as well as its potential limitations.
This Week's Links We Like. Tips, Hints And Fun Stuff
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]
Top Freeride Mountain Bike Highlights - Red Bull Rampage
Sit back and enjoy some of the top highlights and best action from the Mountain Bike Freeride finals at Red Bull Rampage 2015:
Human Flight - Amazing Wingsuit Flying
A tribute to the world's most dangerous sport - a compilation of base jumping, proximity flying and skydiving:
Fantasy Illusionists Magus Utopia - 'Nightmare'
Prepare to be amazed by the Magus Utopia, a group of fantasy illusionists from the Netherlands, that wowed the judges and audience of Britain's Got Talent 2018
ISMO - The EARTHworm
Finnish comedian Ismo Leikola's favourite animal - the EARTHworm:
Have any other readers found similar content they'd like to recommend for our Fave Links section? Email us at [email protected]
Free Tool for Monitoring Exchange Server Status & Performance
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7www.mtit.com.Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.