Weeks after providing a workaround tool for a zero-day flaw in Internet Explorer, Microsoft is set to release a patch to address the issue.
The company posted an advance notification for an out-of-cycle patch Monday morning ahead of its release at 1 p.m. Eastern time. Microsoft recommends that admins apply the update as soon as possible and notes that the workaround tool provided in December does not need to be disabled during the patch.
This comes after reports that security researchers had found a hole in the “Fix it” tool, leading to speculation during last week’s Patch Tuesday that a fix would be released before February.
Microsoft notes that only older — and more widely used — versions of Internet Explorer needed the fix, so upgrading to IE 9 or IE 10 would also mitigate any threat related to this flaw.
Microsoft is helping admins ring in the new year by offering increased security and protection for their systems, including those running Windows Server 2012.
To mark the first Patch Tuesday of 2013, the company released an advance security bulletin this week that includes seven bulletins. Two bulletins are marked as critical and five are marked as important.
Both of January’s critical bulletins address remote code execution vulnerabilities. Multiple versions of Windows Server and Microsoft Office, as well as Windows RT, are affected.
This month’s important bulletins address elevation of privilege, denial of service and security feature bypass vulnerabilities. Windows RT, Microsoft System Center Operations Manager 2007 and multiple versions of Windows Server are affected.
In our monthly feature, we round up our top content from the previous month and share it with you.
December’s most popular content featured the year’s final Patch Tuesday, our roundup of the year’s best Windows Server tips and what to expect with the release of System Center 2012 SP1.
Windows 8 support added to System Center 2012 SP1
After months of discussion, System Center 2012 SP1 hit RTM and added support for managing Windows 8. The major downside for admins? They’ll need to perform a clean install to use it, even if they already installed the beta.
December’s Patch Tuesday has critical fixes for IE and Office
The last Patch Tuesday of the year had fixes for remote code execution vulnerabilities in Internet Explorer and Office. Experts also noted the continuing trend of releasing fewer patches and the consistency in which they were released.
PowerShell dominates best 2012 tips of Windows Server
The best tips from SearchWindowsServer in 2012 regularly covered the features in PowerShell admins should begin to learn. Experts also regularly highlighted the newest enhancements in Windows Server 2012.
AWS includes Windows Server 2012 and PowerShell features
In a move to perhaps undermine the services Azure offers, Amazon Web Services included key features from PowerShell and Windows Server 2012. Some experts say this move could setback Microsoft’s efforts to break into the public cloud space, but the company won’t be out for the count.
Q&A highlights management features in System Center 2012 SP1
This expert Q&A looks at what admins should expect with the release of System Center 2012 SP1 early this year. One thing admins can look forward to having is support for both Windows Server 2012 and Windows 8, which wasn’t included when System Center 2012 was first released in 2012.
The pending retirement of a prominent senior Microsoft executive, announced this week, may provide clues as to who is likely to take the reins of the company when CEO Steve Ballmer retires in a few years.
Whoever ultimately ends up in Microsoft’s corner office promises to change the face of computing for better or worse in the years to come.
The executive, 20-year company veteran Craig Mundie, will retire in 2014 when he turns 65. In the meantime, he will serve as senior advisor to Ballmer.
What may be most important in shakeups like this one, however, is often not who leaves but who stays.
Microsoft co-founder Bill Gates named Ray Ozzie and Mundie in 2006 to replace himself, when he left his day-to-day role at the company. Ozzie, who had founded Lotus and has the respect of both businesspeople and developers alike, had visions of a “meshed” world where all of a user’s information is available on any device, anywhere, any time. His job title was chief software architect, Gates’ former title.
Though not often mentioned these days, Ozzie also championed Windows Azure, Microsoft’s public cloud offering, before leaving the software giant in 2010.
Mundie, meanwhile, has held the title of chief research and strategy officer, which included oversight of Microsoft Research (MSR) as well as performing the role of the company’s policy liaison to domestic and international institutions and governments.
Perhaps most notably, however, Mundie’s replacement will be another 20-year Microsoft veteran, Eric Rudder, who recently received the title of chief technical strategy officer. Overseeing MSR is one of his new responsibilities as well as Microsoft’s Trustworthy Computing initiative.
What’s more, until a few years ago Rudder was one of a handful of Microsoft senior executives on what was considered the shortlist to replace Ballmer when he retires. But the presumed front runner for the past several years was Steven Sinofsky, the vice president responsible for launching Windows 8 in October, Windows 7 three years ago, and head of Office for more than a decade. He departed Microsoft — some say he was pushed out — almost immediately after last fall’s launch.
For several years, Rudder’s star seemed to be in decline after a stellar start as chairman Bill Gates’ technical assistant. Over the years, Rudder also has garnered broad experience in both the technical and business aspects of running growing tech businesses. His job roles have included senior vice president of server and tools — today, still one of the anchors of the company’s nearly $70 billion bottom line. He missed several promotions though and virtually dropped out of sight.
Rudder is respected by both business and technical people, and he has a general good temperament — not aggressive or confrontational like Ballmer and Gates before him.
The reshuffling was outlined in a memo sent in mid-December by Ballmer, a copy of which was obtained by TechTarget. The story went public earlier this week in published reports that cited changes made to online biographies for Mundie and Rudder on Microsoft’s executive bios site.
Microsoft and Rudder aren’t saying if he would get the nod, or whether he would even want the chief executive’s title.
Of course, Rudder isn’t the only name floated by company observers as a possible replacement for Ballmer, when the day comes. One rumored candidate for the job is Kevin Turner, Microsoft’s chief operating officer.
In contrast to Rudder, however, Turner does not come from a primarily technology background — but rather from retail. Before joining Microsoft, Turner logged almost 20 years at consumer giant Wal-Mart. Because of that perception that he’s more of a bean counter than an inspiring technological leader, many employees think of Turner as CEO as potentially ruinous.
But at this point, Rudder’s star seems it may on the rise again as the company begins to redefine and reposition itself to focus on business customers, or on consumers, or possibly even a combination of the two. What course is best for IT customers is an open question.
Microsoft might want to add a 13th milestone to that video it posted yesterday, as its System Center 2012 SP1 product has hit RTM.
After the first version of the system management suite shipped in May, some early adopters of Windows 8 and Windows Server 2012 wanted to better manage those machines. They should be able to do just that when the suite becomes generally available.
Microsoft will be spreading some holiday cheer to admins this month with increased protection against security threats.
In an advance security bulletin released this week, the company said December’s Patch Tuesday will include seven bulletins. Five bulletins are marked as critical and two are marked as important.
All of this month’s critical bulletins will address remote code execution vulnerabilities. Windows RT, Internet Explorer and multiple versions of Windows Server and Microsoft Office will be affected by these bulletins. Service packs for Windows Server and Office will also be affected by critical bulletins.
The important bulletins will address a remote code execution vulnerability and a security feature bypass vulnerability. These will affect Word Viewer and multiple versions of Office service packs.
In our monthly feature, we round up the most popular content from the previous month and share it with you.
For November, our most popular pieces involved the changes to the Windows Server 2012 interface, high availability with shared-nothing live migration and a two-part series about what Microsoft’s product releases this year mean for its future.
A tour of the Windows Server 2012 user interface
Admins may be hesitant to embrace the changes to the UI in Windows Server 2012, but this photo story walks through them and explains why they aren’t as scary as they seem.
Windows Server 2012: Microsoft offers everything but the kitchen sink
The first part of this series looks Microsoft’s release of Windows Server 2012, its abundance of features and why some admins are waiting to make the upgrade or completely forego it.
Windows Server 2012 and Microsoft’s ‘Cloud OS’ ambitions
The second part of this series looks at Microsoft’s approach to creating a ‘Cloud OS’ and if its move will encourage its customers to accept the approach.
First patches issued for Windows 8, Windows Server 2012
For November’s Patch Tuesday, Windows Server 2012 and Windows 8 received their first patches for remote code execution vulnerabilities. Some patches were rereleased for signing errors. See also: our guide to 2012′s Patch Tuesdays.
High availability and shared-nothing live migration
This tip looks at what changes admins should expect with shared-nothing live migration, including some of the tradeoffs they may not anticipate after making the move.
What content of ours helped you in November? Let us know in the comments on this post, or on Twitter @SearchWinServ.
He said the immediate benefit for IT professionals is that the Azure subscription could be tied to an employee’s status at a company. If the employee leaves, deactivation on the local AD would be reflected in Azure.
The same is true of setting policies. Any change made to password requirements made through Windows Server AD would be passed on to WAAD.
Plus, for those weary of having to remember or manage a large number of passwords, this integration means that Single Sign-On (SSO) is possible. Passwords on Windows Server AD are never moved to the cloud; they are validated on-premises.
November 19, 2000. The U.S. still didn’t know who the president-elect was and “hanging chads” were a relevant term. It was also the date some administrators saw last week when machines connected to a timeserver rolled back system clocks.
You could say it was a Y2K redux for some admins, with some adverse effects: this rollback caused processes like Active Directory replication to fail.
It was caused by a timeserver at USNO.NAVY.MIL providing the incorrect time after an issue with a routine upgrade, Mary Jo Foley reported this week.
If the forest contained domain controllers that were running Windows Server 2003 and were connected to that timeserver, it could have caused the problem.
One of the most important: Don’t reboot — at least not right away. It goes against some of the conventional wisdom when doing troubleshooting (“Did you turn it off and turn it back on?” is quite a common refrain), but the team says it can exacerbate some of the issues.
It also includes the warning that admins should carefully read each step because of the complex situation and “don’t skip ahead or you’ll make the problem worse.”
Did you run into this issue and experience any adverse effects as a result? Let us know in the comments or on Twitter @SearchWinServ.
The Windows Server Notebook features news and commentary on a variety of Windows technologies. Here’s your chance to learn about and weigh in on the latest Microsoft releases and strategies, with a focus on server operating systems, virtualization, security and more.