The Windows Server Notebook


March 7, 2013  6:57 PM

Patch Tuesday critical fixes coming for IE, Office, SharePoint and Silverlight

Toni Boger Toni Boger Profile: Toni Boger

The latest batch of Patch Tuesday bulletins will bring a number of fixes for critical vulnerabilities in multiple programs for March.

Microsoft released an advance security bulletin this week that includes a total of seven bulletins. Four of the bulletins are marked as critical and three are marked as important.

March’s critical bulletins address vulnerabilities with remote code execution and elevation of privilege. Multiple versions of IE, Microsoft Office, Microsoft Silverlight and Microsoft SharePoint are affected by these vulnerabilities.

The month’s important bulletins address information disclosure and elevation of privilege vulnerabilities. Multiple versions of Microsoft Office and Windows Server are affected.

March’s total number of bulletins is less than the 12 bulletins for last month’s Patch Tuesday, which had a near-record breaking number of 57 patches.

What do you think of this month’s patches? Let us know in the comments on this post, or on Twitter @SearchWinServer.

March 5, 2013  6:04 PM

Windows Azure adds two factor authentication, new features

Jeremy Stanley Jeremy Stanley Profile: Jeremy Stanley

Windows Azure identity management has lagged behind the mature on-premises Active Directory. But Microsoft has made strides to make both access management options equal citizens (and in turn, is making the cloud offering more appetizing to weary administrators).

The company delivered more enhancements to Windows Azure Active Directory this week, including a big security enhancement.

Large companies have been the recent target of major user data theft, and one of the ways Microsoft hopes to combat this is through two factor authentication.

If enabled for a user, when a user correctly inputs their password when logging in, a code will be text messaged to their phone in order to gain access to the server. This isn’t quite ready for primetime, Microsoft marks the feature as a “preview” — meaning some parts might not work.

User account creation also came to the Windows Azure AD interface. This gives administrators the ability to manage user subscriptions right in the Windows Azure Portal. Role based access control also comes to Azure AD, allowing admins to assign other users as administrators. Removing and adding users now also works right from the Azure Portal.

Microsoft also made available the previously announced ability to sync and federate Windows Server AD with Windows Azure AD. When a change is made on Windows Server, it automatically syncs to the Azure Portal, and vice versa.

Windows Azure has gained credibility among corporate IT recently with its pricing and feature improvements.

What do you think of the latest changes to Windows Azure? Are you using Windows Azure AD? Let us know in the comments below, or find us on Twitter @SearchWinServer


March 1, 2013  2:24 PM

February in review: The top searchWindowsServer news and tips

Toni Boger Toni Boger Profile: Toni Boger

For our monthly feature, we round up the most popular content from the previous month and share it with you.

In February, our readers were most interested in the latest batch of Patch Tuesday bulletins, getting around Window Server 2012′S GUI, what the language in Azure’s cloud data privacy policy means for customers and answers to common PowerShell questions.

IE, Exchange vulnerabilities highlight near-record Patch Tuesday
In a Patch Tuesday that almost broke the record set in April 2011, 57 patches were issued for vulnerabilities in Windows Server, Internet Explorer and Oracle’s Outside In library. Other critical patches were issued for media codecs in older OSs.

How to work without the GUI in Windows Server 2012
There are good reasons for keeping the Modern UI in Windows Server 2012, but if admins want to skip it, there are options for ways to work around the GUI, including third-party apps that bring back the Start menu and moving as many tools as possible to the desktop.

How to use PowerShell to pass info to remote computers
If admins need to execute something locally and share it with remote computers, PowerShell remoting can ease the process with specific techniques that include parameter blocks and inputting specific variables.

Cloud data ownership explained in Windows Azure privacy policy
If you take a close look at Microsoft’s privacy policy for cloud data in Azure, customers own their data, but the policy still lets Microsoft use their data for things like statistical analysis, troubleshooting to keep the Azure operation running and threat detection/prevention.

Using PowerShell script prompts for input
There are many ways admins can make and run a script prompt for input in PowerShell, but our expert says the best way to do it is to let PowerShell do most of the work and to make some small but effective changes to the coding.

What content from February was most helpful for you? Let us know in the comments or on Twitter @SearchWinServer.


February 26, 2013  8:27 PM

Microsoft releases minor updates for Windows Server 2008, Windows Server 2012

Jeremy Stanley Jeremy Stanley Profile: Jeremy Stanley

It’s not Patch Tuesday, but there are updates admins should look for this week as Microsoft delivers updates across its portfolio of recent operating systems.

A tool is now available for Windows Server 2008 R2 and Windows 7 which checks for inconsistencies and potential errors with software updates. The Software Update Tool checks the integrity of a few folders and repairs any issues with registry data.

A platform update is also available for Windows 7 and Windows Server 2008 R2. The update fixes a number of components, including the Windows Imaging Component and Direct3D.

Windows Server 2012 Essentials, the home business version of the server operating system, received server-side fixes in its first rollup update. It adds the option to use a third-party hosted email service and updates the .NET framework to a new version.

Multilingual versions of Windows 8 and Windows Server 2012 also received a small patch for a font rendering issue.

Microsoft also released Internet Explorer 10 for Windows 7. It was previously available for Windows 8.

What do you think of this news? Let us know in the comments or on Twitter @SearchWinServer.


February 7, 2013  8:44 PM

Windows Server releases could become more frequent

Jeremy Stanley Jeremy Stanley Profile: Jeremy Stanley

Microsoft may release major platform updates on a yearly basis — including Windows Server — if a rumor is true.

Mary Jo Foley reported that a tipster told her the codename “Windows Blue” we’ve heard about will not only apply to Windows on the desktop, but also to Windows Server and Windows Services like SkyDrive and Office365.

“Blue is a wave of product refreshes which are not expected to arrive exactly all on the same day, but which are meant to be released more or less around the same time,” Foley wrote.

Foley further added credence to the rumor with a screenshot of a Microsoft employee’s LinkedIn profile containing references to the Windows Blue project.

The Blue update wouldn’t likely mean Microsoft would release a product called “Windows Server 2013″ this year and “Windows Server 2014″ the next. Rather, these updates would be distributed directly to admins by some means.

The iterative, yearly nature of this rumored strategy would be new for Microsoft, but its competitors on the desktop have moved to this with some success. Apple has released a “major” upgrade of its Mac OS X every year for the last three years.

These latest rumors ask more questions than they answer: Are they just more frequent Service Pack updates? Will they cost anything extra? How much of a headache will this cause admins?

What do you think of this news? Let us know in the comments or on Twitter @SearchWinServer.


February 7, 2013  7:18 PM

Fixes coming for Windows Server, IE in February Patch Tuesday

Toni Boger Toni Boger Profile: Toni Boger

Even though it’s only 28 days long, February will still be a busy one for admins after Microsoft announced its most recent batch of fixes for this month’s Patch Tuesday.

The company released an advance security bulletin this week that includes 12 bulletins. Five bulletins are marked as critical and seven are marked as important.

All of February’s critical bulletins address remote code execution vulnerabilities. Multiple versions of Windows Server and Internet Explorer, as well as Windows RT, are affected.

The seven important bulletins address denial of service and elevation of privilege vulnerabilities. Multiple versions of Windows Server are affected.

This is the second month in a row Internet Explorer has received attention for vulnerabilities. Last month, an Internet Explorer zero-day exploit led Microsoft to post a workaround outside of the Patch Tuesday fixes, and later patch out-of-band.

What do you think of this month’s patches? Let us know in the comments on this post, or on Twitter @SearchWinServer.


February 5, 2013  9:20 PM

Microsoft delivers Configuration Manager add-ons and extensions

Jeremy Stanley Jeremy Stanley Profile: Jeremy Stanley

Microsoft released a pair of add-ons for System Center Configuration Manager 2012 and an update to an existing tool on Monday.

The Configuration Manager Toolkit comes with a wide range of utilities that would aid Configuration Manager management and troubleshooting.

For instance, Client Spy will troubleshoot problems with application distribution and software metering, and Policy Spy allows admins to check the policy system of Configuration Manager client systems.

Power Viewer would do exactly what one would expect: view the power management status on client machines.

Also included in the toolkit is the Security Configuration Wizard Template, which intends to reduce the attack surface for Windows Server 2008 R2.

In all, there are nine tools in the kit, which are all available for download from Microsoft’s site.

The company also released a new version of its Physical to Virtual (P2V) Migration Toolkit. The toolkit allows admins to support migrations in remote offices that don’t have Virtual Machine Manager infrastructure onsite. Note that the P2V toolkit will no longer be supported by Microsoft on July 27 of this year.

Finally, the Package Conversion Manager received an update, allowing System Center Configuration Manager 2007 packages to System Center 2012 SP1.

Are you using Configuration Manager? What do you think of these new tools? Let us know in the comments below, or on Twitter @SearchWinServ.


February 1, 2013  4:56 PM

January in review: The top SearchWindowsServer tips and news

Toni Boger Toni Boger Profile: Toni Boger

In our monthly feature, we compile the previous month’s most popular content to share with you.

For the first month of the new year, our readers were most interested in content that covered the pros and cons of running Server Core, iSCSI Targets, cost savings with Hyper-V 3.0 and news items about IE exploits and a service pack.

Remote code execution IE exploit not covered in January Patch Tuesday

News of an IE exploit made the rounds in admin circles, but what was surprising to some is that a fix didn’t make it into the monthly Patch Tuesday. An out-of-cycle fix was eventually released the following week. Included in the month’s Patch Tuesday were critical fixes for Microsoft’s XML implementation and Print Spooler components.

General availability comes for System Center 2012 SP1

Admins looking for Windows Server 2012 and SQL Server 2012 support could finally get it after System Center 2012 SP1 became generally available. There were also fixes for bugs in the suite of management products as well as a new version of Windows Intune.

How to decide if running Server Core in Windows Server 2012 is right for you

Our expert broke down the pros and cons of using Server Core in Windows Server 2012. Some things admins should consider before using it are its smaller attack surface and its virtualization benefits, but also its steep learning curve and its potential compatibility issues.

Using iSCSI Targets in Windows Server 2012 Failover Clusters

Now that iSCSI Targets come bundled with Windows Server 2012, admins looking to take advantage of it will want to know how to configure them. This tip provides a step-by-step process to make sure you can make the most of it.

How Hyper-V 3.0 can provide major cost savings in virtualization

It’s getting easier than ever to have a reliable and complete virtualized environment with Hyper-V, especially in terms of using little to no cash to make it happen. Our expert offers some hints about things admins can do and look for to make the best virtualized environment for their IT shops.


January 31, 2013  9:30 PM

Failover clustering in Windows Server 2012 get hotfixes

Jeremy Stanley Jeremy Stanley Profile: Jeremy Stanley

Microsoft is delivering a hotfix for a crasher that affects a Windows Server 2012-based failover cluster after applying a specific update.

If a user installed an update for the .NET 4.5 framework, it could cause crashes for the failover cluster management snap-in on a Windows Server 2012 cluster.

Admins can download the fix from Windows Update or from Microsoft’s website.

In November, Microsoft also pushed a hotfix for an error message displayed after a restore.

Have you deployed the hotfixes available? Did you experience the crash? Let us know in the comments, or on Twitter @SearchWinServ


January 31, 2013  8:11 PM

System Center 2012 gets Monitoring Pack for Remote Access 2012

Jeremy Stanley Jeremy Stanley Profile: Jeremy Stanley

Microsoft last week released a System Center Monitoring Pack for Remote Access 2012, bringing support for DirectAccess and Routing and Remote Access.

The monitoring pack, available for download for System Center Operations Manager 2012, will cover monitoring more components and their health.

Specifically, with DirectAccess monitoring, the pack can alert System Center users of issues with internal and external adapter connections and settings. It also contains shortcuts to help protect against network security threats like DOS attacks or spoofs.

The pack also works with VPN monitoring, which displays information about connection failures, configuration issues, hardware problems and more.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: