Category Archives: Microsoft

Temporary workaround for Windows SMBv2 zero-day

The Windows SMBv2 zero-day vulnerability (disclosed vulnerability with no software fix) appears to be more dangerous than initially thought.  The vulnerability does not affect the Release to Manufacturing (RTM) version of Windows 7 or Windows Server 2008 R2, but it does affects Windows Vista and Windows Server 2008.  The danger is no longer just a system crash or reboot, it can lead to a full system compromise.

In the absence of a patch, Microsoft released some instructions for disabling SMBv2.  For your convenience, I’ve packaged two REG files that you can download that enable and disable SMBv2 in Windows Vista and Windows Server 2008.  So until a software patch is available, you need to disable SMBv2 double clicking the disable-SMBv2.reg file and then rebooting.  The workaround does not break your ability to serve files, but it does reduce your SMB file serving speeds down to Windows XP and Windows Server 2003 levels which would result in a moderate decrease in performance.  When the patch becomes available and you have applied the patch, just run the enable-SMBv2.reg file and reboot.

Mozilla patches SSL, Microsoft CryptoAPI still exposed

Firefox logoMozilla has patched a very critical flaw in Firefox that allows attackers to pose as a legitimate Firefox update server and implant harmful code into a victim’s computer. Firefox 3.0.13 and 3.5.2 are no longer vulnerable to this attack and the update should automatically run. It would be prudent to check it manually under the Firefox “Help” menu and open the “About” window.

See the full story at »

Outlook blows up after latest Windows Update

Immediately rebooting after the latest Microsoft Windows Update pushed to me (even though it isn’t patch Tuesday) seemed to have nuked Outlook 2007 with the dreaded message:

“Cannot start Microsoft Outlook. Cannot open the Outlook window.”

My first reaction was to do a system restore to before the update was applied which was a mistake as it didn’t fix the problem.  A quick search on the support forums indicates that the correct solution is to run an “outlook.exe /resetnavpane” command from the Windows Run prompt.  Then after I applied the Windows Update again, Outlook broke again with the same error message.  Running the same resetnavpane command fixed the problem again so I would have saved myself a lot of trouble had I not performed a system restore.

SCVMM’s P2V functionality: nothin’ but net!

This weekend I did my first P2V (physical-to-virtual) conversion of a machine using SCVMM 2008 (System Center Virtual Machine Manager). I expected the worst. Instead, I got a really pleasant experience. It worked like a charm, so long as the right ports were opened and you knew the username/password of a user who is a local administrator on the destination machine. In my case, I simply plugged the secondary NIC on the machine (it was a machine in my DMZ, ironically enough, it was previously my VMWare Server box) into a switch on my LAN, started the conversion process, and an hour later, it was done. As expected, I needed to reconfigure the NIC (I always expect this, since it is considered a new NIC). One nice surprise is that it maintained the volume lettering, even though I did not convert all of the volumes. In this case, I had a D drive which I did not convert, but I did convert the F drive, and even though the converted F drive was the secondary drive on the virtual adapter, Windows was still calling it F. That ensured that I didn’t need to mess with anything after conversion. Overall, I can report that SCVMM did a P2V with flying colors, and should not be feared or avoided.


SCOM 2007 R2: Worth the upgrade

I recently updated my SCOM (SystemCenter Operations Manager) 2007 installation to 2007 R2. Not only was the upgrade pleasantly smooth, easy, painless, and fast, but the results were worth it. The new administration console has features which made it worth it for me. The first, is that it no longer periodically crashes when I run it on my local PC (Vista, connected to the network over a VPN), so I do not need to work from the server’s console to use it. The other feature I love, is that I can now install management packs directly from the site within the console, and I can search for them too. Even better, there is a filter to show only the MP’s that are more recent than what I have installed. Now, I can actually keep my MP’s updated on a regular basis!


Microsoft CRM 4: The buggiest software I deal with

I really have no idea what the CRM team at Microsoft is doing, but they have released a whopping FIVE “rollup” packages in the last few months for CRM 4. Maybe I am being a bit overcritical here, but I really think that five rollup package (comprised of dozens of individual patches each) is extreme. No other application I deal with… Office, SQL Server, Exchange, and more… have nearly this many patches. I am not happy with the CRM product to begin with. I get CC’ed on a ton of emails to our CRM consultant about unusual behavior, and it relies upon the SQL Server Reporting Services product which is a disaster. But the patch frequency scares the pants off of me. We implemented CRM because we needed to replace our previous product, because we got it for free as Certified Partners, and because we hoped it would integrate nicely into the rest of the stack. Instead, we got a miserable, Web-based application that is buggy as all get out and my users hate it.


Changing Work Item “Created By” in TFS

I recently tried to change work item “created by” in TFS. TFS blocks you from doing this, so I tried the backdoor method: direct database updates. However, I found that just modifying the “Created By” column in WorkItemsLatest causes the work items to not allow themselves to be edited afterwards. The trick is to also update the “Created By” column in WorkItemsAre and WorkItemsWere. As long as there is agreement for the item in all three tables, this will work just fine.


SharePoint not sending alerts? I found one fix for that.

I had a problem where SharePoint was set to send alerts to users (in this case, when tasks were assigned to them), but it was not sending the alerts to everyone. It turns out, that if a user is not explicitly a member of any SharePoint groups, they won’t get the email. I had put “DOMAINDomain Users” into the “Contribute” group (easy permissions that way), but adding the users to a group is what I needed to do for those alerts to get sent out. Hope this helps someone else out!


Vista SP2 and language packs

Tonight I went ahead and tried to install SP2 for Vista is the hopes that it would cure my Windows Media Player problem. No dice. Apparently, I need one that supports the 34 languages that I don’t have installed. Why? Because at one point I did install them, then uninstalled them, and now, SP2 thinks they are still installed. Huh?


Bit rot finally hits my Vista install

Despite what people say about Vista, I have had nothing but good experiences with it, until relatively recently. The first sign of trouble I had, was when I upgraded the Live Meeting client, and it treated every launch as if it had just been installed, and it wouldn’t associate itself to the Live Meeting links right. More upsetting, Windows Media Player will no longer start unless I do “Run as Administrator”, and it won’t minimize itself to be the mini player in my taskbar. Good timing, since W7 is right around the corner. Since I’ve had this Vista install since the week it RTM’ed, I can’t complain. Well over 2 years before bit rot sets in is a great run for an OS.