Heads up Server Admins…watch out for these updates!

After three years of using System Center Configuration Manager, we are finally leveraging it to manage the security updates for our server collection and a significant part of that task is to ensure that we research as to whether there are any known issues with the updates that may potentially cause issues with our servers.  While browsing online for any problems that may have been documented with the October release of updates, I came across this post from Microsoft regarding three updates to look out for…

Other than that…good luck and Happy Patching!

Security update for Microsoft Exchange Server 2013 and 2016: October 9, 2018
When you try to manually install this security update in “normal mode” (not running the update as an administrator) by double-clicking the update file (.msp), some files are not correctly updated. When this issue occurs, you do not receive an error message or any indication that the security update was not correctly installed. Also, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update does not correctly stop certain Exchange-related services.
To avoid this issue, run the security update in elevated mode, as an administrator. To do this, right-click the update file, and then click Run as administrator.
This issue does not occur when you install the update from Microsoft Update.

October 9, 2018—KB4462917 (OS Build 14393.2551) – Windows 10, version 1607; Windows Server 2016
After installing this update, installing Window Server 2019 Key Management Service (KMS) host keys (CSVLK) on Window Server 2016 KMS hosts does not work as expected. Microsoft is working on a resolution and will provide an update in an upcoming release.

October 9, 2018—KB4462923 (Monthly Rollup) – Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1
After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.
[1] To locate the network device, launch devmgmt.msc. It may appear under Other Devices.
[2] To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.
Alternatively, install the drivers for the network device by right-clicking the device and choosing Update. Then choose Search automatically for updated driver software or Browse my computer for driver software.

Upcoming Apple Event on October 30th


As you may know already, Apple will be taking their traditional October unveiling of refreshed iPads and Macs outside of their California confines and heading to Brooklyn, NY!  Besides the aforementioned new iPad, it will be interesting to see which Macs get updated and will we have any notable surprises…

I know this may sound crazy to most of you but I’m excited to see if the rumors about the Mac Mini getting a refresh for the first time in four years is in the making.  I’m currently in the market for a new desktop and would jump at the first opportunity to buy a “Pro” version of it if its really in the works.

What do you look forward to you most from this event…

Ribeye Steak

Recently I was in the mood for a good steak and since it was on sale, I decided to pick some up.  People tend to get intimidated and think that the only way to get a good steak is to visit your local steakhouse but in reality all that’s needed is a cast iron skillet, steak seasoning, a trace amount of grapeseed oil, and some butter to top it off!  Follow these steps for a great steak that will be on par with any five star steakhouse but only cost you a fraction of the price!

  1. Heavily season the steak as you see fit.  You can use a store brand seasoning or you can create our own by blending salt, pepper, oregano, etc.
  2. Start heating our cast iron skillet and after one minute, pour a small amount of grapeseed oil that’s enough to cover the surface of the skillet.
  3. Wait until the oil starts to smoke and immediately place your steak in the center of the skillet.
  4. Cook the steak for 4 minutes on one side and then flip it over.
  5. Continue cooking the steak for an additional 2 minutes.  At this point, add 1 tablespoon of butter to the skillet and use a spoon to gather the melted butter and pour over the steak for 1 minute.
  6. Pick up the steak and sear all edges before removing (approx. 15 seconds).
  7. Let the steak sit for 10 minutes which will allow for the juices to abosrb back into the meat
  8. Serve and enjoy!

The finished product:

Data Loss Problem with Windows 10 v1809

What caused the Data Loss problem for those who installed Windows 10 v1809

Windows 10 v1809 October 2018 Update was hit by the worst bug till now. A lot of users who upgraded to it reported a loss of files from their user folder. It turned out to be a bug in Windows 10 Upgrade deleted those files because of what is Microsoft calling Known Folder Redirection (KFR) redirection issue. Microsoft is now rolling out a fixed version with ISO and Media Creation offerings, while those who have already updated to v1809 are getting a Cumulative Update 17763.55 (KB4464330) as part of the fix. Now let’s deep dive into what caused the data loss problem for those who installed Windows 10 v1809.

What caused the Data Loss in Windows 10 v1809

Known Folder Redirection is a technique which allows one to change the default location of folders like Downloads, Music, Documents, OneDrive, etc. to somewhere else on the PC without changing where they appear on the Windows Explorer.

When v1809 was under testing, a couple of users reported that when this technique was used, they had an extra copy of empty folder at those default location. Microsoft added a new set of code in the October 2018 Update to remove these empty, duplicate known folders. This changed combined with another change to the update sequence, resulted in the deletion of the original “old” folder locations and their content, leaving only the new “active” folder intact.

Known Folder Redirection

What is even surprising to note is that this was a remote issue which was reported by a set of users while this version was with Insiders. Since Feedback Hub is based out of voting, this major issue was buried as it did not get many votes from all the users. Shared by @WithinRafael on Twitter, it’s pretty clear that Microsoft had it overlooked. IMO any issues which are around file deletion must be taken seriously.

Data Loss problem in Insiders


Windows Team adds further that the user files were deleted in the following situations:

  1. If the contents of c:\users\username\documents were not moved to D:\documents when the location was being changed,  then a user could also encounter this issue.
  2. When the user chose to redirect their folders to another folder on OneDrive but chose not to move existing files to new location. Since those files were not moved, October Update treated them as duplicate folders and deleted them.
  3. If Known Folder redirection was used using an early version of the OneDrive client with settings to turn on the Autosave feature. The client didn’t move the old files to the new location.

So if the files were left in the old location they where removed by the Update. Now here is what I am surprised at. Why did users choose to leave the files after migration to a new location? Secondly, why were they looking at these folders when they had already migrated to a new location?

On a related note – comments like these should cause concern to Microsoft:

The Win 10 updates are unpredictable. I’m scared to death each time the automatic updates (which I can not disable) happen. After an update one of more installed software stop working and need re-installing. I have no viruses or cracked software. The last Win 10 update corrupted the MBR (Master Boot Record) on my 2 laptops and 1 desktop. 3 computers done the same update at the same time and having corrupted MBRs is NOT a coincidence. Microsoft owes $900 just for this damage alone. i spent $300 for each computer to have the drives removed and put new drives in so I can keep my data that was not corrupted in the old hard drives. The “reset Win 10” without losing personal data function in the advanced settings was not working on all 3 computers. Thank God I had 3 spare SSDs as a backup, but it is such a hassle going through the old hard drives and saving all the data in different locations. I’m switching to MAC and ditching everything PC related – PERIOD!

If you lost your data files, you can try and recover those files.

Windows 10 v1809 October 2018 Update is now available for download again. If you wish to still play safe, you may defer the installation of this feature update.

Windows 10 disaster!

The latest version of Windows 10 has been a disaster thus far since it was released on October 2nd and it appears that the “file deletion” bug after upgrading to version 1809 appears to be the straw that broke the camels back as Microsoft finally decided to remove the latest update from their sites effective October 6th and have put version 1803 back in its place.  It’s situations like this as to why it does not pay to be an early adopter.  Since I’m in charge on creating / maintain our Windows 10 images, I have stood up a few virtual machines for testing purposes but no way would I ever deploy any new version of an OS so soon without having all the bugs getting worked out.  Even with version 1803, we did not start deploying it until August as it too had its fair share of issues.  Who knows when version 1809 will be fixed and made available again for the masses…stay tuned!

October is National Cybersecurity Awareness Month!

It is that time of the year again folks! As stated on the Department of Homeland Security Website,

This October, National Cybersecurity Awareness Month is commemorating its 15th year as an annual initiative to raise awareness about the importance of cybersecurity.  NCSAM 2018 is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats.  DHS is the federal, national lead for NCSAM.  DHS also co-leads NCSAM with the National Cyber Security Alliance.

A colleague of mine gave me a report about publicly available hacking tools that was released by the National Cyber Security Centre.  I found it very informative; get your copy of the report in the link below…

Joint report on publicly available hacking tools (NCSC)

Breakdown of different types of WSUS Updates

Recently, I had to explain the difference between the types of updates showing in our SCCM update catalog and figured that it might be helpful to others looking for a detailed explanation.

The update categories are as follows:


A security-only quality update:

• A single update containing all new security fixes for that month
• This will be published only to Windows Server Update Services (WSUS), where it can be consumed by other tools like ConfigMgr, and the Windows Update Catalog, where it can be downloaded for use with other tools or processes. You won’t see this package offered to PCs that talk to Windows Update.
• This will be published to WSUS using the “Security Updates” classification, with the severity set to the highest level of any of the security fixes included in the update.
• This (like all updates) will have a unique KB number.
• This security-only update will be released on Update Tuesday (commonly referred to as “Patch Tuesday”), the second Tuesday of the month. (This is also referred to as a “B week” update.)

A security monthly quality rollup:

• A single update containing all new security fixes for that month (the same ones included in the security-only update released at the same time), as well as fixes from all previous monthly rollups. This can also be called the “monthly rollup.”
• This will be published to Windows Update (where all consumer PCs will install it), WSUS, and the Windows Update Catalog. The initial monthly rollup released in October will only have new security updates from October, as well as the non-security updates from September.
• This will be published to WSUS using the “Security Updates” classification. Since this monthly rollup will contain the same new security fixes as the security-only update, it will have the same severity as the security-only update for that month.
• With WSUS, you can enable support for “express installation files” to ensure that client PCs only download the pieces of a particular monthly rollup that they haven’t already installed, to minimize the network impact.
• This (like all updates) will have a unique KB number.
• This monthly rollup will be released on Update Tuesday (also known as “Patch Tuesday), the second Tuesday of the month. (This is also referred to as a “B week” update.)

A preview of the security monthly quality rollup:

• An additional monthly rollup containing a preview of new non-security fixes that will be included in the next monthly rollup, as well as fixes from all previous monthly rollup. This can also be called the “preview rollup.”
• This preview rollup will be released on the third Tuesday of the month (also referred to as the “C week”).
• This will be published to WSUS using the “Updates” classification as an optional update. It will also be available via Windows Update (where all consumer PCs will install it) and on the Windows Update Catalog.
• With WSUS, you can enable support for “express installation files” to ensure that client PCs only download the pieces of a particular monthly rollup that they haven’t already installed, to minimize the network impact.
• Starting in early 2017 and continuing for several months, older fixes will also be added to the preview rollup, so it will eventually become fully cumulative; installing the latest monthly rollup will then get your PC completely up to date.
• This (like all updates) will have a unique KB number.

Mojave has arrived…make sure to create your bootable USB drive now!

As expected, Apple has released their latest desktop OS (Mojave 10.14) to the masses.  Aside from setting up a new virtual machine that I use for testing the latest OSs, one of the next things I like to do is create my own bootable USB Flash Drive that I use to perform clean installs on other Macs with.

Here are the steps I followed which resulted in the successful creation of a bootable USB Flash Drive with Mojave ready to install:

Step 1: Format the USB Drive to be Bootable
This is going to format the drive so that it will be a bootable installer, without doing this the drive may not be bootable. If you don’t want to erase the drive, find one you don’t mind formatting instead.  Connect the USB drive to the Mac and launch Disk Utility, then select that USB drive from the left side drive list (be sure you select the USB drive you want to make the bootable installer from)  Click on the “Erase” tab and format the drive as “Mac OS Extended (Journaled), then choose “Erase” and confirm.  Next go to the “Partition” tab and under ‘Partition Layout’ click on the pulldown menu, changing it from “Current” to “1 Partition”.  Change the name to “Untitled” from ‘Untitled 1′ then click on the “Options” button.  Choose “GUID Partition Table” as the partition scheme and choose “OK”.  Click “Apply” and confirm the creation of the partition.  Quit out of Disk Utility when finished.  Now that the drive is ready, you can move on to making the actual installer.

Step 2: Making the macOS Mojave Installer Drive
The next step will actually make the installer drive from the previously formatted USB disk.  If you already have the macOS Mojave installer application in the /Applications/ folder on the Mac, you can skip directly to the “Terminal” part.  Download macOS Mojave from the Mac App Store.  DO NOT INSTALL IT!  When the download completes and the “Install macOS Mojave” app launches, quit out of it immediately then quit the installer.  Launch Terminal app and enter the following command exactly as shown below, copy and paste works fine:

sudo /Applications/Install\ macOS\ Mojave.app/Contents/Resources/createinstallmedia –volume /Volumes/Untitled /Applications/Install\ macOS\ Mojave.app –nointeraction

Enter the administrator password when requested (this is required to use the sudo command – the password will not show up and it looks as if you’re not entering anything, that is normal behavior for the command line), then hit the RETURN key to start making the installer.  You’ll see a series of message like the following, let it finish until you see the “Done” message – this may take a while as multiple GB of data have to be transferred:
“Erasing Disk: 0%… 10%… 20%… 30%…100%…
Copying installer files to disk…
Copy complete.
Making disk bootable…
Copying boot files…
Copy complete.

When finished and the terminal reads “Done”, exit out of Terminal, you’re ready to use the newly created bootable installer drive!  Good luck!

Common SCCM Site System Roles

Recently I was asked to give a breakdown of the different site roles within SCCM.  Hopefully this serves as a good reference for those requesting it and/or needing it:

Software update point   A site system role that runs Microsoft Windows Server Update Services (WSUS) and allows Configuration Manager to use the WSUS catalog to scan Configuration Manager clients for software updates.

  • Application Catalog web service point: A site system role that serves as an Application Catalog web service point.
  • Component server: Any server requiring a Configuration Manager service to be installed.
  • Distribution point: A Configuration Manager server role that stages packages for distribution to clients.
  • Endpoint Protection point: A site system role that serves as a endpoint protection point.
  • Management point: A site system role that replies to Configuration Manager client requests and accepts management data from Configuration Manager clients.
  • Site server: The main site system role that hosts the Configuration Manager components and services.
  • Site system: A server or server share that hosts one or more site system roles for a Configuration Manager site.
  • Component server: Any server requiring a Configuration Manager service to be installed.
  • Reporting services point: A site system role that  provides integration with SQL Server Reporting Services to create and manage reports for Configuration Manager.