Hibernate and FDE

Earlier this week, I read this article reporting on Passware’s presentation at Password^20.   It reported that if you are using BitLocker or TrueCrypt and you’ve ever used hibernate, then Passware Kit Forensic is able to recover the encryption key from the Hibernate file.   The recommendation was “NEVER EVER EVER EVER allow hibernation for any computer.” I found …

Continue reading ‘Hibernate and FDE’ »

SCUPing Shockwave

At the risk of stepping on the Queen of SCUP’s toes, I’m going to write-up how I deployed Shockwave with System Center Updates Publisher (SCUP).  For the prologue on what SCUP and SCCM are see last weeks post on SCUPing Flash. Shockwave is part of our standard config.   I’m not really sure why.   Is it actually …

Continue reading ‘SCUPing Shockwave’ »

Quicktime and SCUP

When Quicktime 7.6.7 came out, I wanted to deploy it with Microsoft System Center Update Publisher (SCUP).   I’d recently used SCUP to deploy Flash (for IE) and the Dell Inventory Agent.   It made sense to look at using SCUP and SCCM Software Updates to deploy patches rather than continuing to use the old Software Distribution …

Continue reading ‘Quicktime and SCUP’ »

SCUP Rule Testing

Microsoft System Center Update Publisher is a method to get third-party updates deployed through SCCM and an internal update server.   As I started working with it this summer, I had issues creating applicability rules.   When you create a collection in SCCM you get immediate feedback about the accuracy of your rules.   You either have the number of computers …

Continue reading ‘SCUP Rule Testing’ »

Patching week in review

This week saw a large number of Microsoft patches Additionally Adobe released updates for Flash and Adobe Air. Acrobat and Reader updates expected for this week will occur next week. Apple patched the iPhone and released an update for QuickTime.  iTunes users were not given the QuickTime update as of this post. To stay up …

Continue reading ‘Patching week in review’ »

SCUP and Flash

I deployed Adobe Flash 10.1 through System Center UpdatesPublisher (SCUP).  Its kind of sad how excited this makes me. SCUP is a framework that allows you to integrate third-party update deployment into your SCCM/WSUS server.   Companies can provide a CAB file that you import into SCUP, approve updates and publish them to your SCCM server.  …

Continue reading ‘SCUP and Flash’ »

GuardianEdge Windows 7 Looking Back

Like a lot of companies we are trying to go to Windows 7 sooner rather than later. We skipped Vista and XP is starting to seem a bit old. One of the things holding us back is GuardianEdge’s Full Disk Encryption product. Here’s our timeline. In October 2009 I asked GuardianEdge about Windows 7 support …

Continue reading ‘GuardianEdge Windows 7 Looking Back’ »

Email Message Size Limits – The Update

The Microsoft Exchange team wrote a blog back in 2006 summarizing the need to email message limits. Email size limits help protect you against denial of service attacks. Intentional or not Internal sender or external, a large message can consume all available resources. The problem can be aggravated by Antivirus for Exchange. It only has …

Continue reading ‘Email Message Size Limits – The Update’ »

50 Percent of Enterprise XP running SP2

According to Qualys, 50% of enterprise Windows XP computers are still running Service Pack 2. This was reported by Byron Acohido in a USA Today article. This matters because MIcosoft will stop providing security patches for computers with this service pack in July. If you’re running XP, you must have service pack 3 to continue …

Continue reading ‘50 Percent of Enterprise XP running SP2’ »