Internet Information Services (IIS) 6.0 Vulnerability for Windows Server 2003

Vulnerability US-CERT is aware of active exploitation of a vulnerability in Windows Server 2003 Operating System Internet Information Services (IIS) 6.0. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

On June 15, 2015, Microsoft ended support for Windows Server 2003 Operating System, which includes its Internet Information Services (IIS) 6.0 web server. Computers running Windows Server 2003 Operating System and its associated programs will continue to work even after support ends. However, using unsupported software may increase the risks of viruses and other security threats.

US-CERT encourages users and administrators to review the National Vulnerability Database entry on this vulnerability, as well as US-CERT Alert TA14-310A.

For more details click here CVE-2017-7269.

Reference:  https://www.us-cert.gov/ncas/current-activity/2017/03/30/Internet-Information-Services-IIS-60-Vulnerability

Now Available: Update 1702 for System Center Configuration Manager

March 26, Microsoft has announced that they have released SCCM version 1702 for Current Branch (CB) that includes some great new features and product enhancements. If you are running with SCCM environment version 1606 or 1610 the new update will be available as an in-console and can be directly upgraded to SCCM CB 1702. If for some reason it is not visible in our SCCM console,  if yes? Please find the PowerShell script here to ensure that you are in the first wave of the customer to get the update.

SCCM 1702 updates include many new features and enhancement in Windows 10 management and new functionality using Configuration Manager connected with Microsoft Intune. Let’s discuss a few of the enhancement below:

  • Support for Windows 10 Creators Update – This version of Configuration Manager now supports the release of upcoming Windows 10 Creators Update. You can upgrade Windows 10 ADK to the latest version for full OS imaging support.
  • Express files support for Windows 10 Cumulative Update – Configuration Manager now supports Windows 10 Cumulative Update using Express files.
  • Deploy Office 365 apps to clients – Beginning in version 1702, from Office 365 Client Management dashboard, you can start the Office 365 Installer that lets you configure Office 365 installation settings, download files from Office Content Delivery Networks (CDNs), and deploy the files as an application in Configuration Manager.
  • Customize high-risk deployment warning – You can now customize the Software Center warning when running a high-risk deployment, such as a task sequence to install a new operating system.
  • Close executable files at the deadline when they would block application installation – If executable files are listed on the Install Behavior tab for a deployment type and the application is deployed to a collection as required, then a more intrusive notification experience is provided to inform the user, and the specified executable files will be closed automatically at the deadline.
  • Conditional access for PCs managed by System Center Configuration Manager – Now production ready in update 1702, with conditional access for PCs managed by Configuration Manager, you can restrict access to various applications (including but not limited to Exchange Online and SharePoint online) to PCs that are compliant with the compliance policies you set

Few enhancements included which connected with Microsoft Intune.

  • Android for Work support – You can now enroll devices, approve and deploy apps, and configure policies for devices with Android for Work.
  • Lookout threat details – You can view threat details as reported by Lookout on a device.
  • Apple Volume Purchase Program (VPP) enhancements – You can now request a policy sync on an enrolled mobile device from the Configuration Manager console.
  • Additional iOS configuration settings – We added support for 42 iOS device settings for configuration items.

Microsoft has removed and dropped support for following product with the new release of SCCM 1702.

  • SQL Server 2008 R2, for site database servers. This version of SQL Server remains supported when you use a Configuration Manager version prior to version 1702.
  • Windows Server 2008 R2, for site system servers and most site system roles. This version of Windows remains supported when you use a Configuration Manager version prior to version 1702.
  • Windows Server 2008, for site system servers and most site system roles.
  • Windows XP Embedded, as a client operating system. This version of Windows remains supported when you use a Configuration Manager version prior to version 1702.

Microsoft has made improvement in-console search as:

  • Object Path:
    Many objects now support a column named Object Path. When you search and include this column in your display results, you can view the path to each object. For example, if you run a search for apps in the Applications node and are also searching sub-nodes, the Object Path column in the results pane will show you the path to each object that is returned.
  • Preservation of search text:
    When you enter text into the search text box, and then switch between searching a sub-node and the current node, the text that you typed will now persist and remain available for a new search without having to re-enter it.
  • Preservation of your decision to search sub-nodes:
    The option that you choose for searching the current node or all sub-nodes now persists when you change the node you are working in. This new behavior means that you do not need to constantly reset this decision as you move around the console. By default, when you open the console the option is to search only the current node.

Send feedback from the Configuration Manager console

You can use the in-console feedback options to send feedback directly to the development team. You can find the Feedback option:

  • In the ribbon, at the far left of the Home tab of each node.
    Ribbon
  • When you right-click on any object in the console.
    Righ-click option

Choosing Feedback opens your browser to the Configuration Manager UserVoice feedback website.

Peer Cache improvements

Beginning with version 1702, a peer cache source computer will reject a request for content when the peer cache source computer meets any of the following conditions:

  • Is in low battery mode.
  • CPU load exceeds 80% at the time the content is requested.
  • Disk I/O has an AvgDiskQueueLength that exceeds 10.
  • There are no more available connections to the computer.

Additionally, three new reports are added to your reporting point. You can use these reports to understand more details about rejected content requests, including which boundary group, computer, and content was involved.

Content library cleanup tool

Use the content library cleanup tool to remove content from distribution points when that content is no longer associated with an application.

Software update points are added to boundary groups

Beginning with version 1702, clients use boundary groups to find a new software update point, and to fall-back and find a new software update point if their current one is no longer accessible. You can add individual software update points to different boundary groups to control which servers a client can find. For more information, see software update points in the configuring boundary groups topic.

Windows 10 ADK tracked by build version

The Windows 10 ADK is now tracked by build version to ensure a more supported experience when customizing Windows 10 boot images. For example, if the site uses the Windows ADK for Windows 10, version 1607, only boot images with version 10.0.14393 can be customized in the console. For details about customizing WinPE versions, see Customize boot images.

Default boot image source path can no longer be changed

Default boot images are managed by Configuration Manager and the default boot image source path can no longer be changed in the Configuration Manager console or by using the Configuration Manager SDK. You can continue to configure a custom source path for custom boot images.

Deploy Office 365 apps to clients

Beginning in version 1702, from the Office 365 Client Management dashboard, you can start the Office 365 Installer that lets you configure Office 365 installation settings, download files from Office Content Delivery Networks (CDNs), and deploy the files as an application in Configuration Manager.

Android for Work support

Starting with 1702, Hybrid mobile device management with Microsoft Intune now supports Android for Work device enrollment and management.

Improvements to certificate profiles

You can now create a PFX certificate profile that supports S/MIME and deploy it to users. The certificate can then used for S/MIME encryption and signing on all iOS devices that the user has enrolled. Additionally, you can now specify multiple certification authorities (CAs) on multiple Certificate registration point site system roles and then assign which CAs process requests as part of the certificate profile.

Please find the complete doc here.

List of Microsoft Products End of Support for 2017

End1I am writing this article to briefly list the Microsoft products whose mainstream and extended support finishes this year 2017.

So that IT folks have a wake-up call before it’s too late, they should either upgrade their MS product to the latest version of supported MS product or if the product has the option to extend for the support they should opt to avoid last hour panic.

The importance of updating software before the support end should not be ignored. Once the product life is retired MS won’t support software updates, patches and others vulnerability fixes which results your software application more prone to security risk.

An Organization having unsupported software or firmware/hardware due to unmanaged patch management plan leads to many security  vulnerability risks as:

1) No longer patches for MS software is supported which allow external attack like malware and other security risks.

2) Running unsupported products bring down the company compliance percentage below the threshold value. Which can later break compliance SLA’s with client and customer and if this is not addressed at the right time leads to loose client\customer.

3) Additional IT Budget to run the MS product with extended support which comes with a cost.

Products Transitioning from Mainstream to Extended Support: The following products will be moving from Mainstream Support into  Extended Support over the next year. Extended Support lasts for a minimum of 5 years and includes security updates at no cost, and paid non-security updates and support. Additionally, Microsoft will not accept requests for design changes or new features during the Extended Support phase.

Products Released Mainstream Support End Date
Microsoft Visual Studio LightSwitch 2011 1/10/2017
Microsoft AppFabric 1.1 for Windows Server 4/11/2017
Microsoft AppFabric 1.1 for Windows Server 4/11/2017
Microsoft SQL Server 2012 Enterprise Core 7/11/2017
Microsoft SQL Server 2012 Service Pack 3 7/11/2017
Microsoft System Center 2012 App Controller Service Pack 1 7/11/2017
Microsoft System Center 2012 Configuration Manager Service Pack 2 7/11/2017
Microsoft System Center 2012 Data Protection Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 Endpoint Protection for Linux Service Pack 1 7/11/2017
Microsoft System Center 2012 Endpoint Protection for Mac Service Pack 1 7/11/2017
Microsoft System Center 2012 Endpoint Protection Service Pack 2 7/11/2017
Microsoft System Center 2012 Operations Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 Orchestrator Service Pack 1 7/11/2017
Microsoft System Center 2012 R2 App Controller 7/11/2017
Microsoft System Center 2012 R2 Configuration Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 R2 Data Protection Manager 7/11/2017
Microsoft System Center 2012 R2 Endpoint Protection Service Pack 1 7/11/2017
Microsoft System Center 2012 R2 Operations Manager 7/11/2017
Microsoft System Center 2012 R2 Orchestrator 7/11/2017
Microsoft System Center 2012 R2 Service Manager 7/11/2017
Microsoft System Center 2012 R2 Virtual Machine Manager 7/11/2017
Microsoft System Center 2012 Service Manager Service Pack 1 7/11/2017
Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 7/11/2017
Windows Azure Pack (on Windows Server 2012 R2) 7/11/2017
Windows Azure Pack V2 Web Sites 7/11/2017
Windows Phone 8.1 7/11/2017
Microsoft Excel for Mac 2011 10/10/2017
Microsoft Forefront Identity Manager 2010 10/10/2017
Microsoft Forefront Identity Manager 2010 R2 Service Pack 1 10/10/2017
Microsoft Lync for Mac 2011 10/10/2017
Microsoft Office for Mac 2011 Service Pack 3 10/10/2017
Microsoft Outlook for Mac 2011 10/10/2017
Microsoft PowerPoint for Mac 2011 10/10/2017
Microsoft Word for Mac 2011 10/10/2017

Products Moving to End of Support: The following products will be reaching the end of support in 2017. There will be no new security updates, non-security updates, free or paid assisted support options or online technical content updates.

Products Released Extended Support End Date
Microsoft Customer Care Framework 2005.NET 2.0 Edition 1/10/2017
Microsoft Internet Security and Acceleration Server 2006 Service Pack 1 1/10/2017
Microsoft Voice Command 1.6 1/10/2017
Microsoft BizTalk Adapters for Host Systems 4/11/2017
Microsoft BizTalk FileAct and InterAct Adapters for SWIFT 4/11/2017
Microsoft Dynamics NAV 5.0 Service Pack 1 4/11/2017
Microsoft Exchange Server 2007 Service Pack 3 4/11/2017
Microsoft Expression Web Service Pack 1 4/11/2017
Microsoft Host Integration Server 2006 Service Pack 1 4/11/2017
Microsoft Office Communicator Phone Edition 4/11/2017
Microsoft Office InterConnect 2007 Service Pack 1 4/11/2017
Windows Vista Service Pack 2 4/11/2017
Engyro Product Connectors for Microsoft System Center Operations Manager 2007 7/11/2017
Microsoft Identity Lifecycle Manager 2007 Feature Pack 1 Service Pack 1 7/11/2017
Microsoft Integration Designer 2.5 7/11/2017
Microsoft Intelligent Application Gateway 2007 Service Pack 2 7/11/2017
Microsoft ProClarity Analytics Server 6.3 Service Pack 3 7/11/2017
Microsoft ProClarity Desktop Professional 6.3 7/11/2017
Microsoft ProClarity SharePoint Viewer 6.3 7/11/2017
Microsoft SoftGrid Application Virtualization 4.1 for Desktops 7/11/2017
Microsoft SoftGrid Application Virtualization 4.2 for Desktops 7/11/2017
Microsoft SoftGrid Application Virtualization for Terminal Services 4.1 7/11/2017
Microsoft Virtual PC 2007 Service Pack 1 7/11/2017
Microsoft Visual SourceSafe 2005 Standard Edition 7/11/2017
2007 Microsoft Office Servers Service Pack 3 10/10/2017
2007 Microsoft Office Suite Service Pack 3 10/10/2017
Microsoft Customer Care Framework 2008 10/10/2017
Microsoft Dynamics GP 10.0 Service Pack 5 10/10/2017
Microsoft Dynamics SL 7.0 Service Pack 4 10/10/2017
Microsoft Expression Blend 10/10/2017
Microsoft Expression Design 10/10/2017
Microsoft Expression Studio 10/10/2017
Microsoft Office Groove 2007 10/10/2017
Microsoft Office Project 2007 Service Pack 3 10/10/2017
Microsoft Office Project Portfolio Server 2007 Service Pack 1 10/10/2017
Microsoft Office SharePoint Designer 2007 Service Pack 2 10/10/2017
Microsoft Office Visio 2007 Service Pack 3 10/10/2017
Microsoft SharePoint Server 2007 Service Pack 3 10/10/2017
Microsoft Visual J# Version 2.0 Redistributable Package Second Edition 10/10/2017
Microsoft Windows SharePoint Services 3.0 Service Pack 3 10/10/2017
Microsoft Windows SharePoint Services 3.0 Service Pack 3 10/10/2017

Download complete full list here – MS – Product Life Cyle List Ends 2017

“Support Lifecycle Product Database” found here.

Thanks for reading, feel free to like, share and comments in below section.

Microsoft Extends Windows Server 2012 Support

Microsoft has announced they will be extending mainstream and extended support dated for Windows Server 2012. Microsoft Lifecycle support has two five-year phases of windows products.

The Lifecycle Policy for Windows Server 2012 states that Mainstream Support will be provided for five years, or for two years after the successor product (N+1, where N=product version) is released, whichever is longer. Microsoft will also provide Extended Support for the five years following Mainstream Support or for two years after the second successor product (N+2) is released, whichever is longer. So the new end of support date for windows server will be

So the new end of support date for windows server will be October- 10, 2023 according to new updates from Microsoft the original date had been Jan- 10, 2023. It has been an extension of nine more months to the existing support for windows server 2012.

Mainstream support ends: Oct 9, 2018

Extended support ends: Oct 10, 2023

Microsoft Patch Tuesday Mar-2017

Microsoft Patch Tuesday released and has 18 bulletins, nine has rated as critical as they allow remote code execution on affected machines. These updates affect IE, Edge, Hyper-V, SMB Server, Microsft Graphics Component.

Remote Code Execution Vulnerabilities allow an attacker to remotely execute commands on a machine and perform virtually any action on the vulnerable machine.

Lets see full list of important\critical updates below :

Microsoft Patch Tuesday  Updates:

RED CRITICAL                   BLUEIMPORTANT

1) MS17-006 Cumulative Security Update for Internet Explorer (4013073)

This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

2) MS17-007 Cumulative Security Update for Microsoft Edge (4013071)

This security update resolves vulnerabilities in Microsoft Edge. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

3) MS17-008 Security Update for Windows Hyper-V (4013082)

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

4) MS17-009 Security Update for Microsoft Windows PDF Library (4010319)

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.

5) MS17-010 Security Update for Microsoft Windows SMB Server (4013389)

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.

6) MS17-011 Security Update for Microsoft Uniscribe (4013076)

This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

7) MS17-012  Security Update for Microsoft Windows (4013078)

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.

8) MS17-013 Security Update for Microsoft Graphics Component (4013075)

This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

9) MS17-014 Security Update for Microsoft Office (4013241)

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

10) MS17-015 Security Update for Microsoft Exchange Server (4013242)

This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.

11) MS17-016 Security Update for Windows IIS (4013074)

This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user’s browser to obtain information from web sessions.

12) MS17-017 Security Update for Windows Kernel (4013081)

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.

13) MS17-018 Security Update for Windows Kernel-Mode Drivers (4013083)

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

14) MS17-019 Security Update for Active Directory Federation Services (4010320)

This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.

15) MS17-020 Security Update for Windows DVD Maker (3208223)

This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.

16) MS17-021 Security Update for Windows DirectShow (4010318)

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.

17) MS17-022 Security Update for Microsoft XML Core Services (4010321)

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.

18) MS17-023 Security Update for Adobe Flash Player

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.

Download Excel sheet: MS Patches – 2017(006-023)