Group Policy settings reference for Windows and Windows Server

Microsoft has released an updated version of their Group Policy settings reference guide to include support for Windows 8 and Windows Server 2012. You can read what else is new in the reference guide and download it below.

What’s New?
The Administrative Template spreadsheet contains three columns that provide more information about each policy setting’s behavior related to reboots, logoffs, and schema extensions. These columns are the following:

  • Reboot Required: A “Yes” in this column means that the Windows operating systems requires a restart before it applies the described policy setting.
  • Logoff Required: A “Yes” in this column means that the Windows operating system requires the user to log off and log on again before it applies the described policy setting.
  • Active Directory Schema or Domain Requirements: A “Yes” in this column means that you must extend the Active Directory schema before you can deploy this policy setting.
  • Status: A “New” in this column means that the setting did not exist prior to Windows Server 2012 and Windows 8. It does not mean that the setting applies only to Windows Server 2012 and Windows 8. Refer to the column entitled “supported on” to determine to which operating system the policy setting applies.

Download the updated reference documents here.

New hotfix CPVS60E017 for Citrix Provisioning Services 6.0

Issue(s) Resolved in this Hotfix

This Hotfix addresses the following issue reported against Provisioning Services 6.0 Release (with Hotfix CPVS60E013 installed):

BG-336256: When a target is set to use the gateway IP from DHCP, which is blank, a “0.0.0.0” gateway is configured for the PVS interface(s) overwriting the blank gateway entry of DHCP.

Replaces: Hotfix CPVS60E014- For Citrix Provisioning Services 6.0. CTX133517

Notes:

• The user must have administrative rights to the server and target device.

• Hotfix CPVS60E013 – For Citrix Provisioning Services 6.0 (CTX133148), must be applied before installing this hotfix.

To install this hotfix:

1. Download the hotfix package from the Hotfixes and Service Packs page of the Citrix Website.

2. Copy the hotfix package to an empty folder on the hard drive of the server you want to install the hotfix from and unzip the file.

INSTALLATION

The hotfix folder includes the following two subfolders:

target32bit (32bit Windows installation)

target64bit (64bit Windows installation)

Please check your Provisioning Services target device for system type and select the correct subfolder to apply the hotfix following the procedure described below. Continue reading “New hotfix CPVS60E017 for Citrix Provisioning Services 6.0”

New hotfix XS60E017 for XenServer 6.0

Issues Resolved In This Hotfix

This hotfix resolves the following issues:

  1. When creating a Storage Repository (SR) or a Virtual Disk (VDI), predefined XML entities (for example &, <, >, “, ‘) entered into the Name and Description fields, are written directly into the SR metadata. Any subsequent actions such as creating an SR or a VDI will fail with an error message, as the XML parser fails to parse metadata if it contains predefined XML entities.
  2. If there is a failure or a change in the number of paths to storage, attempts to create or destroy a VDI on an LVM-based SR may fail and will display the following error message: Error in Metadata Volume Operation on SR. The VDI will be created, but will lack a Name or Description.
  3. If multipath is active, on some storage arrays an error may occur when reading the Metadata Volume during an SR attach and display the following error message: Error in Metadata Volume Operation on SR.
  4. Storage may take several minutes to become available when using Dell PowerVault MD32xxi Storage Arrays with LVMoiSCSI
  5. Xapi frequently hangs pool slaves due to exceeding the number of sessions on the Pool Master.
  6. An SR may fail to connect when the XenServer host is booted with one failed iSCSI path when using Hitachi or Compellent storage arrays.
  7. XenServer may not discover all of the available LUNS when using the wildcard IQN. This occurs when using Compellent storage arrays via iSCSI.
  8. Improvements to the XenCenter Update functionality; customers are correctly notified in XenCenter when new XenServer Tools are available.

In addition, this hotfix includes the following previously released hotfixes.

NOTE: Customers MUST install Hotfix XS60E001 – For XenServer 6.0 before attempting to apply this hotfix. Continue reading “New hotfix XS60E017 for XenServer 6.0”

Important Changes to Forefront Product Roadmaps

Microsoft is announcing changes to the roadmaps of some of the security solutions made available under the Forefront brand.

  1. As part of this effort, the next release of Forefront Online Protection for Exchange, which has long been part of the Office 365 solution, will be named Exchange Online Protection.
  2. In response to customer demand, we are adding basic antimalware protection to Exchange Server 2013.  This protection can be easily turned off, replaced, or paired with other services (like Exchange Online Protection) to provide a layered defense.
  3. We are discontinuing any further releases of the following Forefront-branded solutions: Continue reading “Important Changes to Forefront Product Roadmaps”

Remote Server Administration tools for Windows 8 & Server 2012

Microsoft has released the new version of their Remote Server Administration Tools for Windows 8 includes Server Manager, Microsoft Management Console (MMC) snap-ins, consoles, Windows PowerShell cmdlets and providers, and command-line tools for managing roles and features that run on Windows Server 2012.  In limited cases, the tools can be used to manage roles and features that are running on Windows Server 2008 R2 or Windows Server 2008. Some of the tools work for managing roles and features on Windows Server 2003.

You can download the tools here.

Profile Management Configuration Check Tool

UPMConfigCheck is a PowerShell script that examines a live Profile management system and determines whether it is optimally configured.

Prerequisites

UPMConfigCheck requires PowerShell 2. UPMConfigCheck is designed to run on XenApp servers and on XenDesktop virtual desktops with Profile management installed. Supported operating systems are the same as for Profile management.

These include:

• Windows XP

• Windows Vista

• Windows 7

• Windows Server 2003

• Windows Server 2008 / Windows Server 2008 R2

32-bit and 64-bit operating system versions, where available, are supported.

Installing UPMConfigCheck

The UPMConfigCheck tool is supplied in a zipped archive. Extract the contents of the file to a temporary folder on the machine under test. Continue reading “Profile Management Configuration Check Tool”

Vulnerability in Citrix Receiver with Online Plug-in for Windows could result in arbitrary code execution

Citrix has released today this medium security vulnerability article.

Description of Problem

A vulnerability has been identified in the Citrix Receiver with Online Plug-in for Windows that could potentially allow an attacker to execute arbitrary code on the client device in the context of the currently logged in user.

This vulnerability is present in all versions of the Citrix Receiver for Windows up to and including version 3.2 and all versions of the Citrix Online Plug-in for Windows up to and including version 12.1.

This vulnerability has been assigned the following CVE:

• CVE-2012-4603

What Customers Should Do

This vulnerability has been addressed in the following products:

• The Citrix Receiver for Windows version 3.3 with Online Plug-in for Windows version 13.3 and later

• Version 12.3 of the Citrix Online Plug-in for Windows.

Citrix recommends that customers upgrade their Citrix Receivers and Online Plug-ins to these versions and later. These new versions can be obtained from the following location:

https://www.citrix.com/English/ss/downloads/results.asp?productID=1689163

Mitigating Factors

To conduct a successful exploit, an attacker would have to convince a user to manually lauch a specially crafted malicious file from an SMB or WebDAV fileserver. Deployments that prevent connections to potentially untrustworthy fileservers will be less exposed to this vulnerability.

Read the entire post here.

Citrix Acquires Beetil

Citrix announced yesterday (September 10th 2012) that it has completed its acquisition of Beetil, a privately-held cloud-based service desk technology provider. Beetil helps technical support professionals provide exceptional customer assistance and streamline technology costs through the delivery of easy-to-use, yet powerful incident tracking, end user self-service, configuration, change management and release management functionality.

The acquisition enables Citrix to expand the capabilities of its market-leading, cloud-based support product line, Citrix GoToAssist, with the addition of an integrated IT service desk solution. As a result, Citrix has the ability to offer support professionals an essential set of cloud-based services from a single platform for remote support, monitoring and service desk management.

“Beetil’s services are a natural complement to Citrix cloud-based IT support tools. The design is elegant, simple and meets the needs of technicians and end users alike,” said Brett Caine, SVP and GM for the Online Services division at Citrix. “Together with the Beetil team, we will extend our leadership in delivering innovative cloud-based support. This acquisition reinforces our commitment to meeting the growing demand of our customers and the market for a simpler and integrated approach to IT support.”

Read more about the acquisition here.

VirusScan Enterprise 8.8 Patch 2 Now Available

VirusScan Enterprise 8.8 Patch 2 is now available. This release includes new features, fixes, and enhancements including:

  • Lotus      Notes compatibility for 8.5.x
  • Additional      logging during Patch installation
  • Various      fixes for field-reported issues, ranging from BSODs to Updates using      excessive bandwidth, and CPU spikes.

To download Patch 2, go to the McAfee downloads site.  A valid license agreement number is required to download this patch.

You can view the Release Notes here.