Patch My PC (PMPC) has become a household name in the Information Technology industry, particularly for those of us involved with managing 3rd party application patching with System Center Configuration Manager (ConfigMgr/SCCM) and Microsoft Intune. I’ll share my reviews on PMPC in later blog posts but in so many words, it’s an amazing product. In the meantime, if you have any questions, let me know.
This post is to share my excitement for the swag I received from PMPC in appreciation for my strong recommendations and advocacy, not only for the rock solid solution but for the high quality customer service, technical support, and seriousness of listening to their customers for feedback and product improvements. Check out the unboxing video of the thoughtful gifts I received which I will definitely use.
Microsoft has released update KB4577586, which is named “Update for the removal of Adobe Flash Player: October 27, 2020“. This update removes Adobe Flash from all Windows 10 and Windows Server systems. Please note: Once this update has been installed, it cannot be removed. Also, this update will only uninstall the ActiveX version of Adobe Flash, and not those installed via other mechanisms.
This update is currently not available in Windows Server Update Service (WSUS), and therefore is only available via the Microsoft Update Catalog. Microsoft states that it will be made available in early 2021.
Manual Installation: You can install this update manually on systems running Windows 10 or server OS such as Windows Server 2012, 2012 R2, 2016, and 2019 by downloading the update using the Microsoft Update Catalog portal, and selecting the appropriate OS for your system.
Deployment Using WSUS/ConfigMgr: To deploy this update to multiple systems, you will need to use WSUS to import the update. 1. Launch the WSUS console, expand your server name, then click on Updates in the left-hand pane. 2. In the right-hand Actions pane, click on Import Updates. This will launch the Microsoft Update Catalog in your default browser.
3. In the Microsoft Update Catalog portal, click in the Search box on the top right hand side, and type KB4577586, and click Search.
4. Select the update for the desired OS types, and click on the Add button. This will add the updates to the basket.
5. Click on view basket on the top right-hand side of the page, which is located right below the search box. You will find all the updates you have added to be imported. Make sure that the checkbox for “Import directly into Windows Server Update Services” is selected, and then click the Import button. A window will open to show the import progress and when completed, the updates will be in WSUS.
In case you run into the following failed import state, you will need to add a fix in the registry.
By clicking on theredbutton labeled “Failed“, you will see it mentions the error number 80131509 with a description as seen in the image below.
To fix the error, launch the registry console by running regedit on the server. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319.
Create a new DWORD (32-bit) key, and specify the name as SchUseStrongCrypto and apply the value as 1. Then, restart the server.
Update With ConfigMgr: If you use ConfigMgr to manage and deploy your Windows Updates, you will need to run a Software Update sync from the ConfigMgr console to pull in the recently imported updates from WSUS.
In the ConfigMgr console, under the Software Library node, go to Software Updates > All Software Updates. To synchronize updates, you can either click the Synchronize Software Updates button on the top left-hand of the console or right-click on “All Software Updates, and select “Synchronize Software Updates” from the pop-out menu.
On successful completion of the software update sync, you will find the update for KB4577586 under “All Software Updates”. At this point, you will need to download the updates into a deployment package, and then deploy the updates to the device collections.
I will add the steps and screen captures to show how to download and deploy the updates using ConfigMgr in my next update or revision of this blog post. Stay tuned.
The resources below are other options available to uninstall using PowerShell scripts. These were written by my friend Ben Whitmore aka ByteBen. He uses the application method instead of the software updates method to uninstall Adobe Flash from systems using the scripts he wrote. Check it out:
Windows Server 2019, Windows Server 2016, and Server Core installations (2019, 2016, v20H2, v2004, v1909)
Remote Code Execution
Windows Server 2019: 4598230 Windows Server 2016: 4598243 Windows Server v2004 and Windows Server v20H2: 4598242 Windows Server v1909: 4598229
Windows 8.1, Windows Server 2012 R2, and Windows Server 2012
Remote Code Execution
Windows 8.1 and Windows Server 2012 R2 Monthly Rollup: 4598285 Windows 8.1 and Windows Server 2012 R2 Security Only: 4598275 Windows Server 2012 Monthly Rollup: 4598278 Windows Server 2012 Security Only: 4598297
Resources for deploying updates to remote devices:
With so many people working remotely, it is a good time to review guidance on deploying security updates to remote devices, such as desktops, laptops, and tablets. Here are some resources to answer questions pertaining to deploying updates to remote devices.
Below are summaries for some of the security vulnerabilities in this release. These specific vulnerabilities were selected from the larger set of vulnerabilities in the release for one or more of the following reasons: 1) We received inquiries regarding the vulnerability; 2) the vulnerability may have received attention in the trade press; or 3) the vulnerability is potentially more impactful than others in the release. Because we do not provide summaries for every vulnerability in the release, you should review the content in the Security Update Guide for information not provided in these summaries.
Notes on details in the vulnerability summaries:
This metric reflects the context by which vulnerability exploitation is possible. The Base Score increases the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable component.
This metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability. Such conditions may require the collection of more information about the target or computational exceptions. The assessment of this metric excludes any requirements for user interaction in order to exploit the vulnerability. If a specific configuration is required for an attack to succeed, the Base metrics should be scored assuming the vulnerable component is in that configuration.
This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
This metric captures the requirement for a user, other than the attacker, to participate in the successful compromise the vulnerable component. This metric determines whether the vulnerability can be exploited solely at the will of the attacker, or whether a separate user (or user-initiated process) must participate in some manner.
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
Microsoft Word Remote Code Execution Vulnerability
Remote Code Execution
Exploitation less likely
CVSS Base Score
Microsoft Excel 365 Apps for Enterprise, Word 2010, Word 2013, Word 2016, Office 2010, Office 2019, Office 2019 for Mac, Office Online Server, Office Web Apps 2010, Office Web Apps Server 2013, Office SharePoint Enterprise Server 2013, SharePoint Enterprise Server 2016, SharePoint Server 2010, and SharePoint Server 2019
Office security updates published as part of the January 2021 Patch Tuesday address bugs exposing Windows systems running vulnerable Click to Run and Microsoft Installer (.msi)-based editions of Microsoft Office products to remote code execution (RCE) attacks.
Microsoft rated the six RCE bugs patched this month as Important severity issues since they could enable attackers to execute arbitrary code in the context of the currently logged-in user.
Further information about each of them is available within the knowledge base articles linked below.
To download the January 2021 Microsoft Office security updates, you have to click on the corresponding knowledge base article below and then scroll down to the ‘How to download and install the update‘ section.
Generally, admins setup a shared mailboxto improve collaboration between teammates and simplify email organization. This blog post explains how to use and configure Outlook shared mailbox with step-by-step instructions, as well as what to do when you face issues with the shared mailbox.
Outlook shared mailbox is a mailbox that can be accessed by multiple users in an organization. It allows teammates to coordinate and manage activities, and all the members can read and send emails from the mailbox, update shared calendars, etc.
The following are a few benefits of using Outlook shared mailboxes:
Multiple employees in an organization can share the responsibility of handling and replying to the emails of a single mailbox.
Outlook calendar and contacts information can be shared between multiple employees.
Admin can assign specific permissions to the members of shared mailbox for security and transparency.
How to Use Outlook Shared Mailboxes?
A shared mailbox automatically shows up in your Outlook profile once the Exchange admin adds you as a member of the mailbox. If you don’t see the shared mailbox, you can restart Outlook and check again.
Note: It may take a while for the shared mailbox to display in your Outlook profile.
If you don’t see the shared mailbox in your Outlook profile even after restarting Outlook, you can add it manually by following these steps:
Launch Outlook and go to File > Account Settings > Account Settings.
Open the Email tab, select your account, and then click Change.
Select More Settings > Advanced > Add.
Enter the email ID of the shared mailbox and click OK > OK.
Click Next > Finish and then close the window.
How to Send an Email from the Shared Mailbox?
Once you have successfully setup a shared mailbox, you can send emails by following these steps:
Launch Outlook and click New Email.
Click the From field at the top and select the shared mailbox email address. If you don’t see the shared email address, select Other email address and manually enter the email address. Then click OK.
Enter your message and click Send. Now, whenever you will create a new message, you will see the shared email address in the drop-down list in the From field.
How to Use Shared Calendar and Contacts?
Once admin has allowed you to use Outlook Shared Mailboxes, the shared calendar and contacts are automatically added to the appropriate lists in your Outlook profile.
To use calendar associated with the shared mailbox:
Go to Outlook and open the calendar view.
Then select the shared mailbox.
You need to know the following things about shared calendars:
When you create appointments in a shared calendar, whoever has access to the shared mailbox can see these appointments.
Members of shared mailbox can create, view, and edit appointments in the calendar.
Like in the case of shared calendar, the shared contacts are added to your My Contacts list automatically, once the admin allows you to use Outlook shared mailboxes. To access the shared contacts, follow these steps:
Launch Outlook and select People.
Under My Contacts, select the shared contacts folder.
How to Use Shared Mailbox in Outlook Web Access (OWA)?
If you want to open a shared mailbox in a web browser via OWA, you need to know how to setup a shared mailbox in your account manually. Following are the steps to setup a shared mailbox:
Sign in to your OWA account. If you are using Office 365, sign in to your account and launch Outlook.
Right-click on a folder or your mailbox in the navigation pane, and click Add shared folder.
Enter the email ID of your shared mailbox in the dialog box and click Add.
Troubleshooting Shared Mailbox Issues
Outlook stores shared mailboxes data, like other mailbox items, locally in Outlook data file (OST). Sometimes, this OST file gets damaged or becomes inaccessible due to various reasons that include network connection issues, storage device failure, virus infection, etc. The problems with OST file may make your shared folder inaccessible or lead to syncing issues with the shared folder.
In such cases, you can delete and recreate the OST file to resolve the issues. However, if you’re not able to recreate the OST file or there are locally saved items in the file, you can recover the OST file data and save it in Outlook importable PST file by using a specialized OST to PST converter software such as Stellar Converter for OST. The software can easily convert an inaccessible or orphaned OST file into PST, in a few clicks.
Shared mailboxes in Outlook make it easy for small teams to manage and send emails from a common email address. These mailboxes also allow you to share contacts and calendars with the members. It’s easy to use and configure Outlook shared mailbox. You can access the shared mailbox almost instantly after the admin has made you a member.
Sometimes, you face some issues with your shared mailbox. This may usually happened due to problems with the OST file. In such a case, you can recreate the OST file to resolve the issue. If this doesn’t work, you can use an OST converter tool such as Stellar Converter for OST to save your OST file data in Outlook importable PST file.
I recently came across a post by Jim Naroski on The Office 365 Guy TechNet blog site. He listed the links to the UserVoice portal for the various products or topics which Microsoft utilizes to gather feedback and feature requests. One important link is missing from the TechNet blog, which is for the System Center Configuration Manager (ConfigMgr) feedback site, and I have added that to the list below. Start using this valuable resource to help improve products and make your voice heard.
Uservoice provides an opportunity for customers or end users of products to provide feedback, request features and interact with others as well as with the product teams. If you discover a request or feedback that you agree with and would like to support, you can add a vote to that post. Each UserVoice member receives a limited number of votes to use and these votes are returned once the the particular feedback has been acknowledged and completed. See above screen capture.
Another useful feature of UserVoice is the ability to see the status of the posts such as Noted, Planned, Under Review, Started, and Completed. See examples below:
I recently got the chance to use and review one of Anker‘s newest products, called the Roav DashCam C2. This is a video camera to be used in a vehicle to record one’s travel from point A to point B for various reasons. In this day and age, we are surrounded by video cameras from speed traps, traffic lights, building security, merchandise stores, gas stations, office buildings, elevators, and the list goes on. Lately, video cameras aka dashcams have become more and more popular especially for documentation purposes as well as for proving wrong doings by other parties on traffic violations, and much more.
Check out some of these footage on YouTube from dashcams. There are also some plane crashes caught on dashcams such as the Taiwan plane crash, Mukilteo plane crash, and the Afghanistan plane crash to name a few. As you can see, these are unbelievable captures which would otherwise be disputed.
Now back to the Roav DashCam C2. Here’s what it offers:
Size: 3.4 x 2.5 x 1.4 inches
Weight: 3.5 ounces
Display: 1080P / 720P with a 3 inch LCD screen size
Storage: microSD card (not included)
Chipset: Ambarella A12
Sensor: Sony IMX323
Camera: f/2.0 wide-angle lens
Operating Temperature: -4*F – 158*F
Easy to setup
Night mode for clarity
Parking detection mode
Emergency recording to lock footage
Easy to use menu and buttons
High quality video captures
Small form factor
No zooming for tighter or closer recording scenes
32GB microSD card preferred but not necessary. More of an annoyance reminder on each startup
Finicky touch screen
No smartphone app
No WiFi or Bluetooth capability
microSD card must be removed from unit to transfer to computer
Check out my unboxing video:
The Roav DashCam C2 is quite simple to use and just works. More often than not, I forget that I have it installed since I have it positioned behind my rear view mirror with the suction cup attachment provided. This is a good thing, as each drive I do with my vehicle is automatically recorded and I have the footage when I need it. The camera activates as soon as I start my car and power is received by the dashcam.
I do have a couple of pet peeves, and the first one is the constant reminder that I should be using a 32GB microSD card when the dashcam automatically turns on, but it works just fine with a lesser capacity card, which is what I’m using. The device is smart enough to loop and delete older recordings when it needs space for newer recordings. The other is the lack of a smartphone app which is available for the C1 model but not for the C2. Using an app allows more streamlined use of the device such as to change settings and to transfer recordings for upload to various sources. Otherwise, I’m quite happy with this dashcam as it does what I need it to do which is to record my travels without any effort. Plus, it’s inexpensive too. You’ll find it on Amazon for $79.99.
At some point or another we have all faced the dilemma of missing important files such as photos, videos, documents, and even installers to name a few, which were deleted from our systems by mistake or due to various other reasons. “Oops, the file I need is not on my backup drives. I remember deleting it from my computer and emptying the trash bin. Now what do I do?” Well, fret not, we can solve the problem with some 3rd party software which are designed to recover deleted files thus saving the day and mindset!
One such solution is the Windows Data Recovery Professional tool by Stellar Phoenix. If you’re looking to recover your lost or deleted files, folders, documents, photos, videos, and other files, this software does the trick. These are some key features of this product as listed on their website:
Recovers data, documents, photos, videos and more
Recovers files from hard drive, CD/DVD, SD cards, and USB drives
Recovers lost or inaccessible hard drive partitions
Create image of entire partition for data recovery
Ability to search for lost data in specific folders and recover data
Windows Data Recovery software which I’ll refer to as WDR is quite simple to install and more importantly easy and straightforward to use. The installer file is less than 16MB in size and the installation steps are just a few clicks and you’re done. WDR has two scan mechanisms, Quick Scan and Deep Scan, and in my testing I found the scan for missing files with the Quick Scan method was adequately fast and the results were what I expected. Deep Scan takes a little longer but does a thorough job in recovering all files and folders including raw data, and this would be a good option to use if you don’t find what you’re looking for with the Quick Scan.
Here are some screen captures to highlight how the product works which were captured during my testing. Please note that I used the Professional version which retails at $99, however Stellar Phoenix does provide a free version which has some limitations, such as you can recover up to 1GB of data for free and the file sizes must be less than 25MB. The free option is a good way to try the software and to recover some files when you absolutely need to do so.
When WDR is launched, you are provided with some options as to what you would like to recover. You can select the “All Data” option to choose everything or be selective, then click the Next button.
If you would like to preview files during the scan, you can enable this feature by clicking the cogwheel on the top left corner of the window which will pop-up an Advanced Settings menu with the option to do so. Keep in mind that turning on preview mode can increase the scan time. Check out the other options in Advanced Settings such as File List to target specific file types to speed up scanning and recovery.
Select the location of the recovery desired.
Scanning in progress status.
Results of how much data was recovered with the Quick Scan.
The recovered data as listed in Tree View with files preview turned on.
The recovered data as listed in File Type view with files preview turned on. Select the files or folders desired for recovery and click on the Recover button. If the Quick Scan did not locate what you were looking for, you have the option to run a Deep Scan as seen above.
Select a location where you would like the recovered data saved to. Clicking on the Advanced Settings link provides some additional options such as compression option, recovery option, and file filter option as seen in the images below:
For testing purposes, I deleted a folder called “mvp award kit” which included several files which was located in D:\install\ path. I selected a file for recovery as seen above and selected the path C:\local\Recovered as the destination for the saved data. WDR adds a folder named “#Root” along with the original folder names where the file was previously located, thus preserving it’s file structure.
Results of how much data was recovered with the Deep Scan.
Example of the extensive data recovered using the Deep Scan mode.
I’m impressed with the speed of this tool and the amount of lost data it is capable of recovering. The one con I found with this tool is that it crashed when a new scan for a new location was performed while the software was previously opened after a previous scan. It could very well be my system as I was able to launch the software and re-run a new scan quickly. Bottom line, this is a “stellar” tool and does what it claims to do. The company provides a ton of information on the software product page including an FAQ and download for trial. They are also quick to respond to inquiries. Give it a try and hope you enjoy it as much as I did.
Follow @Hoorge on Twitter and join Tech Konnect on Facebook and Twitter to stay current on technology related matters.
IT departments play a major role in systems maintenance and it takes some effort for a system administrator to keep servers and end user workstations up and running for stability and productivity reasons. Lets take a look at system administrator’s daily routine and the importance of it.
1. Downloading and Deploying patches to user computers
System administrator has to identify required patches (3rd party) on systems, download them from the vendor websites and deploy them to end user computers. Managing these patches on a one of basis seems straightforward but it becomes cumbersome on a routine basis and especially when there are many systems to patch. Using a Patch Management solution, these routine tasks can be automated and scheduled to lessen the cumbersome workload on system administrators.
2. Installing software to user computers
Manually installing software on remote computers can be a daunting task and is challenging. A Software Management solution can resolve this complication by allowing a system administrator to deploy software from any location, handle tickets with ease and assist users demands in software installation with simplicity.
3.Troubleshooting remote computers
Troubleshooting servers and workstations for Operating System issues, software installations, security patches, system crashes can be remedied much easily with software management solutions, especially with remote capabilities and centralized management interface.
4. Managing IT assets in your network
Asset tracking for hardware and software in your organization is highly important and can be done with ease with the use of an asset management software. Apart from tracking the hardware and software in the organization, software license management, hardware warranty management, and identifying the usage of software particularly for licensing, restricting unwanted software in your network is important as well. An asset management solution provides a systems administrator the tools needed to effectively gather and manage this data.
5. Deploying configurations and managing mobile devices
Managing and configuring devices such as computers, tablets, phones, and peripherals in a growing organization with rapid demands for technology can be a challenging task for system administrators. MDM and desktop management solutions provide much flexibility and the tools needed to handle these technology challenges in the enterprise.
ManageEngine Desktop Central is one such ideal solution for desktop management, with its bundle of features and pricing compared to some known industry solutions. Desktop Central offers Patch management, Software management, Asset management, Remote support, Mobile device management, Failover Service, and Auditing capabilities. Desktop Central supports heterogeneous platform in 16 different languages. Finally, Desktop Central offers a fully functioning edition to manage 50 endpoints completely free with no hidden cost.