How much do you use scripting to manage your IT environment?

Every company and every IT administrator has a tool kit -the things they need and rely on regularly to help get the job done.  An important piece of that tool kit often includes some scripts, including scripts for fixing a one-time issue across many machines, or for helping execute routine tasks. How comfortable are you with scripting?  Please click here to take this short survey and share your experience with scripting.

Regards,
Chris Goettl

NetChk Protect 8.0 Beta Opening Soon, RSVP for Your Spot Today

We are excited to announce that we are currently in the process of getting the beta of NetChk Protect 8.0 set up.  The first round of the beta will be a closed beta.  We have a couple hundred customers that we will be inviting to the beta, but we will only be able to accept a limited number of customers to begin with, so if you want a guaranteed spot, contact us as soon as possible at Shavlik-beta@vmware.com.   The customers on the invite list are those with a support issue resolved by 8.0, customers who submitted a feature request delivered in 8.0, customers who participated in previous betas, or customers who have already submitted a request to Shavlik-beta@vmware.com to participate in 8.0 beta.  Submit your request to join the beta as soon as possible to guarantee a spot in the first round of the beta.   Invites will be going out in the next couple of weeks to the customers I outlined above.

Some highlights of the new release include:

  • ITScripts – we are integrating a powerful new scripting feature for common IT operations/management tasks.  The scripts can be run against target machines or a group of machines.  Examples of what type of scripts you will be able to play with in beta: LastBootTime, Port Scanning, Disable Apple  Updaters, Disable FireFox Updaters, Gather ConsoleAgent Logs for Support, Last 10 System Event Errors (this list is tentative and subject to change)
  • Credentials Manager – new improved credentials management throughout the product
  • Patch Scan performance enhancements
  • New Operations Start Page
  • Execute RDP (remote desktop) from Machine View against a target machine
  • Power Status Scan (discover the power status of machines across your environment in minutes and generate a report required by Power Companies to submit for Power Rebates)
  • Multiple Admin support in console
  • Integrated Deployment into Ops Mon for better deployment progress monitoring
  • Antivirus/Threat Protection is now registered in MS Security Center

There are many more feature enhancements, bug fixes, and other improvements in the release as well. Contact us to get on the beta by emailing Shavlik-beta@vmware.com.

Regards,
Chris Goettl

Simple and Affordable Cloud-based IT Management for SMBs

IT administrators shouldn’t have to worry about having enough time to secure their networks, however we all know this isn’t the case. Maintaining security needs to be easy, fast and effortless while still being affordable.  As an IT administrator, you may already know the importance of patching your network, and not just the operating system. Minimizing exposure to vulnerabilities includes patching: Microsoft applications, operating systems, legacy applications, and third-party applications (i.e. Adobe, Java, etc…). However, most administrators just don’t have the time or resources to handle this daunting task. Some may be using WSUS to handle their Microsoft vulnerabilities but unfortunately WSUS doesn’t cover third-party patching, leaving an organization’s IT environment exposed.

IT.Shavlik by VMware can simplify a department’s IT management by eliminating the time, hassle and expense of maintaining network security. This cloud-based IT management service helps businesses patch physical and virtual machines from any location, any time of the day or night, and requires no IT infrastructure.

Join us on August 23, at 10 am CDT for a webinar about how IT.Shavlik can help an IT department take some of the pressure out of an already hectic workweek by automating your patching process and freeing up valuable resources to save you time and money. See how easy it really can be, and if you don’t have time for the webinar, try IT.Shavlik for free. You always get free unlimited scanning and reporting with IT.Shavlik.

– Mike Bleakmore

August 2011 Patch Tuesday Overview

With the August 2011 edition of Patch Tuesday, Microsoft has just released 13 bulletins addressing 22 vulnerabilities.  This month marks a “heavy” month for Microsoft for Patch Tuesday.

The first bulletin administrators should look at patching first is the bi-monthly cumulative update for Microsoft Internet Explorer (MS11-057).  This bulletin addresses typical vulnerabilities in Internet Explorer where browsing to a malicious website could result in remote code execution.  Two of the seven vulnerabilities fixed with this bulletin are publicly known.  At this time, Microsoft has not received any reports of attacks against the vulnerabilities.  With any publicly disclosed vulnerability exploit code, it is important to patch immediately.

The next bulletin administrators should pay particular attention to is MS11-058.  This bulletin addresses two vulnerabilities affecting DNS Server.  These vulnerabilities affect the server side and not a client request to a DNS server.  The attack vector for this vulnerability depends on your DNS server configuration.  If your DNS servers have caching of DNS relaying enabled, the systems will be at risk for a remote attack.  Even if your DNS servers do not have this type of configuration, you should still deploy the patch.  An administrator could potentially change configuration in the future, making it vulnerable if left unpatched.  In addition, this bulletin marks a good opportunity to review your DNS server configuration and harden the system.

Another bulletin of note is MS11-065.  This bulletin addresses 1 vulnerability Remote Desktop that Microsoft has seen limited attacks lately; although, this vulnerability has not been publicly disclosed.  An attacker can send a malicious remote desktop protocol connection request to a target machine that could lead to a blue screen (Denial of Service).

MS11-066 addresses a privately disclosed vulnerability that affects Microsoft Chart Controls.  Web servers that use Chart Controls are only at risk from this vulnerability.  If you are not running Chart Controls on your web servers, you are not affected by this vulnerability.  An attacker can send a malicious request to the web server hosting Chart Controls that can lead to Information Disclosure of sensitive files on the website.

In addition, Microsoft re-released three previously-released Security Bulletins.

MS11-025 has added more products that are affected by this bulletin.  You could see this bulletin come up this month during your patching cycle.

MS11-043 has been updated to add additional stability to the updates.  You could also see this bulletin come up this month during your patching cycle.

MS11-049 has been updated to include additional detection updates for Visual Studio 2005.  If you have already applied this patch, you will not need to reapply the patch this month.

Microsoft also released a new Security Advisory with 2562937.  This advisory updates ActiveX Kill Bits on Microsoft operating systems.  In the past, we have seen these patches included in the normal Microsoft Security bulletin release on Patch Tuesday.  It appears Microsoft is moving these types of patches to Security Advisories.

On the non-Microsoft front, Google Chrome released today with an updated version of Flash Player.  Google’s stating that Flash Player fixes a number of vulnerabilities.  Google Chrome bundles Adobe Flash in the installation.  In addition, Adobe has released new versions of Adobe Air, Adobe Flash and Adobe Shockwave.
I will be reviewing the August 2011 in depth during my monthly Patch Tuesday webinar tomorrow at 11am CDT.  You can register to attend the live webinar here.

– Jason Miller

SimplexITy Promotion Extended

Shavlik Technologies, now part of VMware, recently extended our bundle promotion of up to 80 percent off of SimplexITy.  Customers around the world have been taking advantage of this value-packed offer that includes Shavlik’s market-leading patch management, configuration management, antivirus protection, and power management technologies.

By bringing together this comprehensive solution, Shavlik is helping to reduce the costs and complexity of IT administration allowing our customers to spend less time worrying about security and compliance and more time to focus on strategic value to their business and their customers.

The SimplexITy bundle delivers the following solutions at a fraction of the cost (up to 80 percent):

  • Patch – for agentless patch management
  • Configuration – for configuration and compliance management
  • Antivirus – enterprise Antivirus + Antispyware + Antimalware engine
  • Power Management – centralized control to power machines off in the evenings and on weekends AND wake machines up to deploy critical security patches.  This helps companies save both energy and money.

Click here for more information.

– Mike Bleakmore

August 2011 Patch Tuesday Advanced Notification

Hello –

I am pinch hitting for Jason while he is out enjoying the calm before the Patch Tuesday storm.

Microsoft has just released their advanced notification for the August 2011 edition of Patch Tuesday.  Microsoft is planning to release 13 security bulletins addressing 22 vulnerabilities.

Security Bulletin Breakdown:

  • 2 bulletins are rated Critical
  • 9 bulletins are rated Important
  • 2 bulletins are rated Moderate
  • 4 vulnerabilities can lead to Remote Code Execution
  • 3 vulnerabilities can lead to Elevation of Privilege
  • 3 vulnerabilities can lead to Denial of Service
  • 3 vulnerabilities can lead to Information Disclosure

Affected Products:

  • All supported Microsoft operating systems
  • IE
  • .NET Framework 3.5
  • Visual Studio 2005
  • Visio

In terms of the number of bulletins, this month looks lighter than the past two ‘large’ months that Microsoft has dropped on us.  However, as we regularly point out in our monthly Patch Tuesday webinars, not all bulletins are created equally and the real amount of work required to patch your network will not be known until the actual release.

We will be reviewing each bulletin thoroughly next Wednesday, August 10th at 11:00am CDT during our monthly Patch Tuesday webinar.  To learn more about these patches and how they will affect your environment, click here to register for the webinar.

– Jace McLean
Senior Member of Technical Staff, Research and Development