VMware vCenter Protect Essentials Plus 8.0 (formerly Shavlik NetChk Protect) has been released to Early Access. This means you can now download and install the production version directly from the download link (click here). We have had a very exciting beta and the feedback at the VMworld US and Europe shows was very positive. General Availability through our download site and additional supporting documentation and materials will be coming next week.
Power Status Scan
Multi Admin support
And many more…
Also, next week we will be hosting a webinar introducing VMware vCenter Protect Essentials Plus. This webinar covers the new product release. We will introduce the new product, cover upgrade, new features, what to expect, and Q&A. Click here to register for the webinar.
Being acquired by VMware has brought many exciting changes to Shavlik. With the integration in full swing, we are busy incorporating the Shavlik products into VMware and changing our branding. Continuing our strategy of offering SMBs simplified IT management, the current Shavlik product line is being enhanced and expanded upon, leveraging the sophisticated technology offered by VMware and at the same time extending VMware’s offering to the SMB market.
As a first step, we announced a new release of VMware Go and VMware Go Pro on October 18th, taking cloud-based IT management to the next level by adding additional functionality and integrating the popular features of IT.Shavlik. VMware Go provides a free IT management service to SMBs enabling them to run a comprehensive assessment of their physical and virtual IT infrastructure providing the user with recommendations to reduce costs, increase security and optimize their IT infrastructure. With VMware Go, you can run unlimited patch and asset scans on your physical and virtual network, tracking missing security patches and get a clear understanding of the assets deployed on your network including hardware and software whether physical or virtual. To streamline trouble ticket management, an easy Help Desk is assessable anywhere, anytime. For those of you wanting to virtualize, this product makes it easy for you by providing an intuitive wizard to guide you through the installation and set-up of a virtual environment.
VMware Go Pro provides all these benefits but in addition gives you the tried and tested Shavlik patch management technology including scheduled deployment of patches – freeing up valuable time and resources. In addition, you get hardware asset management so you can not only track assets but can organize hardware groups to maximize resources throughout their lifecycle. Control software licenses by tracking installed software titles to maintain compliance as well as further simplify trouble ticket management, with a secure user portal for end users to submit their tickets.
It is an exciting time for SMB IT management with affordable and powerful options available in Go as a web-based service. IT.Shavlik will be available to current customers until January 31, 2012. I encourage you to check out VMware Go – it’s free and can immediately simplify your IT management. Upgrade to a free 30 trial of VMware Go Pro where you can manage your physical and virtual environment – all in one place from anywhere and at anytime. For more information go to https://go.vmware.com/.
– Mike Bleakmore
Microsoft has released eight new security bulletins in their October 2011 version of Patch Tuesday. These eight new security bulletins address 23 vulnerabilities.
The bulletin administrators should look at patching first is the bi-monthly cumulative update for Microsoft Internet Explorer. Security bulletin MS11-081 addresses eight individual vulnerabilities in Internet Explorer. A user visiting a malicious web page with an unpatched Internet Explorer browser could lead to remote code execution. As with every security update for Internet browsers (Microsoft or other browser vendors), patching browsers will be top priority because the vulnerabilities fixed with each security bulletin release in browsers are top exploit targets for attackers.
The next bulletin administrators should look at patching as soon as possible is the security bulletin affecting the Microsoft .NET Framework and Microsoft Silverlight programs. MS11-078 addresses one vulnerability in both programs. If an attacker can entice a user to visit a malicious site, a vulnerability could then be exploited that results in remote code execution. With most browse then attack scenarios, the vulnerability is attacked through the browser. This month, administrators will need to patch both Internet Explorer and .NET/Silverlight to prevent malicious website vector attacks. It is important to note that Microsoft .NET Framework patches from Microsoft typically take quite a while to run through the patching process. The patches can also be quite large for each version of the program (example: the .NET 4.0 update ranges from 10 MB to 22MB in size).
Microsoft is also revisiting a security advisory that was issued more than one year ago. MS11-075 and MS11-076 fix two more programs that have been identified as having the DLL preload vulnerability. Since the security advisory (2269637) was released last August 23, 2010, Microsoft has released a security bulletin 17 times to address the issue in various programs.
MS11-079 also has an interesting scenario that may affect administrators this month. This security bulletin addresses vulnerabilties in the Microsoft Unified Access Gateway (UAG) program. The patches for this security bulletin are only available on the Microsoft download center. Thus, administrators are relying solely on their WSUS and Windows Update reports for patching, this bulletin will not show as missing. Administrators will need to identify any machines on their network that have the affected program installed and manually deploy the patch to those systems. In addition, there are manual actions to fully protect the systems after patching. Administrators will need to perform manual actions on their UAG consoles to configure the program to fully be protected against attacks.
This is not the first time we have seen a patch for UAG not available through WSUS and Windows Update. The last security bulletin released for this program was released in November 2010. This security bulletin was also only available on the Microsoft Download Center. Both of these security bulletin releases are prime examples of why administrators should spend time each month reviewing the security bulletin documentation. This information may be in the fine print of the lengthy security bulletin web pages, but the extra time spent researching just may prevent an attack against systems.
I will be reviewing the October 2011 in depth during my monthly Patch Tuesday webinar tomorrow at 11am CDT. You can register to attend the live webinar here.
– Jason Miller
Recently we held a poll regarding the use of scripting in managing your IT environment. Nearly 90% of respondents are using scripting today and the majority are writing and maintaining their own scripts as well as downloading and reusing existing scripts. So it comes as no surprise that the ITScripts feature in our upcoming 8.0 release is the most popular reason for users joining the beta. Beta testers currently have access to seven scripts which include:
- Scripts to disable pesky update pop-ups for vendors like Apple and Adobe.
- Scripts to better support our own tech support needs like collecting console and target logs and packaging them up to send to support.
- Remove Temp Files for machine maintenance and cleanup.
- GetDateTime which is one of our troubleshooting scripts for IT Admins to help diagnose issues in their environment.
- GetShares which will get the system shares off of machines for configuration and audit purposes.
During the beta we are going to be pushing content updates which will include additional scripts and once we release there will be regular content updates with new scripts available.
For those of you who are heavy script writers, ITScripts Pro will include the ability to import your own scripts as well. This comes with some added features besides just being able to import a script. We have added the ability to use 8.0 to target machines and provide credentials. Writing a script to fix an issue locally is one thing, but reproducing this on machines across your environment requires a bit more effort. Now you will be able to take advantage of Protect’s ability to manage machines agentlessly and incorporate commands we have built into our ITScripts engine to do the targeting and credentials management for the scripts you write as well as ones we provide.
A community site will be available to support our ITScripts feature as well. The site will provide users with an environment to discuss scripts, share them, and also to provide VMware with feedback on what scripts they would like to see incorporated into the supported script catalog next. Documentation on how to take advantage of our additional commands and how to properly sign your scripts so they will import into version 8.0 will be available upon release as well.
Please join Rob Junker and myself as we discuss the new ITScripts feature during a live webinar on Tuesday, October 11, 2011 at 10am CDT.
SMB Management Solutions
Microsoft has released their October 2011 Patch Tuesday Advanced notification. Microsoft is planning to release 8 new security bulletins addressing 23 vulnerabilities.
Security Bulletin Breakdown:
- 2 bulletins are rated as Critical
- 6 bulletins are rated as Important
- 6 vulnerabilities fixed could lead to Remote Code Execution
- 1 vulnerability fixed could lead to Elevation of Privilege
- 1 vulnerability fixed could lead to Denial of Service
- All supported Microsoft operating systems
- Microsoft Internet Explorer
- Microsoft .NET Framework
- Microsoft Host Integration Server 2004, 2006, 2009, 2010
- Microsoft Silverlight 4
- Microsoft Forefront Unified Access Gateway 2010
I will be going through each bulletin thoroughly next Wednesday, October 12th at 11:00am CDT in part of our monthly Patch Tuesday webinar. Click here to register for the webinar.
– Jason Miller