The 12 Beers of Christmas


Happy Holidays from the Shavlik Team! Many offices have secret Santa or cookie exchanges. We at Shavlik started a different tradition about seven years ago. We call it the “Not another cookie exchange”. Each person in the exchange brings 12 beers, either the same or different. There are certain rules to the exchange, but the most important is if you bring mediocre beer, you leave with mediocre beer. We end up with a variety of craft beer, imports, and limited edition brews from a variety of breweries. This year, I asked the team to share their favorite beer. Below is our list of 12 beers for Christmas. Enjoy the holidays!

Chris, Product Manager
Favorite Beer: St Bernardus ABT 12
Style: Belgian Quad
ABV: 10%
Description: The closest thing you will find to a Westvleteren 12 (yes I have had it and it would be my favorite, if only it were more accessible). ABT 12 is a lot easier and cheaper to come by. A well balanced Belgian Quad with subtle hints of fruit.

Brent, Staff Engineer
Favorite Beer: Zombie Dust by Three Floyds Brewing Co.
Style: American Pale Ale
ABV: 6.4%
Description: Highly hopped and tastes like grapefruit and other fruits when fresh. An ode to Citra.

Jason, Content Team
Favorite Beer: Surly Wet
Style: West Coast Style India Pale Ale
ABV: 7.50%
Description: To get hops any fresher, you would have to walk out into a field and pick them yourself. Surly has freshly-picked Cascade, Centennial, Citra and Simcoe hops shipped in and brewed wet within a few days. This results in an incredibly fresh multi-faceted hop-forward beer.

Bob, Territory Sales Manager
Favorite Beer: Founders Breakfast Stout (Da baby!!)
Style: American Double Imperial Stout (Fall seasonal)
ABV: 8.3%
Description: Brewed with flaked oats, bitter and sweetened imported chocolates, Sumatra and Kona coffee. This beer is as dark as they come, but don’t be afraid, looks can be deceiving. There is a hint of Kona bean when pouring. However, the taste starts with a deep coffee flavor and ends with a chocolate Stout finish. This beer rocks and is released in the fall, and is only sold through the holidays, or until supplies give out. This way you can look forward to having it again the next season.

Steve, Senior Director of Sales
Favorite Beer: Chimay Blue
Style: Belgian Strong Ale
ABV: 9%
Description: Made by Trappist monks in a monastery in Belgium. The beer is brewed with water pulled from a 500 year old well in the monastery. Dark, malty with hints of caramel and clove and has a smoky, chocolaty finish. This is not a beer to throw back at a party. This Belgium masterpiece is best enjoyed in an isolation chamber so no other sense can sully the experience.

Andy, Senior Principal Engineer
Favorite Beer: Bad Axe from Big Wood Brewery
Style: Imperial / Double IPA
ABV: 9.8%
Description: 2013 Rochester Craft Beer Expo winner for Best Beer! This one might take a few trees down without trying. It’s the one all the lady axes think they can change. He might be a tough guy in the flannel shirt who tears off bottle caps with his teeth, but don’t worry he’s easy to get along with. Brewed with a mix of Columbus and Centennial hops, it pours pale amber and goes down surprisingly easy. Well, maybe not so surprising, considering it’s from Big Wood Brewery.

Travis, Director of Quality Assurance
Favorite Beer: Russian River’s Pliney the Elder
Style: Double IPA
ABV: 8%
Description: Best tasting beer I have ever had. I think the secret is the Simcoe hops.

Rob, VP of R&D (and living evidence that not all of us at Shavlik are beer snobs)
Favorite Beer: Coors Light (rated 0 on ratebeer, just saying… Author bias showing a bit here)
Style: Light Lager (who drinks a light lager???)
ABV: 4.20% (At least it wasn’t a 3.2 beer, although I suppose it comes in 3.2% so they can sell in stores on Sunday)
Description: The Silver Bullet of beers won’t slow you down! This tried and true beer is about good taste balanced with low-calories. For Ice Hockey players worldwide, this is the official beer of the rink. While it’s nothing fancy, you can count on it, especially in those instances where you are going for volume over flavor. With a crisp taste and a coldness indicator that lets you know if your beer is cold enough, there is no going wrong. (*sigh* our fearless leader. Crappy taste, but he sells it doesn’t he? FYI no correlation to our products. Only true awesomeness there!)

Anne, Product Manager
Favorite Beer: Surly Cynic
Style: Saison
Description: It’s overrated. Beer snobs don’t really know anything. All beer is the same. That guy who recommended Coors Light probably really gets it. If you feel this way, Surly Cynic is just the beer for you. This sharp Belgian will make even the most extreme cynics feel warm and fuzzy after one or two. Enjoy.

Mike, Staff Engineer
Favorite Beer: Surly Furious
Style: India Pale Ale
ABV: 6.2%
Description: I usually search out beers I have not had before, but I would say Surly Furious is a beer I could always fall back on. If you like hops, this is the beer (IBU:99).

Mark, Staff Engineer
Favorite Beer: New Holland Dragon’s Milk
Style: Imperial Stout
ABV: 10%
Description: A great Bourbon Stout. Big malty, sweet chocolate flavor with espresso and vanilla aroma, and a nice bourbon whiskey finish. Keeps you warm on a cold Minnesota winter night.

Matt, Principle Engineer
Favorite Beer: Lift Bridge Brewery Harvestor Fresh Hop Pale
Style: American Pale Ale
ABV: 6%
Description: Beer Advocate has it all wrong for this year’s batch. This was way better than any 85 I’ve tried. I had the pleasure of drinking it in the Lift Bridge tap room. It was near perfect this year. The Hop farm is 7 miles from my house, this was as fresh and local as it gets!

Shavlik Security Advisory: Insufficient Patch Management Could Lead to Attacks From More Than Just Hackers

Two months ago, Shavlik released a security advisory alerting our customer community to the availability of off-the-shelf, exploit kits that enable less sophisticated hackers to mimic a Target-like attack.

In that advisory, Rob Juncker, Vice President of R&D for Shavlik, accurately predicted the availability of these exploit kits would lead to the following.

  • More companies will be coming forward to report breaches.
  • The scope of these breaches will go beyond retailers to impact all types of business that have valuable and private information.

Earlier this month, the game changed again, but this time the threat doesn’t come from hackers alone; it’s coming from the court room, the halls of government, and maybe even from your own employees. For the first time we are seeing companies being held legally and financially responsible for security breaches that occurred due to insufficient and/or negligent security practices.

Today, Shavlik is issuing another security advisory to draw your attention to three landmark cases that made headlines earlier this month.


$150K HIPAA Fine for Unpatched Software  

Anchorage Community Health Services was fined $150,000 by the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR) for “failure to apply software patches [that] contributed to a 2012 malware-related breach affecting more than 2,700 individuals,” according to GovInfoSecurity.

This incident is the first where a company has been held liable by OCR for failing to patch software, and now a precedent has been set, making disciplined patch management a critical part of HIPAA compliance.

“Successful HIPAA compliance requires a common sense approach to assessing and addressing the risks to ePHI on a regular basis. This includes reviewing systems for unpatched vulnerabilities,” OCR Director Jocelyn Samuels said to GovInfoSecurity.


Target Ruling Raises Stakes for Cybersecurity Vigilance 

U.S. District Court in Minnesota denied Target Corporation’s motion to have litigation dismissed that has been filed by financial institutions who suffered losses as a result of Target’s 2013 data breach.

According to Reuters, Judge Paul Magnuson found “…banks were foreseeable victims of Target’s allegedly negligent conduct.”The report went on to say, “Importantly, Judge Magnuson said that imposing a duty of care on Target ‘will aid Minnesota’s policy of punishing companies that do not secure consumers’ credit- and debit-card information.’”

This case may set a precedent for companies to be financially liable to both consumers and financial institutions for breaches that compromise customer data.


Employee Data Breach the Worst Part of Sony Hack

Two employees filed a class action lawsuit against Sony for allegedly not taking adequate precautions to secure employee data.

According to an article posted on TechCrunch, “The complaint references a tech blog reporting to note that Sony was aware of the insecurity on its network and took the risk.”

It has been confirmed that employee emails, website viewing activities, credit card website credentials, and social security numbers were among the data made public as a result of the Sony breach, and now after having already lost an estimated $100 million, Sony could be in for more expense at the hands of its own employees.


In a month where the security stakes have never been higher for corporations, CIO Magazine reported that Most Companies Fail at Keeping Track of Patches, Sensitive Data. According to its report,

  • 12% of companies have no patch management process at all
  • 58% of companies have a patch management process that is not fully mature (e.g. may patch the OS but not third-party applications)
  • 19% of companies have no control or tracking of sensitive data at all

If you see your organization in any of these statistics, now is the time to act. Your response will not only help keep your company out of the headlines but also out of the court room.

The Communicator’s Corner: Add to Your Holiday Cheer with ITScripts

466159259Earlier this month, Anne Steiner wrote a short series of blog articles called “Beyond Patch.” In this series she summarized three key features within Shavlik Protect that offer benefits beyond the program’s core patch management capabilities. As I read Anne’s articles, it occurred to me that these features were sort of like bonuses to our Shavlik Protect customers – a little something extra in the holiday stocking if you will. With the holiday season now in full swing, I thought I would expound on what Anne wrote by providing more details about each of the three key “bonus” features. In this article I will talk about our ITScripts feature. In coming articles I will discuss the power management and the anti-virus capabilities in Shavlik Protect.

So, what is this feature called ITScripts? Well, it enables you to execute a variety of PowerShell scripts on the console and on your remote target machines. As most seasoned IT folks know, PowerShell scripts are a great way to automate repetitive tasks across a large number of machines. With ITScripts you have access to scripts that enable you to perform everything from the most rudimentary task to highly advanced and complex operations. For example, you might want to search your target machines for a particular type of data, gather and read log files, install software, create a report, determine the status of a service, read the registry, etc. Wait, I know what you are thinking. You can do all of this using Shavlik Protect? Yes!

And here’s the beauty of it. The ITScripts feature leverages the machines, machine groups, and credentials that you already have defined in Shavlik Protect so you have immediate access to all of the machines in your organization. The scripts can be executed against your target machines either immediately or on a scheduled basis, and the results are reported to the Shavlik Protect console so that you have a complete historical record of all activity.

But is it secure you ask? Well, we are Shavlik, so you know that we have implemented a number of security features. For example, only scripts that are digitally signed by authorities that you trust can be imported into Shavlik Protect. In addition, only those scripts that you explicitly approve for use will be available to be executed.

Perhaps best of all, you do not need to be a scripting expert to take advantage of the ITScripts feature. Shavlik provides you with a large number of predefined scripts in the following categories: Maintenance, Configuration, Information, Support, Group Policy, and Network. You also have access to scripts created by trusted members of the Shavlik community. But if you are a scripting expert, we provide you with detailed guidelines for creating your own scripts and easily importing them into Shavlik Protect.

Interested in learning even more? You can:

Note: The ITScripts feature is available with either Shavlik Protect Advanced or as a separately licensable add-on to Shavlik Protect Standard.


December Patch Day Round-Up

ShavlikSecurityAlthough it was not as large as the November Patch Tuesday, December’s Patch Tuesday still had some important updates to close out the year.  Microsoft released seven bulletins, three of which were critical.  The three critical updates affect Internet Explorer, Microsoft Office, and VBScript engine.  Also, the Exchange update (MS14-075), which was deferred from the November Patch Tuesday, did release this month.

The Microsoft side of Patch Tuesday does not seem all that daunting of a challenge aside from the Exchange update.  Adobe, on the other hand, has added a number of critical updates to the December Patch Tuesday, which effectively doubles the priority 1 list for the month.  Adobe pre-announced an update for Acrobat and Reader, but on Patch Tuesday they released updates for Flash, Shockwave, and ColdFusion.  Shockwave and ColdFusion were lower priority updates, but the Flash update is resolving a vulnerability which was already being exploited in the wild.  We also have a couple of things to for you to watch out for in today’s Patch Tuesday Round-Up.

Known issues to look out for:

  • KB3004394: An update Windows Root Certificate Program in Windows, has caused some issues for companies.  The update, when applied to Windows 7 or Server 2008 systems, has caused a few issues such as MMC functions requiring Administrator authentication even when logged on as an Administrator, Windows Defender Service failing to start, and Windows Update Service being unable to apply additional updates.  KB3024777 has been released to fix the issue by removing KB3004394.
  • An issue occurred on Windows 10 Technical Preview where some users had to remove Office before they could apply the December update.  Recommendation is to try applying the updates before going through the more tedious workaround of removing office, installing updates, then re-installing office.  Most users will not see the issue.
  • Cannot insert object” error in an ActiveX custom Office solution after you install the MS14-082 security update.
  • Two of the November Bulletins had re-releases for specific affected products.  You will likely see some of those updates being reapplied this month.  Recommendation is to do so as the original fixes were not complete.  MS14-066 (Schannel) update on Vista and 2008 and MS14-065 (IE Cumulative) update on IE 8 for Windows 7 or 2008 R2 or IE10.  In the case of IE, applying the December IE Cumulative will also resolve the issues in the re-release.

Shavlik Priority 1 Updates (Priority 1 updates should be applied as soon as possible):

Normally I would start with Microsoft, but your highest priority this month should be Adobe Flash, the Advisory for updating the IE Flash Plug-In and the Google Chrome update to update Flash.

  •  APSB14-27 : Security updates available for Adobe Flash Player – This update resolves six vulnerabilities, one of which (CVE-2014-9163) was discovered being exploited in the wild.  The CVSSv2 base score for this vulnerability is a 10.0, which is the highest that can be assigned and it is Network Exploitable meaning an attacker does not need local network access or local access to exploit the vulnerability.  Admins should ensure they update Flash this month.  Not only for this update, but also for the other two Flash updates that occurred since November.  To fully patch Flash you must also update the Advisory for IE and the Chrome release so you have updated the plug-in for both browsers.
  • MSAF-034: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer  – Updates the Flash Plug-In for IE.  Nuff said.
  • CHROME-119: Chrome 39.0.2171.95 – Ditto on the Flash Plug-In.  Update it.  In addition Google released a Chrome update just after the November Patch Tuesday that included 42 security updates, including many High priority updates.  That is two very good reasons to update Chrome ASAP.
  • MS14-080: Cumulative Security Update for Internet Explorer (3008923) – This update is rated as Critical and resolves fourteen privately reported vulnerabilities in Internet Explorer.  Many of the vulnerabilities involve memory corruption, continuing a trend we have seen for most of 2014.
  • MS14-081: Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow Remote Code Execution (3017301) – This update resolves two privately reported vulnerabilities in Microsoft Word and Office Web Apps, which could lead to remote code execution if exploited.  The attacker would gain rights equal to the logged on user, so running as less than a full admin could reduce the impact of this type of attack if exploited.
  • MS14-084: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711) –  This update resolves one privately reported vulnerability in the VBScript engine.  If exploited an attacker would gain equal rights to the logged on user.  If the user is a full admin, the attacker would gain complete control of the affected system.
  • APSB14-28 : Security Updates available for Adobe Reader and Acrobat – This update resolves 20 privately reported vulnerabilities in Adobe Acrobat and Adobe Reader.  The impacts vary, but the worst of these could lead to code execution.  Adobe rated the update as a Priority 1, the highest priority Adobe assigns.

Shavlik Priority 2 Updates (Priority 2 updates should be tested and rolled out in a reasonable time frame, typically within 10-30 days of release):

  • MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712) – This update is rated as Important and resolves four privately reported vulnerabilities in Microsoft Exchange server.  Originally slated for November, this update was held until the December release.  Also, if you wait for the cumulative updates before updating, you may want to read up on the latest here.  The Exchange 2010 CU8 ran into some issues and was pulled from circulation then re-released.  The updated RU8 package is version number 14.03.0224.002 if you need to confirm you have the updated package.
  • MS14-082: Vulnerability in Microsoft Office Could Allow Remote Code Execution (3017349) – This update is rated as Important and resolves one privately reported vulnerability in Microsoft Office.  If you have not rolled this out yet please check on this article which I referenced in the known issues above.  “Cannot insert object” error in an ActiveX custom Office solution after you install the MS14-082 security update.
  • MS14-083: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (3017347) – This update is rated as Important and resolves two privately reported vulnerabilities in Microsoft Excel.
  • MS14-085: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) – This update resolves one privately reported vulnerability in Microsoft Graphics Component which could lead to information disclosure.

And that closes out December’s Round-Up.  Hopefully you all have your patching wrapped up before Christmas so you can relax, kick back, and enjoy the holidays.



Shavlik in the news- December Patch Tuesday

ShavlikSecurityCompared to last month’s Patch Tuesday (the biggest this year) this month’s was slightly calmer, with seven bulletins, three of which were Critical. There were also a few third-party updates from Adobe and Google Chrome.

Shavlik is often quoted in the press as an authority on patching, and this month we spoke with a variety of media on the news. In case you haven’t had a chance to read up on the news yet, here are links to a selection of the articles that include information from Shavlik:

Each month, we review the Microsoft and third-party releases for Patch Tuesday in a webcast, which occurs the day after the announcements are made. Our next webcast will take place shortly after the January Patch Tuesday announcement. If you’d like to attend, check back here for registration information. You can also view other recent webinars, including a recording of this month’s patch Tuesday webcast at the same link.


Patch Tuesday Advanced Notification December 2014

Bunker BlogThis month is a bit quieter than last month’s barrage of patches as there are only seven bulletins announced, of which three are Critical and four are Important.

The Microsoft Exchange patch (likely MS14-075) is on the list this month again and rated as Important. It is resolving an elevation of privilege vulnerability. Admins who have been watching for when that patch may drop can rest assured that it will not be before Tuesday. As you may recall, this patch was held out of last month’s Path Tuesday updates along with another out-of-band patch that was released later in November.  With all of the changes at Microsoft recently, this practice of holding a patch could become a pattern. It is likely that with less important patches, these will be released on a subsequent Patch Tuesday. However, for more important patches that aren’t ready for Patch Tuesday, they will likely be released later on in the month as they become ready for release.

There is a Critical Internet Explorer update this month as well. We have seen a steady trend of a Critical Cumulative Security Update for IE each month for some time. It may just become a regular fixture as all of the major browsers are getting a lot of attention in the white hat hacking community. We can safely say that this is going to become a Critical monthly occurrence.

There are two additional Microsoft Windows patches, one of which is rated as Critical, the other Important. The Critical update could allow for remote code execution, the Important update is an information disclosure vulnerability.

There are three updates for Microsoft Office including one Critical. All three Office updates resolve vulnerabilities, which could allow remote code execution.

Adobe released an update for Flash Player late in November, so maybe we will see a break in the nine-month streak of Flash Player updates on Patch Tuesday.  We will have to wait and see on that.

Google Chrome and Mozilla FireFox both released a couple of updates in the past few weeks, so we anticipate not seeing any additional Patch Tuesday updates from the other major browsers — unless we see a Flash update. In that case we could also see a Chrome update to support the plug-in.

Microsoft Security Bulletins:

  • 3 bulletins are rated as Critical.
  • 4 bulletins are rated as Important

Vulnerability Impact:

  • 5 bulletins address vulnerabilities which could allow Remote Code Execution.
  • 1 bulletins address vulnerabilities which could allow Elevation of Privileges.
  • 1 bulletin addresses a vulnerability which could lead to Information Disclosure.

Affected Products:

  • All supported Windows Operating Systems (Including the Technical Previews!)
  • All supported Internet Explorer versions.
  • Microsoft Office 2007, 2010
  • Microsoft Exchange 2007, 2010, and 2013

Join us as we review the Microsoft and third-party releases for December Patch Tuesday in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, December 10th at 10 a.m. CDT.  We will also discuss other product and patch releases since the November Patch Tuesday.

You can register for the Patch Tuesday webinar here.

For more information on Patch Management go here.

Beyond Patch: Shavlik Protect IT Scripts

As we continue in our “Beyond Patch” video blog series, let’s examine Shavlik Protect’s ITScripts capabilities.

Protect’s ITScripts allow you to run PowerShell scripts on targeted machines at a scheduled time.

Why is this important?

  • You can automate the performance of mundane maintenance tasks like Check Disk or defrags. Tasks that often get left undone due to time constraints can now be done automatically at a time of your choosing.
  • You can acquire information about the machines in your environment. For example, you can run scripts to report on disk space or when the machine was last rebooted.
  • Shavlik Protect provides a library of scripts you can use OOTB or…
  • You can create your own PowerShell scripts and use Protect to schedule and to deploy them. This means that nearly any operation can be automated.

Check out this video where Shavlik Product Evangelist John Rush walks you through the ITScripts capabilities within Shavlik Protect. For more information, please contact us at

Beyond Patch: Shavlik Protect Anti-Virus

Having effective patch management and anti-virus practices are two of the most basic building blocks of network security.

However, this often requires separate software solutions that come with separate agents and most importantly, separate costs. With Shavlik Protect’s antivirus, you can bring together what all too often is separate:  patch and A/V.

Shavlik’s anti-virus solution provides:

  • Access to patch and antivirus capabilities as well as reporting from a single console
  • A single-agent for managing patch, anti-virus, and anti-spyware policies
  • The ThreatTrack Security VIPRE engine

Check out this video where Shavlik Product Evangelist John Rush walks you through the anti-virus capabilities within Shavlik Protect. For more information, please contact us at

Beyond Patch: Shavlik Protect Power Management

We all know and love Shavlik Protect for its patch management capabilities, but Protect’s value doesn’t stop when the calendar flips past Patch Tuesday.

Protect offers a wide array of features that simplify the complexity of IT, save time and money, and keep your network more secure. In this video blog series we will explore the capabilities of Shavlik Protect beyond patch.


Maximize your time during maintenance windows, find un-managed machines on your network, be green, and even save your company some money…did you know that Shavlik Protect’s Power Management can do all of this and more?

With Shavlik Protect’s Power Management you can…

  • Turn off power-hungry machines when not in use
  • Control power up, sleep, and power down
  • Wake up machines for maintenance windows
  • Perform quick scans to find un-managed machines on your network

Check out this video where Shavlik Product Evangelist John Rush walks you through the Power Management capabilities within Shavlik Protect. For more information, please contact us at