Your email updates, powered by FeedBlitz

Click here to read this mailing online.

Here is a sample subscription for you. Click here to start your FREE subscription

"Small Business Susan" - 5 new articles

  1. Got a few hours to watch some videos?
  2. Real patch pain metrics
  3. Getting ready for a test run
  4. Patches to keep an eye on:
  5. Exchange updates
  6. More Recent Articles
  7. Search Small Business Susan
  8. Prior Mailing Archive

Got a few hours to watch some videos?

Lots of great videos here on this page:

Derbycon 2014 Videos (Hacking Illustrated Series InfoSec Tutorial Videos):

I highly recommend spending a few hours looking around the videos here!



Real patch pain metrics

Humor me please?

If you can recall a patch directly causing impact to your systems please email me directly – email (change the -at- to @) with the KB number and what it impacted please?  I would love to put together a list of real patch pain, and not just perceived patch pain.

Fact:  There have been a lot of non security updates that are impacting our patching views.

(I’m looking at you Exchange)

Case in point:
8/26/2014    CU 6 for Exchange 2013

Fact:  There have been a lot of click to run issues impacting our patching views:

6/13/2014    Click to run        Uninstall/reinstall
5/22/2014    Click to run        Activation issues

Fact:  There have been hiccups in Office releases – especially in regards to Outlook:
8/13/2014    Outlook 2013    KB2881011    Replaced with KB2889859

Lord knows KB2919355 has impacted my view of this year.

Off the top of my head these are recent pulled patches:
MS14-045 pulled and rereleased.
KB2949927 pulled

Anytime you see a Kernel update, expect slight turbulence especially in the consumer side.  Kernel updates interact with malware infected machines, pirated machines and antivirus vendors that get a little too much protection efforts.

I see the problem as a bit like the Ebola scare in the USA.  We’re scared because of a lack of communication.

There’s a lack of post release follow up and communication as I see it.  We have no idea how many machines are impacted, we just see the social echo of headlines and twitter feeds.

I am concerned that it seems like it’s taking longer to get investigations done.

We’re a week after release date and I still haven’t a clue why KB3000061 is failing, if the RDP patch is going to get a fix or if the fix should be expected from the vendors or what.

While security patches have a known issue section, other patches need a “we’re investigating” section with follow up.

So?  Can you help me out with a feel on REAL patch pain versus perceived patch pain?  I don’t want to know “I heard about an issue on a random blog/twitter account that someone was impacted”… I want to know exactly what patch gave you pain.

Getting ready for a test run

Getting ready for a migration at the office from the 2008 R2 era HyperV to a 2012 R2 era hyperV

iphone 064

And as the server sounds like a jet engine taking off…

it always makes me laugh how small the drives are, and how big the unit it

iphone 065

Makes ya wanna buy more hard drives and fill that sucker up.

So one of the things I’m doing this time is rather than doing a router in front of the server to separate out from the production network, I’m trying a virtual router

Fastvue Sophos Reporter How to Deploy Sophos UTM on Hyper-V in 7 Simple Steps:

So far it’s not as simple as that leads one to think it is.  I obviously have networking/binding to the nics mucked up because it won’t find the web console address.

I’ll try again tomorrow and let you know how I get along with a virtual router.


Patches to keep an eye on:

KB30000061 is a kernel update:
KB3000061 fails to install on Server 2012:   Also impacting Windows 8. EDIT:  Cases opened: 114101711916740 and 114101711915623


Two issues with KB2984972 – this is a patch to update the RDP restricted admin mode

“Heads up, KB2984972 on Server 2008R2 RD server caused issues with our Wyse thinclients – it caused them all to span desktops across multiple monitors rather than presenting multiple monitors to the host OS. After uninstalling & rebooting clients are presented with multiple monitors again.”  <<<< will impact MultiPoint Server as well too <<<<<

Another thread on the issue here:

App v and KB2984972 impact:   << case opened on this issue SRX 114101611907865.


KB2949927 – the SHA-2 update: Also seeing issues with KB2949927 getting installed:  and
EDIT:  KB2949927 has been pulled from Microsoft update on 10/17/2014


Then KB2995388 8.1 cumulative update causing issues with VMware workstation:

Workstation 10 issue with recent Microsoft Windows 8.1 Update | VMware Workstation Zealot – VMware Blogs:
We noticed that a recent Windows 8.1 Update (KB2995388) may cause issues when running VMware Workstation on a Windows 8.1 host with this update installed. User will see an error message “not enough physical memory” when booting up a virtual machine

Exchange updates

I install Exchange update rollups all by themselves and on 9/24 Exchange put the 2007 and 2010 update rollups on MU and WSUS.  Normally they don’t kick a reboot but this time it did.

While I have seen issues reported with the 2013 update especially in a mixed Exchange deployment with 2010, I have not seen issues with 2007 nor 2010.



More Recent Articles

Click here to safely unsubscribe from "Small Business Susan." Click here to view mailing archives, here to change your preferences, or here to subscribePrivacy