Bitdefender Forced an Unannounced Update for Windows 10

Recently, I have been testing Bitdefender with several of my clients, as it is now the preferred managed A/V solution from MaxFocus (formerly GFI).

This afternoon (Thursday 30-July-2015) we started receiving reports from customers that their workstations were suddenly rebooting. It turns out that Bitdefender has a new certified version of their software for Windows 10 which they wanted to push out today.

MaxFocus, for their part, did send out an email alert on Wednesday regarding this upcoming update. Shame on me for not seeing the email.

We received notification that Bitdefender has a new certified version for Windows 10 that we wish to roll out to the Bitdefender-powered Managed Antivirus service. This update will download automatically on current Release Candidate (RC) installs of Bitdefender MAV. We’re planning to push this update around 15:00 GMT on Thursday 30 July.

In this instance, the Bitdefender engine update will require a reboot of the end-point device, irrespective of its operating system. While Bitdefender engine updates will not normally require a reboot, this particular one does because of the release of Windows 10, and we want to ensure customers are aware. You can set the desired reboot behaviour within the Bitdefender MAV policy.

Connector for Windows 10 to 2012 R2 Essentials Now Available

This information just came in today:

Windows 10 Client Connector for connecting to Windows Server 2012 R2 is now Released via Download Center

We have now officially released the Windows 10 connector for connecting to Windows Server 2012 R2 via Download Center. It is available from the following URL:

http://download.microsoft.com/download/3/2/8/3280252F-E15C-4

Please note: we do not have the fix for the auto-download and installation released yet. So you have to manually download and install this client connector on the Windows 10 client machine. Then you can run the client deploy to start the connecting.

For the servers in-place upgraded from Windows 7, 8.1 to 10,  you will need to manually download and install this client connector and do the connecting again.

If the machine ID is the same after the upgrade, then everything will be working automatically. However if the machine ID is somehow changed during the upgrade, then it will be treated as a new client, so you have to leave the domain and connect to the Essentials server again. The old client back up data will be in the archive folder on the Essentials server, and you can still use that to do the restore back to the upgraded Windows 10 client.

Client Connector Status of Windows 10 and Server Essentials 2012 R2

IMPORTANT NOTE:  The client connector to connect Windows 10 to Windows Server Essentials 2012 R2 is currently being tested and is not yet available.

Once this updated connector is released, a link to download it manually will be posted. Doing a manual download is a known issue that is expected to be resolved in the October 2015 timeframe.

Over the years Microsoft has released a family of server platforms for the home and small business environments – including Small Business Server (SBS), Windows Home Server (WHS), and Server Essentials.

One of the key parts to these products is the “client connector” which is run from a client workstation to properly connect it to the server, include it in the dashboard, setup appropriate security, and, where appropriate, configure the workstation for daily backup.

In advance of the release of Windows 10, the Microsoft support team has released a blog post with a matrix identifying the availability and any restrictions for the client connector for each server platform, against each supported client operating system (Windows 7, 8, 8.1, and 10).

Client Connector availability with Windows Home Server, Small Business Server and Windows Server Essentials for Supported Client OS

Windows 10 One Day More!

image

Tomorrow (29-Jul-2015) is the official release date of Windows 10

In honor of this event, here’s my song parody to the tune of “Do You Hear The People Sing” from Les Misérables:

Do you hear the people cheer?
Knowing the day is drawing near?
It is the time for all the people
Who will want to get it first!
When the beating of your heart
Echoes the news that we all want
There is a life about to start
When tomorrow comes.

Will you join in this event?
Who will be strong and wait with me?
Beyond the last release
Is there a world you long to see?
Then join in this time
That will give you the right to be free!

Do you hear the people scream?
Windows 10 will soon be here
It is the download that the people
Who have waited long so long to cheer!
When the download finally starts
Pray that the Internet won’t crash
There is a life about to start
And it’s coming fast!

Will you load it right away?
So that the news may travel fast?
Some will wait, but some will say
Will you stand up and take your chance?
The cheers of the people
Will make the whole world dance!

Do you hear the people sing?
Windows 10 is not a dream
It is the update that the people
Who have waited so long to see!
When today with the setting sun
And all the backups have been done
There is a life about to start
And it’s Windows 10!

Ransomware Still Causing Havoc

Nearly two years ago (October 2013) I wrote a blog post titled “Beware Cryptolocker Malware Madness”, a warning about a new strain of ransomware called “Cryptolocker”.  At that time, I immediately implemented new protection software and strengthened security policies on the servers and workstations that I manage.

The Detroit Free Press recently ran an updated article about ransomware attacks on computers:

image

During these past two year, there have been several new variations of this malware threat. It has found its way into home computers as well as multi-national companies. Unfortunately, it is not easily detected by security or anti-virus programs. I have had to cleanup a ransomware attack only three times. In all three cases, we had backups available to restore those files that had been encrypted.

When a computer has been attacked, the virus begins to put a highly secured password on all your files. Suddenly, you find that you cannot open up letters, pictures, spreadsheets, as well as data files (Quicken, QuickBooks, etc.). And, if your computer is on a home or business local network, this ransomware can quickly spread to other computers or servers.

The reason it is called “ransomware” is because you generally have 72 hours to pay their ransom, which can range from $200 to thousands of dollars, to unlock your files. Unless you have a backup of those files, you either pay the ransom or lose those files for good.

In the near future I will be communicating with my clients on additional security precautions I will be recommending to minimize the threat and damage caused by this malware.

Will there be a Windows Server Essentials 2016?

imageWindows 10 for desktops and mobile devices is just around the corner.

That would be July 29th if you’ve been on vacation! –>

And … the next version of Windows Server will be Windows Server 2016.

The current version is Windows Server 2012, which includes a specific (post-SBS) version called Windows Server 2012 R2 Essentials.

So, it is only fair to have people ask: “Will there be also be a Windows Server 2016 Essentials (W2016E for short) released?”image

The following public Technet article mentions W2016E by name. So it would be a reasonable conclusion to think that they are planning on a W2016E version.

But — given that Server 2016 will not be rolled out until next year, things can always change.

http://blogs.technet.com/b/sbs/archive/2015/07/23/client-connector-availability-with-windows-home-server-small-business-server-and-windows-server-essentials-for-supported-client-os.aspx

image

Windows Store App Won’t Open in Windows 8.1

imageRecently I installed some new Windows 8.1 computers, and joined them to the local domain. One of the users informed me that the Windows Store app wouldn’t work. It would just flash for a moment, sitting on the Windows Store “green screen”.

There are a ton of posts from people with this problem, and just as many “solutions”.

Most of the solutions involved making sure that the “ALL APPLICATION PACKAGES” group name had read access permission to some or all of the Windows Registry hives (example), and/or read access permission to the Users, Windows, and Program Files folders (example).

I wasn’t ready to make those types of changes.

After more research, I found several suggestions that utilized a single Powershell command to fix the issue. Now, that’s a solution I like!

David Dixon’s blog post on the solution was the first of these that I found, and also the clearest in explanation.

Here are the steps:

  • Open an elevated command prompt
  • Type or paste:
    powershell -ExecutionPolicy Unrestricted Add-AppxPackage -DisableDevelopmentMode -Register $Env:SystemRoot\WinStore\AppxManifest.xml and press <Enter>.
  • Type or paste:
    start “” “ms-windows-store:” and press <Enter>. Be sure to include the quotes!

image

In the feedback section of David’s blog page, there are several comments that offers a similar version of these steps for the Windows 10 Technical Preview. Once Windows 10 is released to the public, I will post those steps, if applciable.

Funny Quotes about the Internet and the Cloud

I don’t generally post funny things on this blog site, but these two quotes, worth re-quoting, were sent to me this week. I had such a good laugh from both of them that I wanted to share them with everyone.IMG_1400

This first one reminds me of something my dad shared with me when I was a teenager: “Don’t believe everything you read”. This has been updated for the 21st century:

The trouble with quotes from the Internet is that you can never know if they are genuine. Signed, Abraham Lincoln”

The second one answers a question that I am often asked by customers and friends:
“What is ‘the cloud’?”

imageI usually respond with this analogy: “If I move your computer box to another room where you can’t see it, but you can keep your monitor, keyboard and mouse and you can continue to work – that’s ‘the cloud’. It’s a computer you can’t see!”

“There is NO CLOUD, just some other people’s computers”

New 2012 Windows Server 2012 R2 VM Couldn’t Complete the Updates Undoing Changes

Aarrgghh – why don’t I remember these things anymore????

I was in the process of firing up a new 2012 R2 VM,  and in my rush, I  clicked to download and install all updates before heading out to do some errands. When I got back home, I was greeted with the following error message:

We couldn’t complete the updates. Undoing changes. Don’t turn off the computer.

image

The thing is — this was a known issue over a year ago! One that my good MVP friend Boon Tee encountered it, and wrote up a blog post at that time for the workaround.

The problem occurs if you are creating a Gen 2 virtual machine (.vhdx) and KB 2920189 is included in the list of updates you are trying to install.

The solution?

Shutdown VM –> disable Secure Boot from the VM –> Start VM  and install updates –> Shutdown VM –> re-enable Secure Boot –> Start VM

You can find the option to enable/disable Secure Boot under the Firmware section of the VM settings.

image

Warning — the “Undoing changes” can take quite a long time to complete. I decided to delete the VM, and start over from scratch!

Srv.sys warning on Windows 2012 R2 Best Practices Analyzer

Sometimes we freak out over every warning message that is displayed when we run Microsoft’s Best Practices Analyzer (BPA). In setting up a new Windows 2012 R2 server recently , BPA displayed a single warning:

Srv.sys should be set to start on demand

The BPA simply says that “Client computers will not be able to access file shares …”

image

The BPA simply says that “Client computers will not be able to access file shares …”

Wow, that sounds more like a major error waiting to happen! Why, then, is it just a warning? 

The answer is that SMB 1.0 protocol is not on by default for Windows Server 2012 R2. SMB 1.0 is required for Windows XP workstations to access file shares.

So you can safely ignore this error.

But, in the chance that you need the SMB 1.0 protocol running, you can do so very easily by opening an elevated command prompt on the server and typing in this command:

sc config srv start=demand

More information is included in this Microsoft Technet article: http://social.technet.microsoft.com/wiki/contents/articles/21104.srv-sys-should-be-set-to-start-on-demand.aspx