Categories
Microsoft

Does your Computer stops responding during shutdown if BitLocker is enabled? – Hotfix Available

Assume that you enable BitLocker for the system drive on a computer that is running Windows 7 or Windows Server 2008 R2. Then, you shut down the computer. You notice the computer intermittently stops responding during shutdown.

bitlockerAdditionally, the operating system seems to have already shut down, and then the screen turns black. However, the computer does not turn off completely. Therefore, you may notice that the computer fan and other devices are still turned on.

This problem does not occur if BitLocker is completely disabled, or if BitLocker is enabled on a data drive but disabled on the system drive.

If you are facing this issue, Download this Hotfix here!!

You must restart the computer after you apply this hotfix.

Microsoft has confirmed that this is a problem in the following Operating Systems,

  • Windows 7 Ultimate
  • Windows 7 Enterprise
  • Windows Server 2008 R2 Datacenter
  • Windows Server 2008 R2 Datacenter without Hyper-V
  • Windows Server 2008 R2 Enterprise
  • Windows Server 2008 R2 Enterprise without Hyper-V
  • Windows Server 2008 R2 Standard
  • Windows Server 2008 R2 Standard without Hyper-V

Courtesy:  To find more information on this Hotfix – Read this

Categories
General Microsoft Windows Installer, Application Compatibility and Deployments

Microsoft Patches its Windows and Office Products – Patch Tuesday, November 2009

Microsoft has released six new security bulletins with fixes for a total of 15 vulnerabilities affecting its Windows and Office product lines.  Three of the six bulletins are rated “critical,” meaning they can be used to launch remote code execution or worm attacks without any user action.  One of the Windows vulnerabilities could expose users to drive-by malware attacks via the browser.

Security bulletins are released monthly to resolve critical problem vulnerabilities. This article provides you with an overview of the new security bulletins being released on November 10, 2009.  

Bulletin ID Bulletin Title Max Severity Vulnerability Impact Restart Requirement Affected Software*
MS09-063 Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) Critical Remote Code Execution Requires restart Microsoft Windows Vista and Windows Server 2008
MS09-064 Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) Critical Remote Code Execution Requires restart Microsoft Windows 2000 Server
MS09-065 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) Critical Remote Code Execution Requires restart Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
MS09-066 Vulnerability in Active Directory Could Allow Denial of Service (973309) Important Denial of Service Requires restart Microsoft Windows 2000 Server, Windows XP, Windows Server 2003, and Windows Server 2008
MS09-067 Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) Important Remote Code Execution May require restart Microsoft Office Excel 2002, Excel 2003, Excel 2007, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format converter for Mac, Excel Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
MS09-068 Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) Important Remote Code Execution May require restart Microsoft Office Word 2002, Word 2003, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format converter for Mac, Office Word Viewer, and Office Word Viewer 2003

* The list of affected software in the summary table is an abstract. To see the full list of affected components please visit the bulletin via the link in the left column and navigate to the “Affected Software” section.

Summaries for new bulletin(s) may be found at http://www.microsoft.com/technet/security/bulletin/MS09-nov.mspx

Categories
General Microsoft

Attention FireFox Users !!!

Remember that Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without explicit permission from end users?

Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically used in drive-by malware downloads.  The flaw was addressed in the MS09-054 bulletin that covered “critical” holes in Microsoft’s Internet Explorer but, as Redmond’s Security Research & Defense team explains, the drive-by download risk extends beyond Microsoft’s browser.

A browse-and-get-owned attack vector exists. All that is needed is for a user to be lured to a malicious website. Triggering this vulnerability involves the use of a malicious XBAP (XAML Browser Application). Please not that while this attack vector matches one of the attack vectors for MS09-061, the underlying vulnerability is different.  Here, the affected process is the Windows Presentation Foundation (WPF) hosting process, PresentationHost.exe.

While the vulnerability is in an IE component, there is an attack vector for Firefox users as well. The reason is that .NET Framework 3.5 SP1 installs a “Windows Presentation Foundation” plug-in in Firefox.

Now, Microsoft’s security folks are actually recommending that Firefox users uninstall the buggy add-on:

For Firefox users with .NET Framework 3.5 installed, you may use “Tools”-> “Add-ons” -> “Plugins”, select “Windows Presentation Foundation”, and click “Disable”.

This introduction of vulnerabilities in a competing browser is a colossal embarrassment for Microsoft.  At the time of the surreptitious installs, there were prescient warnings from many in the community about the security implications of introducing new code into browsers without the knowledge — and consent — of end users.

Courtesy: Thanks to Zdnet for this information post !!

Also, If you havent run the patches yet., please do that immediately.

Categories
Microsoft Windows Installer, Application Compatibility and Deployments

Microsoft’s recent Security Updates for Visual Studio break Windows Installer Updates

Taken from Stefan Kruger’s Blog- This problem was brought up in a question on the InstallSite Forum and is also mentioned in a blog post by Gauravb (who appears to be a Microsoft employee).

The typical symptom is missing or not updated files after you install a Small or Minor Update to your application (Major Upgrades are not affected). In the installer log file you’ll notice that some features have been switched to “advertised” state and instead of being installed locally. The actual cause is noted in the SELMGR error message in the log similar to this:

SELMGR: ComponentId ‘{-GUID-}’ is registered to feature ‘-Feature-Name-‘, but is not present in the Component table. Removal of components from a feature is not supported!

This happens if your setup includes a merge module like Microsoft_VC80_CRT_x86.msm and you rebuilt your setup package after installingsecurity updates 971090 and 973673 for Visual Studio 2005 SP1 or 971092 and 973675 for Visual Studio 2008 SP1. These security updates install newer versions of merge modules.

Apparently a component that existed in the original version of the merge module has been removed in the updated msm. Removing a component is a violation of Windows Installer’s rules for Small and Minor Updates.

To read more on the MergeModules which are affected and the WorkArounds – check this link – http://msmvps.com/blogs/installsite/archive/2009/09/12/microsoft-s-recent-security-updates-for-visual-studio-break-windows-installer-updates.aspx

Categories
Windows Installer, Application Compatibility and Deployments

How to Slip Stream Application Patches?

There are better methods to handle patches with Windows Installer. However, when this doesn’t work, Slip-Streaming can be a Just in time solution. Slip-Streaming is a process which applies MSP to the MSI where MSI has not been installed on the system. If the Service Pack is in MSP format, then it can be directly installed on the system where the application is present.

In this phenomenon, MSP is automatically added to the MSI file itself and one can directly install the changed MSI. It can be called used by the following command:
msiexec /p abc.msp /a abc.msi

Disadvantages of Slip-Streaming Patches
1. The patch alone can never be un-installed.
If the patch has some problems, we will need to uninstall the entire application and to install the base application again without any patch. This is a very tedious process.
2. The user will not be aware of the patch application on the core MSI.
3. Consecutive patches can’t be applied.

Thanks Sunil and Harsha for this information!

Categories
Best Practices How-to Microsoft Tools Windows Installer, Application Compatibility and Deployments

How to create a Windows Installer Patch using Wise Package

Step 1: Launch the Patch Creation tool from within your Wise product. The Patch Creation tool’s Welcome dialog appears. This dialog offers an outline of the steps for creating a patch.

Step 2:
Read the information on the Welcome dialog, and click Next when finished. The Specify Patch Settings File dialog appears.

Step 3: The radio buttons on the Specify Patch File Settings dialog indicate whether to create a new patch file or Open an existing patch settings file. A patch file (.PCP) stores settings from the Patch Creation tool, such as the names of the previous and new .MSIs and whether to include whole files or file patches when compiling the patch. For this exercise, select the radio button to create a new patch file and click Next. The Specify Previous Versions dialog appears.

Step 4: Use the Specify Previous Versions dialog to add entries for each of the previous versions of an installation that the latest version can patch. Click Add to add a previous version. The Previous Version Details dialog appears.

Step 5: Click Browse to browse to the .MSI for the previous version of your application. Click Open after locating the .MSI.

Step 6: Make any desired changes on the Previous Version Details dialog. The settings in the Validation section of the dialog indicate the requirements of the previous installation on the destination computer in order to install this patch. Please view the online help by pressing F1 on the Previous Version Details dialog for more information about the various fields.

Step 7: Click OK when finished making changes on the Previous Version Details dialog. A dialog might appear, saying that the installation database is marked as compressed and PatchWiz.dll does not operate on compressed databases. Click Yes to run an admin install to extract the files from the .MSI and continue creating the patch. Windows Installer extracts the .MSI and the Specify Previous Versions dialog shows a target path pointing to a temporary directory where the extracted .MSI resides.

Step 8:
Add other previous versions if applicable, then click Next on the Specify Previous Versions dialog. The Specify Upgrade Version dialog appears.

Step 9: The Specify Upgrade Version dialog shows the path to the .MSI that upgrades the previous versions enumerated on the Specified Previous Versions dialog. When launching the Patch Creation tool with an installation project already open, the Upgrade MSI path field contains the path to the .MSI for the current installation project. Click Browse to browse to the upgrade .MSI if the Upgrade MSI path field doesn’t already contain the correct information.

Step 10:
Click Advanced to display the Advanced Upgrade Version Details dialog. This dialog shows the Patch GUID and a field for Previous Patch GUIDs to replace. Please view the online help by pressing F1 on the Advanced Upgrade Version Details dialog for more information about the fields on the dialog. Click OK when finished making changes to the Advanced Upgrade Version Details.

Step 11: Click Next on the Specify Upgrade Version dialog. A dialog might appear, saying that the installation database is marked as compressed and PatchWiz.dll does not operate on compressed databases. Click Yes to run an admin install to extract the files from the .MSI and continue creating the patch. Windows Installer extracts the .MSI to a temporary directory, and then the Compile Patch dialog appears.

Step 12: The Compile Patch dialog shows several options for compiling the patch. The first field is the name of the Output .MSP file. Browse to the location where to store the .MSP file, or type in the full path including the file name.

Step 13: The Advanced Settings on the Compile Patch dialog determine whether to create file patches or to use entire files, whether to allow the Product Code or Version Number to differ between the previous and upgrade, and whether to create a log file. Mark the checkboxes for these options to enable them.

Step 14:
The Multi-patch Media settings indicate the starting file sequence and disk ID numbers as well as the volume label for the .MSP and the prompt that displays when the application needs to be repaired. Again, please view the online help by pressing F1 on the Compile Patch dialog for more information. Note that the Volume Label on this dialog must match the volume label on the CD or other write-protected media that distributes the patch. Click Next on the Compile Patch dialog to continue the patch creation process.

Step 15: The Patch Creation tool begins creating the patch. A dialog might appear, saying “ProductCodes between Target and Upgraded images do not match; do you want to proceed anyway?” Click Yes to continue creating the patch, or click No to stop. Another dialog might appear, saying “ProductVersions between Target and Upgraded images do not match; do you want to proceed anyway?” Click Yes to continue creating the patch, or click No to stop.

Step 16: When the Patch Creation tool has finished creating the patch, the Compile Patch dialog says Patch creation completed and has a View Log button. Click View Log to view the patch creation log, or click Finish to close the Patch Creation tool.