Written by swernerOctober 22, 2018

‘Trend Micro Deep Security Agent’ prevents #ConfigMgr SMS_PROVIDERS component from updating

The Configuration Manager current branch (CMCB) shows every 60 minutes errors for SMS_PROVIDERS. It goes: Message ID 1018: Site Component Manager is reinstalling this component on this site system Message ID 1090: Site Component Manager could not stop the winmgmt service on site system Message ID 1020: Site Component Manager failed to reinstall this component […]

Written by swernerApril 25, 2018

Windows 10 1709/1804 Inbox App language

If you use Windows 10 language packs, the sources in the MultiLang-iso-files do not contain language updates for the Inbox Apps. In general, they should be updated by a scheduled task (Microsoft -> Windows -> Windows Update -> Automatic App Update), but this task requires the Store app to be accessible and the machine to […]

Written by swernerOctober 11, 2017

Detect Microsoft ADV170012 vulnerable machines via Configuration Manager

Microsoft published yesterday a security advisory (ADV170012 -Vulnerability in TPM could allow Security Feature Bypass), that shows a key generation weakness in Infineon’s TPM chip firmware. To solve the issue we first have to update the firmware of all vulnerable machines, so we have to identify them. As always, ‘Configuration Manager – Hardware Inventory’ can […]

Written by swernerJuly 25, 2017

VMware Workstation Pro Tech Preview 2017

VMware Workstation Pro Tech Preview 2017 is available. But even if it is now supporting Virtualization Based Security (VBS) features in Windows 10 guests, it still can’t be used on VBS enabled Windows 10 hosts. So, in enterprises VMware-based VMs still need to be converted in Hyper-V-based VMs.

Written by swernerJune 10, 2017

If an IT-security company is more interested in their business model than in IT security

This week Kaspersky Lab filed complaints against Microsoft at the European Commission and German Federal Cartel Office on Windows Defender Anti-Virus (Antitrust: Pursue It in Europe We Must) Home users So, Kaspersky do you really want to bring us back to the time users bought devices with 3rd party anti-malware apps pre-installed, that required them […]

Written by swernerMay 18, 2017

Automatically block DMA based devices to be loaded if the system is not securely configured

The load and execution of devices for the DMA based technologies Thunderbolt and IEEE1394 (Firewire) can be blocked via GPO (see Microsoft KB2516445) Since Windows 10 Enterprise security technology can mitigate the risk by enabling virtualization-based security with DMA protection (see here), it would be great if the GPO only applies on systems not meeting […]

Written by swernerMay 8, 2017

Extend Configuration Manager Hardware Inventory with INTEL-SA-00075 discovery information

Intel discovery tool Download the Intel discovery tool: https://downloadcenter.intel.com/download/26755 If the Intel-SA-00075-console.exe is executed with ‘-c’ it creates registry entries for the scan result, e.g. Extend hardware inventory I used RegKeytoMOF 3.3 (credits to Mark Cochrane – with help from Skissinger, SteveRac, Jonas Hettich, Kent Agerlund & Barker) to create the mof-files to extend the […]

End-User Computing

Managed Enterprise Workspace

Category: Uncategorized