Microsoft News – 23 January 2015

If you’ve just emerged from a cave or from under a rock, then you might like to read about Windows 10 and HoloLens. It’s been amazing to see how in “90 minutes”, the image of Microsoft has done a 180 degree turnaround. The carefully orchestrated and timed announcements on Wednesday were very effective.

System Center

Windows Client

Azure

Office 365

  • New Office Visio Stencil: These stencils contain more than 300 icons to help you create visual representations of Microsoft Office or Microsoft Office 365 deployments including Microsoft Exchange Server 2013, Microsoft Lync Server 2013, and Microsoft SharePoint Server 2013
  • Azure RMS Migration Guidance: The Azure RMS Migration guidance contains a whitepaper with step-by-step guidance and links to cmdlets and tools to migrate on-premises Active Directory Rights Management Services (AD RMS) server key and templates to Azure Rights Management services (Azure RMS) while preserving access to protected content.

New Security Vulnerability in ESXi

VMware posted this article where academic research has found a vulnerability with Transparent Page Sharing (TPS). Apparently they can use this to determine the “private” AES encryption key of another virtual machine. Woops … another “breakout attack” for VMware. I’m still waiting on the first one for Hyper-V.

TPS is one of those features that vFanboys cling to when attacking Hyper-V Dynamic Memory. Now VMware are turning if off by default (starting Q4 2014 for ESXi 5.1, and later for other versions). Hmm, this case raises questions about the security design of vSphere.

I agree with VMware that the vulnerability is impractical in terms of usefulness to an attacker. But what if you could use TPS to get the private SSL key of an application server in a multi-tenant cloud, and then use that to launch man-in-the-middle attacks? That would be a serious threat.

Choose your hypervisor carefully – breakout attacks are BAD.

I wonder what fresh hate will be vomited in my direction by the vFanboys 😀 Thanks to Flemming Riis (@FlemmingRiis) for the heads up.

Technorati Tags: ,,

Microsoft News Summary – 1 September 2014

Frak! It’s September already!?!?!?! Here’s my first update in a since last Wednesday – travel and events took priority.

The big news broke late on Friday and Saturday. The moron judge presiding over the FBI/Microsoft case cancelled the stay on the order to force Microsoft to turn over data from the Dublin data centre to the US feds, thus breaching privacy and violating Irish and European laws. Microsoft is refusing to comply and is appealing to a higher court in the USA.

Hyper-V

Legal

Azure

Windows Intune

PowerShell

Surface

  • What’s the Future for Surface Tablets? IMO, doom. It’s impossible to sell a business machine to business users if you don’t give businesses a way to buy the device and an SLA-enforced mechanism to support it. First of you to say "BYOD" gets a kick in the groin for drinking 2-year old Gartner KoolAid.

Licensing

VMware

Consumer

Microsoft News Summary – 26 August 2014

I know very few businesses deployed Windows 8, but any "upgrade" that requires a wipe & replace is not a service pack. However, that’s what Microsoft now thinks, and that’s had an impact on the Windows 8 support policy. Someone in Redmond needs a quick kick in the nether region, because coffee clearly won’t be strong enough.

And in other news on this slow morning, Steve Ballmer binged on a TV show featuring one of Hollyweird’s plastic surgery victims. Yeah; it’s always a slow period in the build up to big announcements.

Microsoft News Summary-2 May 2014

The big news yesterday was the general release of the new patch for IE on XP. Personally, I think this is a stupid mistake by Microsoft, and it will lead to some laggards to reason that Microsoft has reversed course on the end of support. Microsoft can comment all they want; most people never read blogs, press, or attend events. The mistake has been made, and it was one of the dumbest releases since Bob.

Microsoft News Summary-1 May 2014

Happy May Day, comrades! I was tied up with events the last couple of mornings so here is two days worth of news. Note the new beta for System Center Advisor. The security functionality looks very interesting!

VMware Is More Secure Than Hyper-V … And A Leprechaun Marries A Martian

In case you have been hiding under an IT rock, the world of the Internet has been rocked by a vulnerability found in the widely used OpenSSL. MVP Troy Hunt has a good description of the vulnerability here.

The list of known vulnerable sites is a who’s who of the Internet. Interestingly, servers that run on Windows Server and use the native SSL features of IIS are not affected. Note that Windows Server and System Center use native IIS functionality. Microsoft has also confirmed that Azure is also not susceptible to this attack.

Hmmm, who else is out there that might be vulnerable? Who do many claim is more secure, but really they’ve been found lacking? Who had a breakout attack (maybe more than one)? Who had a weakness in the design of their virtual storage that allows a guest OS admin to read files (passwords) from the host? Which other virtualization company is susceptible to Heartbleed?

Hmm, would it be …

VMware?

Yup, if you have a recent product from VMware then your virtualization or cloud is vulnerable to attack. Got a public cloud based on vSphere? You are probably vulnerable.

The lesson here is simple: Building alleged enterprise-class software where no-one is responsible for trustworthy computing reviews is negligent. Who reviewed that code?

Now tell me that Microsoft makes insecure software … penguin lovers! Stick your hands up so we can send the men with nets after you conspiracy theorists or your bosses can identify the weak links in their IT departments.

Technorati Tags: ,

Please Welcome 5nine!

I’m pleased to announce that 5nine have become a sponsor of my blog.  5nine is a key player in the Hyper-V partner ecosystem, making of security, networking, and management tools & extensions.

Manager Banner 235x235 (Free)

You’ll find an alternative to SCVMM for small/medium businesses, extensibility to SCVMM and the Hyper-V virtual switch for the medium to large enterprise, and a number of very useful free tools.

Please take the time to evaluate 5nine’s tools and see what they could add to your network.

5nine Software Releases V2.0 Of VMware-To-Hyper-V V2V Conversion Tool (FREE!)

5nine Software announced the release of the free 5nine V2V Easy Converter v2.0 yesterday.  This will allow you to convert VMware VMs into Hyper-V VMs with support for VHD and VHDX and the following guest OSs:

  • Windows Server 2008
  • Windows 7
  • Windows Server 2003 (x86 and x64)
  • Most of Advanced Server 2000
  • Ubuntu Linux
  • CentOS Linux

Yes: V2V conversions to Hyper-V for Linux guests!

The last three versions of Hyper-V are supported:

  • Windows Server 2008 R2 SP1 Hyper-V
  • Windows Server 2012 Hyper-V
  • Windows Server 2012 R2 Hyper-V

If you have any questions, please contact 5nine Software Information at info(at)5nine(dot)com or via phone +44 (20) 7048-2021 from 7am to 5pm GMT

Virtualisation Momentum Shifted – VMware Versus Microsoft

I just saw a picture that (Microsoft executive) Brad Anderson tweeted that was taken last Thursday at the IPExpo event in the UK.

This is where a Tad fanboy will proclaim that no big company really uses Hyper-V.  Let me tell you of my experiences in the UK.

1 year ago I presented at the UK launch of WS2012 in London.  There were 1,000 people in the room.  Outside our MVP lead set up a couple of white boards for MVPs to answer what we thought might be one or two questions.  I personally had people from Fortune 500’s (and I never name names in these scenarios) come up to me and say they now wanted to make the switch, and wanted to learn how.

Last month I spoke at an MVP event, again in London, and once again, large companies filled the room.  But what really caught my attention was one particular company.  This is a very successful and internationally renowned company that operates on the extreme edges of performance.  One could almost say they work in a life and death business where milliseconds are the difference between success and being out of business.  They use Hyper-V.

I’m not saying this has been easy.  The program managers, architects, developers and testers of the product, the Microsoft field staff, all have done amazing work.  Folks in the community, such as us MVPs, stood on stages in the early days and took abuse for 40-75 minutes while we told people what was coming.

Market share you say?  Yes, VMware still leads, but that lead is shrinking.  It’s just a matter of time now.