Endpoint Focus https://blog.endpointfocus.com Enterprise Device Management Blog Thu, 08 Feb 2018 13:44:06 +0000 en-AU hourly 1 https://wordpress.org/?v=4.9.5 KB4041676 (OS Build 15063.674) – Inaccessible Boot Device – Blue Screen of Death https://blog.endpointfocus.com/kb4041676-os-build-15063-674-inaccessible-boot-device-blue-screen-death/ https://blog.endpointfocus.com/kb4041676-os-build-15063-674-inaccessible-boot-device-blue-screen-death/#comments_reply Fri, 13 Oct 2017 08:06:12 +0000 https://blog.endpointfocus.com/?p=1198 The post KB4041676 (OS Build 15063.674) – Inaccessible Boot Device – Blue Screen of Death appeared first on Endpoint Focus.

]]>

Thanks to KB4041676,  we have found ourselves once again quite busy during the 2nd week of the month. Its Windows patch week & Friday evening, so I will keep this brief.

If you have workstations\servers that are unable to boot into Windows. Boot into recovery mode using your windows recovery drive. If you don’t know how to create one, check out the steps here.

Click Troubleshoot, Click command prompt

 dism /image:c:\ /get-packages 

Looks for updates that are install pending.

dism /image:c:\ /remove-package /packagename:Package_for_rollupfix~XXXXXXXX /scratchdir:c:\temp 

Restart

Looks like Microsoft released these updates in error. If you Sync your WSUS catalog now, you shouldn’t them.

The post KB4041676 (OS Build 15063.674) – Inaccessible Boot Device – Blue Screen of Death appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/kb4041676-os-build-15063-674-inaccessible-boot-device-blue-screen-death/feed/ 0
ConfigMgr Software Center crashing with “SCClient has stopped working” on Windows 10 https://blog.endpointfocus.com/configmgr-software-center-crashing-with-scclient-has-stopped-working-on-windows-10/ https://blog.endpointfocus.com/configmgr-software-center-crashing-with-scclient-has-stopped-working-on-windows-10/#comments_reply Fri, 21 Jul 2017 00:52:14 +0000 https://blog.endpointfocus.com/?p=1107 During a recent Windows 10 SOE engagement, our customer reported that the ConfigMgr Software Center would crash a few minutes after opening it with the error “SCClient has stopped working”. Upon investigation it turns out that other applications, such as…

The post ConfigMgr Software Center crashing with “SCClient has stopped working” on Windows 10 appeared first on Endpoint Focus.

]]>
During a recent Windows 10 SOE engagement, our customer reported that the ConfigMgr Software Center would crash a few minutes after opening it with the error “SCClient has stopped working”.

“SCClient has stopped working” would appear several minutes after launching Software Center

Upon investigation it turns out that other applications, such as the PowerShell ISE, were also randomly crashing with the same issue. The Application Event Log pointed towards .NET Runtime, however the issue was only happening on a specific model (the HP EliteDesk 800 G1) – other hardware models running the same Windows 10 SOE were fine.

Application log was showing .NET Runtime errors

So it was a hardware specific issue and fortunately it turned out to be a simple solution – the ‘latest’ graphics provided by HP for the Intel HD Graphics 4600 graphics card, which was several years old, was causing the issue. Updating the driver to the latest release from Intel’s website, which had been released in early this year, fixed the problem!

Hope this helps!

Cheers

Sam

The post ConfigMgr Software Center crashing with “SCClient has stopped working” on Windows 10 appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/configmgr-software-center-crashing-with-scclient-has-stopped-working-on-windows-10/feed/ 0
ConfigMgr CB 1702 Unknown Computer Support reports ‘there are no task sequences available to this computer’ https://blog.endpointfocus.com/configmgr-cb-1702-unknown-computer-support-reports-no-task-sequences-available-computer/ https://blog.endpointfocus.com/configmgr-cb-1702-unknown-computer-support-reports-no-task-sequences-available-computer/#view_comments Thu, 25 May 2017 00:49:19 +0000 https://blog.endpointfocus.com/?p=944 The post ConfigMgr CB 1702 Unknown Computer Support reports ‘there are no task sequences available to this computer’ appeared first on Endpoint Focus.

]]>

One of our customers is having an issue with ConfigMgr Current Branch 1702 where the Task Sequence engine is reporting ‘there are no task sequences available to this computer’ when using Unknown Computer Support.

‘There are no task sequences available to this computer’ when using Unknown Computer Support

According to this post on Reddit, Microsoft is aware of a known bug in 1702 where the SMSUID of the x64 Unknown Computer object is assigned to another computer object, rather than it generating a new SMSUID.

We can verify that this is the case in SQL by running the following commands

select * from UnknownSystem_DISC

Obtain the SMSUID for the x64 Unknown Computer object

We can then run the following query to locate the computer object using this SMSUID.

select * from System_DISC where SMS_Unique_Identifier0 like '32c7eedc-1497-4fe3-b3ad-6cb5b55b2bb3'

We can see that another computer object has this SMSUID!

This computer object has the x64 Unknown Computer SMSUID

Therefore we receive ‘there are no task sequences available to this computer’ as the Task Sequence engine processing assigned Task Sequence deployments for that machine.

The post includes a permanent fix and states that Microsoft will be releasing a hotfix for 1702 to address this issue which I recommend waiting for. For now we have a few options:

1. Pre-stage the computer object (using Import-CMComputerInformation cmdlet) so that we’re building using known objects only
2. Delete the computer object that has the same SMSUID as the x64 Unknown Computer object, delete SMSCFG.ini on the machine and restart ccmexec to generate a new SMSUID.

Update 07/06/2017

Microsoft have fixed this issue in an update rollup released for ConfigMgr CB 1702

https://support.microsoft.com/en-au/help/4019926/update-rollup-for-system-center-configuration-manager-current-branch-v

Hope this helps!

Sam

The post ConfigMgr CB 1702 Unknown Computer Support reports ‘there are no task sequences available to this computer’ appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/configmgr-cb-1702-unknown-computer-support-reports-no-task-sequences-available-computer/feed/ 12
Microsoft security updates you need to deploy now https://blog.endpointfocus.com/microsoft-security-updates-need-deploy-now/ https://blog.endpointfocus.com/microsoft-security-updates-need-deploy-now/#comments_reply Sat, 13 May 2017 00:46:43 +0000 https://blog.endpointfocus.com/?p=917 The post Microsoft security updates you need to deploy now appeared first on Endpoint Focus.

]]>

Microsoft issued for what was described as the “worst Windows remote code exec (execution exploit) in recent memory.” The severe vulnerability in Windows Defender allows an attacker to take over an entire machine without  any user interaction.

Hours after this out-of-band emergency patch, Microsoft released its monthly “Patch Tuesday” updates.

The remote code execution flaw (assigned as CVE-2017-0290 by Microsoft in its security advisory) could allow an attacker to remotely execute malicious code and take over an entire machine.

May’s updates also include three other zero-day fixes. It’s important that you update your Windows machines as soon as you can.

Other Zero-day fixes

The first vulnerability (CVE-2017-0261) is a remote code bug that affects Microsoft Office. With this exploit, an attacker can send or trick victims into viewing a poisoned graphics file to take over their machines. Microsoft stated that they have received reports of limited targeted attacks using this flaw.

The next vulnerability (CVE-2017-0263) is an elevation of privilege flaw that allows any logged-in user to take control of a machine by running a specially crafted application. According to Microsoft, this flaw was exploited in the wild.

The third vulnerability (CVE-2017-0222) is another remote code execution weakness, this time in Internet Explorer. This flaw can be triggered with a specially crafted website causing Internet Explorer to improperly access objects in memory. Microsoft stated that this issue was also exploited in the wild.

 

WannaCry ransomware & SecurityUpdate for Microsoft Windows SMB Server (4013389)

wannacry

WannaCry ransomware outbreak as of 13/05/2017

For organisations around the world that have been hit with the WannaCry ransomware,  its leveraging a flaw in Microsoft’s Windows SMB service. The critical vulnerability was patched by Microsoft on March 14, MS17-010.

The post Microsoft security updates you need to deploy now appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/microsoft-security-updates-need-deploy-now/feed/ 0
Endpoint Focus Partners with CrowdStrike https://blog.endpointfocus.com/endpoint-focus-partners-with-crowdstrike/ https://blog.endpointfocus.com/endpoint-focus-partners-with-crowdstrike/#comments_reply Wed, 29 Mar 2017 02:46:41 +0000 https://blog.endpointfocus.com/?p=904 The post Endpoint Focus Partners with CrowdStrike appeared first on Endpoint Focus.

]]>

Hello everyone, today Crowdstrike made it official. For me, once every 10 years; you see technology that blows you off your chair. I had this moment with CrowdStrike. We are very excited to offer their AV replacement Falcon Prevent, along with EDR, Mointoring and Incedident Response capabilities. The release is below & talk to us if you would like a demo. Kind Regards JV

Strategic partnership equips organisations with cutting-edge endpoint protection

MELBOURNE, Australia – March 29, 2017 – Endpoint Focus, a device management and end-user computing specialist, today announced it has joined CrowdStrike’s Elevate Partner Program to extend access to the company’s industry-leading endpoint protection platform, threat intelligence and response services for organisations across the Australian region.

 

The CrowdStrike Falcon® Platform is the first and only endpoint security solution to unify next-generation antivirus, endpoint detection and response (EDR) and a 24/7 managed threat hunting  — all delivered via a single lightweight agent. Leveraging CrowdStrike’s innovative technology, customers gain unmatched protection from malware, exploits, malware-free intrusions and other advanced threats, while realizing all the scalability and efficacy benefits that only a fully cloud-based platform can deliver.

 

“As a relatively new business, we are perfectly positioned to bring next-generation technologies to our customers. The team wholeheartedly stands behind CrowdStrike’s revolutionary endpoint security platform that enables advanced prevention, detection and response to all types of threats,” said David Stagg, Partner and Consultant at Endpoint Focus. “Australian organisations are ready for next-generation security solutions and we are confident that with CrowdStrike on our roster, we’re able to deliver industry-leading, end-to-end protection to local enterprises.”

 

“We are pleased to have Endpoint Focus join our growing partner program, given the exponential customer demand we are seeing across APAC for our Falcon platform,” said Michael Sentonas, Vice President of Technology Strategy at CrowdStrike. “Endpoint Focus is already a trusted authority in the endpoint protection market and we are enthusiastic about joining forces to bring cutting-edge technologies and services to organisations across the region.”

 

The CrowdStrike Elevate Partner Program provides technology partners, solution providers, system integrators and managed service providers with the capability to deliver unmatched breach prevention to customers. CrowdStrike’s broad set of sophisticated and easy-to-use APIs enable customers to seamlessly integrate the Falcon platform with existing security solutions. Joint customers of Endpoint Focus and CrowdStrike have access to advanced endpoint security capabilities and services, allowing them to stop breaches with unrivalled effectiveness, efficacy, and accuracy.

 

About Endpoint Focus

Independent and Australian owned, Endpoint Focus provides specialised endpoint management services to enterprise customers across the country. Endpoint Focus works with organisations to help them make the best use of end-user, security and device management technology, regardless of the devices or its location. With value and relationships at the heart of Endpoint Focus’ business, the team prides itself on providing independent advice and honesty, always putting the needs, goals and budgets of its customers first. Endpoint Focus works with several partners in Australia including: Airlock Digital, CrowdStri

The post Endpoint Focus Partners with CrowdStrike appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/endpoint-focus-partners-with-crowdstrike/feed/ 0
Uninstalling the Windows ADK 8.1 causes adksetup.exe to crash https://blog.endpointfocus.com/uninstalling-windows-adk-8-1-causes-adksetup-exe-crash/ https://blog.endpointfocus.com/uninstalling-windows-adk-8-1-causes-adksetup-exe-crash/#view_comments Thu, 20 Oct 2016 22:48:08 +0000 https://blog.endpointfocus.com/?p=719 The post Uninstalling the Windows ADK 8.1 causes adksetup.exe to crash appeared first on Endpoint Focus.

]]>

During a recent ConfigMgr 1511 to 1606 site upgrade, we updated the Windows ADK for Windows 10 from version 1511 to version 1607 prior to upgrading the Primary Site server. Prior to performing this change, we found that the Windows ADK 8.1 was still installed on the Primary Site server and decided to uninstall it as only the Windows ADK for Windows 10 1607 is required.

During the removal process of the Windows ADK for Windows 8.1, adksetup.exe crashed during the uninstall of the Windows Preinstallation Environment component.

Windows ADK

Examining event viewer on the server showed the faulting application.

Event Viewer

Additionally, examining the ADK logs in the logged on user’s temp folder showed that the adksetup.exe errored with ‘failed to plan dependency actions to unregister package’

Fortunately, the solution was fairly straight forward; reinstalling the Windows ADK 8.1 caused all installed components to re-register and after the process completed, we were able to successfully uninstall it!

Cheers

Sam

The post Uninstalling the Windows ADK 8.1 causes adksetup.exe to crash appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/uninstalling-windows-adk-8-1-causes-adksetup-exe-crash/feed/ 2
ConfigMgr 1511 Prerequisite Check errors with “Check for incompatible collection references” https://blog.endpointfocus.com/configmgr-1511-prerequisite-check/ https://blog.endpointfocus.com/configmgr-1511-prerequisite-check/#comments_reply Wed, 28 Sep 2016 05:39:14 +0000 https://blog.endpointfocus.com/?p=668 coc hack without verification

The post ConfigMgr 1511 Prerequisite Check errors with “Check for incompatible collection references” appeared first on Endpoint Focus.

]]>

During a recent ConfigMgr 2012 R2 to ConfigMgr 1511 Primary Site upgrade, the setup prerequisite check returned an error stating to “Check for incompatible collection references”

SCCM Prereq CheckExamining ConfigMgrPrereq.log showed that there was collection mismatch dependency for the “Application Catalog” collection.

SCCM Prereq Check 2

SCCM Prereq Check 2

Reviewing this user collection in the ConfigMgr console showed that it had the All Systems collection (which is a device collection) as the limiting collection. So this mismatch in collection types was causing the issue and I suspect this had been created via an incorrectly configured PowerShell script.

SCCM Prereq Check 3

SCCM Prereq Check 3

Fortunately the fix was simple and after changing the limiting collection to All Users, the error disappeared from the prerequisite check and the upgrade completed successfully!

Cheers

Sam

The post ConfigMgr 1511 Prerequisite Check errors with “Check for incompatible collection references” appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/configmgr-1511-prerequisite-check/feed/ 0
Unable to open Microsoft Edge in Windows 10 https://blog.endpointfocus.com/unable-to-open-microsoft-edge/ https://blog.endpointfocus.com/unable-to-open-microsoft-edge/#comments_reply Fri, 16 Sep 2016 04:47:34 +0000 https://blog.endpointfocus.com/?p=535 I had an issue for a customer this week where Microsoft Edge had suddenly disappeared from their machine. Running the Get-AppxPackage PowerShell cmdlet confirmed that the universal application was still installed on the machine: So Microsoft Edge was still on…

The post Unable to open Microsoft Edge in Windows 10 appeared first on Endpoint Focus.

]]>
I had an issue for a customer this week where Microsoft Edge had suddenly disappeared from their machine.

Running the Get-AppxPackage PowerShell cmdlet confirmed that the universal application was still installed on the machine:

Get-AppxPackage | where Name -like *MicrosoftEdge*

So Microsoft Edge was still on the machine and fortunately PowerShell came to the rescue.

Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml" -Verbose}

This successfully reinstalled Microsoft Edge and restored it’s functionality!

Cheers

Sam

The post Unable to open Microsoft Edge in Windows 10 appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/unable-to-open-microsoft-edge/feed/ 0
When does a Windows 10 release reach end of life? https://blog.endpointfocus.com/windows-10-release-reach-end-life/ https://blog.endpointfocus.com/windows-10-release-reach-end-life/#view_comments Sun, 11 Sep 2016 23:23:42 +0000 https://blog.endpointfocus.com/?p=511 Earlier this year I spoke at the inaugural System Center Universe Australia event on managing Windows 10 servicing with ConfigMgr. At that time, we only had two releases of Windows 10 and Microsoft had not been exactly clear when a release would reach…

The post When does a Windows 10 release reach end of life? appeared first on Endpoint Focus.

]]>
Earlier this year I spoke at the inaugural System Center Universe Australia event on managing Windows 10 servicing with ConfigMgr. At that time, we only had two releases of Windows 10 and Microsoft had not been exactly clear when a release would reach end of life and stop receiving updates and support. We knew that there was minimum support of a year for each release, so what would happen to the initial 1507 build after this milestone had passed? How much longer were Microsoft planning on supporting it?

Quick recap of Windows 10 Servicing

To provide a more agile release cycle of new operating system features and improvements, Microsoft moved to a servicing model with the release of Windows 10. The model allows Microsoft to introduce new features, take advantage of new hardware innovations and provide security improvements without having to release service packs or entirely new versions. Remember, as Terry Myerson stated “there’s no one working on a Windows 11” (for now!)

To manage this release life cycle, Microsoft introduced the concept of ‘branches’ where each release would be staged and promoted from one branch to another once it had been deemed ‘ready’ for consumers and the enterprise. The release branches are as follows:

  • Windows Insider Program
  • Current Branch (CB)
  • Current Branch for Business (CBB)
  • Long Term Servicing Branch (LTSB)

By default, Windows 10 Home, Pro and Enterprise are on the Current Branch release schedule, and only Pro and Enterprise editions can join the Current Branch for Business cycle. LTSB does not receive operating system feature updates however it still receives monthly cumulative updates like the CB and CBB releases. The Windows Insider Program is an opt-in release schedule which receives early preview builds of Windows 10 and once a release is deemed release ready, it is promoted to Current Branch. This post will focus on the CB and CBB servicing branches.

Windows 10 Code Base

 

Current Windows 10 Releases

So far, we have had three releases of Windows 10 (excluding the Windows Insider Program and LTSB):

  • Windows 10 1507 (CB and CBB released July 2015)
  • Windows 10 1511 (CB released November 2015, CBB released April 2016)
  • Windows 10 1607 (CB released August 2016)

Windows 10 current versions by service option

When Microsoft released Windows 10 1507 in July 2015, it was the first Current Branch release of the operating system. Microsoft also released it to the Current Branch for Business branch as it was first time a Windows 10 build had been promoted to Current Branch. Microsoft’s goal with Current Branch for Business releases is to ensure that they are ‘enterprise ready’ by delaying the Current Branch release by at least 4 months to ensure that any major issues can be identified and resolved quickly. The Current Branch for Business release is the same as the Current Branch release however the latest cumulative update release is also included.

Support model for Windows 10 CBB releases

Microsoft have stated that they will only ever support two CBB releases at a time which at this stage are builds 1507 and 1511. Build 1607 is only a month old and will not be promoted to CBB for at least another 3 months.

Microsoft also recently announced that support for an expiring CBB release will be extended by 2 months to give organisations more time to plan and migrate to a newer CBB release. So therefore two months after 1607 is promoted to CBB, release 1507 will reach end of life and will no longer receive support or updates, which will be around February or March 2017.

Windows 10 Servicing

It’s also important to note that the LTSB has 10 years of support and updates (5 years support + 5 years extended support) so upgrading to newer LTSB releases such as the August 2016 version is optional.

Windows 10 releases moving forward

This year we are only receiving 1 new Current Branch release even though the frequency of Windows Insider Program releases has increased, as Microsoft has received feedback from the enterprise market stating that their initial intention of 3 to 4 CB releases a year was too aggressive and difficult to manage. Additionally Microsoft have stated that they are expecting to release only two more CB releases in 2017.

Summary

So to summarise:

  • Microsoft will only ever support two CBB releases at a time
  • After a third CBB release, the oldest CBB release will expire 2 months later (so really, Microsoft are supporting 3 releases for a short period of time!)

If you are currently running Windows 10 1507, you have approximately 5 to 6 months to migrate to a newer release, assuming that 1607 will be promoted to CBB in 3 to 4 months time (around December 2016 to January 2017) which includes the additional 2 months support. We recommend that you plan to do this as soon as possible to ensure that you have enough time to move to a supported release. If you are still evaluating Windows 10 or are about you, we recommend that you consider starting with build 1607 so that you receive the new benefits and longevity of this release.

If you have any questions or would like to discuss your Windows 10 servicing strategy further, feel free to leave a comment below or get in contact with us via our website

Cheers

Sam

The post When does a Windows 10 release reach end of life? appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/windows-10-release-reach-end-life/feed/ 4
Hello and welcome https://blog.endpointfocus.com/hello-and-welcome/ https://blog.endpointfocus.com/hello-and-welcome/#comments_reply Sun, 31 Jul 2016 23:00:14 +0000 https://blog.endpointfocus.com/?p=1 Hi and welcome to our website and blog, We started Endpoint Focus to address a gap in the local industry: to simplify device and application management services and provide solutions that are tailored to each customer’s needs. We’re intentionally keeping…

The post Hello and welcome appeared first on Endpoint Focus.

]]>
Hi and welcome to our website and blog,

We started Endpoint Focus to address a gap in the local industry: to simplify device and application management services and provide solutions that are tailored to each customer’s needs. We’re intentionally keeping things simple and lean – and so this blog is an opportune way for us to help you stay current with changes in our space, and to share tips and advice for those of you with endpoint management responsibilities.

We hope you find it useful – to stay in touch, follow us on Twitter, LinkedIn or via RSS.

Enjoy!

Jarrod, Sam and Dave.

The post Hello and welcome appeared first on Endpoint Focus.

]]>
https://blog.endpointfocus.com/hello-and-welcome/feed/ 0