KB4487011 and KB4487006 fix unresponsive app issues

Microsoft recently released Windows 10 cumulative updates KB4487006, KB4487011, KB4487021, and KB4487029 addressing non-security bugs in the operating system. The company aims to enhance the reliability of the OS with bug fixes, stability enhancement and quality improvements.

KB4487011 improvement and fixes

KB4487011 offers four major improvements and fixes that we’ll list below:

1. IE Fails To Load Images Bug Fix

The update addressed the problems related to loading images having a backslash () in their relative source path. The issue was reported in the previous releases.

2. Microsoft Access Bug Fix

The Microsoft Access bug was responsible for randomly stopping those apps that are using Microsoft Jet database along with the Microsoft Access 95 file format. Just like the previous issue, this bug was also reported in KB4487044.

3. Application Not Responding Bug Fix

This issue was reported by the users that the issue arose when the same input queue is used by its two threads.

4. Device Compatability Issue Fix

This fix addresses a bug that existed in the evaluation of the compatibility status of the entire ecosystem of Windows. It is done to ensure device and application compatibility for all Windows updates.

KB4487011 Known Issues

As of now, Microsoft has not acknowledged any known issues in the update. The blog post will be updated if the tech giant confirms any potential bugs.

KB4487006 Improvement & Fixes

Apart from the device compatibility and issues and Microsoft Access bug fix, the update comes along with a series of bug fixes. Some of the major features are discussed below.

1. Remote Desktop Protocol (RDP) Client Bug

The release of KB4487006 resolved a major issue that existed in the previous build. The users got black screen at the login in the Remote Desktop Protocol (RDP) client application.

2. win32kfull.sys Reliability Issue

The update fixes a reliability issue with win32kfull.sys, that existed in the previous versions. The bug was initially introduced in KB4487026.

3. Microsoft Outlook “The operation failed” error

When a user tried to open the Microsoft Exchange Address Book, “The operation failed” used to appear. The issue was introduced after the installation of KB4457127 on Active Directory domain controllers.

KB4487006 Known Issues

1. Startup Issues in Specific Laptops

Specific Lenovo and Fujitsu laptops that currently have less than 8 GB RAM may face startup issues. The bug is created as a result of KB4467691installation.

One of the easiest ways to resolve the issue is restarting your machine with the help of Unified Extensible Firmware Interface (UEFI). Make sure to disable Secure Boot before restarting the device.

2. Cluster Service Start Fail

If the “Minimum Password Length” of the group policy uses more than 14 characters then the users can face cluster service start fail error. The following error message is displayed to the user “2245 (NERR_PasswordTooShort)”. The installation of KB4467684 triggers the error.

Microsoft is currently working to resolve the issue and the workaround is expected to be available in the coming weeks. Till now the company suggests the users to set the default minimum password length policy to equals to or less than 14 characters.

3. IE 11 Authentication Issues

Some authentication issues are reported in Internet Explorer 11 right after the installation of IE11. As soon as the same account is used by two or more users for various concurrent login sessions on the same Windows Server machine.

Microsoft recommends the users to create unique user accounts. Moreover, multiple RDP sessions should be disabled for each user account.

System Center Virtual Machine Manager (SCVMM) fails to manage the logical switches that have been deployed on the host that is managed by SCVMM. Also, a stop error is raised in vfpext.sysif you fail to follow the best practices.

A quick workaround is to access the affected host machine to run mofcomp files for running two mof files named as Scvmmswitchportsettings.mof and VMMDHCPSvr.mof. Microsoft recommends that users can avoid a stop error by following the best practices.

Download KB4487011/KB4487006 for Windows 10

The KB4487011/KB4487006 patch can be automatically downloaded through the Settings menu. If you have not yet received the update you need to open the Settings menu by pressing Win+I. Now you need to navigate to Update & Security >>Windows Update >> Check for updates.

You can enhance the consistency of the update process by installing the latest servicing stack update (SSU) just before installing the LCU KB4487011.

Microsoft has followed its tradition to specify third Tuesday of the month for the release of the non-security cumulative update. Although these updates are termed as non-security, it is yet not clear that either security components are included in the update or not. 

Comment down below if you have faced any pre and post-installation issues while installing KB4487011 and KB4487006.

Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released

Microsoft released several cumulative updates for different Windows 10 versions on February 19, 2019. The cumulative updates KB4487029, KB4487021, KB4487011 and KB4487006 update Windows 10 version 1803, 1709, 1703 and 1607 but not the current version 1809.

Only the Enterprise editions of Windows 10 version 1607 and 1703 are supported. Home and Pro editions of these versions of Windows 10 are no longer supported; in other words: you need to upgrade the operating system to a supported version to receive continued support with updates.

Note: These are not security updates; they fix stability and other issues only. It is recommended that you back up your system before you install the updates or wait if you are not affected by any of the listed issues.

And Windows 10 version 1809? Microsoft pushes cumulative updates for the current version of Windows 10 to the Release Preview ring first before release. It is likely that an update will be released in the coming days / week.

KB4487029 for Windows 10 version 1803

KB4487029

Windows 10 version 1803 is the most used edition of Windows 10. Microsoft launched Windows 10 version 1809 last year but bugsforced the company to stop the distribution of the operating system for weeks.

The update increases the build of the operating system to 17134.619. The following changes are listed in the changelog:

  • Media Content can play e-learning content with USB adapter cables on Microsoft Edge.
  • Windows ActiveX content in iframes scrolls with other content in Internet Explorer 11.
  • Fixed an issue that caused Registry keys that are app-specific to be deleted after updates.
  • Time Zone information for Chile updated.
  • Fixed an audio compatibility issue of games with 3D Spatial Audio modes.
  • Fixed an issue that prevented users from pinning web links to Start or the Taskbar.
  • Fixed an issue that prevented the lockscreen image from updating.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user hive updating issue.
  • Fixed an issue that allowed protected files (by Windows Information Protection) to be transferred using Bluetooth.
  • Fixed an issue with Internet Explorer proxy settings that caused the initial logon to stop responding.
  • Fixed an issue that prevented the deletion of wireless network profiles.
  • Addressed the cause for error “STOP 0x1A”.
  • Fixed a Timeline issue that caused File Explorer to stop working.
  • Fixed an issue that caused the Photos app to stop working when used from within the Mail app.
  • Fixed a PLMDebug.exe tool issue that caused the losing of debug sessions.
  • Improved AOVPN (Always On VPN) reconnect and disconnect functionality.
  • Further Japanese era name issue fixues.
  • Fixed an issue that caused Internet Explorer to skip loading images that have a backslash character in their relative source path.
  • Fixed an issue that caused applications that use Microsoft Jet Databases with Microsoft Access 95 formats to stop working.

You can download the update manually from the Microsoft Update Catalog website.

KB4487021 for Windows 10 version 1709

KB4487021

The update includes some of the fixes found in the update for Windows 10 version 1803 but not all of them. It does include some fixes that are not included in the update for version 1803.

The update increases the build to 16299.1004.

The changelog lists the following fixes and improvements:

  • Time Zone information for Chile updated.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user hive updating issue.
  • New Group Policy called “Policy Details” that disconnects any wireless connections immediately when a wired connection is detected and “Minimize simultaneous connections” is configured.
  • Additional Japanese era date and format fixes.
  • Fixed the Internet Explorer not loading images with backslash characters in path issue.
  • Fixed an issue that caused applications that use Microsoft Jet Databases with Microsoft Access 95 formats to stop working.

You can download the update manually from the Microsoft Update Catalog website.

KB4487011 for Windows 10 version 1703

KB4487011

The update is only for Windows 10 Enterprise and Education editions. The update brings the build to version 15063.1659.

It includes the same updates as KB4487021 with the exception of the following exclusive additions:

  • Fixed an issue that caused programs to stop responding if its threads share the same input queue.
  • Addressed an issue with a rooted pointer to an item identifier list (PIDL) in File Explorer

The update is available on the Microsoft Update Catalog website as a manual download.

KB4487006 for Windows 10 version 1607 and Windows Server 2016

KB4487006

The update bring the version of the operating system to 14393.2828. It is only available to Enterprise and Education editions.

The changelog lists the following improvements:

  • Chile Time Zone information update.
  • Fixed an issue that caused Remote Desktop Protocol client applications to display a black screen on login.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user name display issue in the Routing and Remote Access Service (RRAS) servers.
  • Addressed an issue that caused updates to a relying party trust to fail when using PowerShell or the Active Directory Federation Services (AD FS) management console.
  • Fixed an issue that caused “specific error message for external complexity password changes” to display.
  • Fixed an issue that caused Microsoft Outlook to throw the error “The Operation Failed” when viewing Microsoft Exchange address books.
  • Fixed an issue that prevented the enabling of Storage Maintenance Mode.
  • Fixed a server stop working error when handling a compound client request that includes a rename.
  • Fixed error 0x165 when pausing a node and taking it down for maintenance.
  • Fixed a cause for Stop 24 error on a virtual Remote Desktop Service server.
  • Fixed an issue with Japanese era names.
  • Fixed a reliability issue with win32kfull.sys.
  • Fixed the Internet Explorer not loading images with backslash characters in path issue.
  • Fixed the Microsoft Jet database access issue.

Microsoft lists three known issues, all known already:

  1. For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.
  2. After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
  3. After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

The update can be downloaded manually from the Microsoft Update Catalog website.

Summary
Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released
Article Name
Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released
Description
Microsoft released several cumulative updates for different Windows 10 versions on February 19, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement

Related:

  • No Related Posts

Unable to use the O365 Proplus in Citrix session

1) Make sure that the Office is installed as per the Microsoft best practice with SharedComputerLicense

2) to verify that we have installed the correct version you should open the registry and find the following key:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftOfficeClickToRunConfiguration.: SharedConputerLicensing: value 1

3) Download the O365 ADMX files from the following location

https://www.microsoft.com/en-us/download/details.aspx?id=49030

4) Copy the ADML and ADMX files to the respective folders under Policy definition of the Domain controller

5) Open gpmc.msc and navigate to the following policies.

Computer ConfigurationPoliciesAdministrative TemplatesMicrosoft Office 2016 (Machine)Licensing Settings.

6) Enable “Use shared computer activation” policy

7) Reboot the VDA machines

Related:

  • No Related Posts

Office 2019 – no more patching via Symantec discussion

I need a solution

I’m starting to test deployment and patching for Office 2019.

Am I reading the microsoft docs correctly that Symantec will no longer be capable of patching because msi updates will no longer be pushed?

Enterprise customers who install the volumed license versions will need to decide to either allow updates via Microsoft CDNs, or manually make patches accessible on a share (to alleviate bandwidth concerns).  

More info here: https://docs.microsoft.com/en-us/deployoffice/office2019/update

I have seen Microsoft bork windows updates plenty in the last year or two, but office updates have been pretty stable.  Are Symantec customers allowing updates to happen via the CDN?  It’s usually our internal preference to test updates before they go out, but even if I download them and put them on the share, it seems like all machines would be getting updates at the same time without a way for me to scope updates to a test group of PCs.

Thoughts?  What are you planning to do in your environment (if you’re not moving to the cloud)?

Thanks!

0

Related:

  • No Related Posts

ECS Portal Web UI Questions – Browser support and accessibility

Hi All,

I have some questions about the ECS Portal Web UI:

1. Does ECS support the Microsoft Edge or Apple Safari web browsers?

From the release notes i see that it support Chrome, Firefox and Internet Explorer 11. Can’t see any others, so I thought to ask the wider community.

2. Can the ECS Web UI be accessed from a browser other devices like a tablet/smart phone without any loss of functionality?

Thanks,

Luke

Dell EMC ASE

Related:

  • No Related Posts

Receiver for Windows 4.11 | Error “Unable to connect to the server. error SSL Error 4”

Microsoft introduced new set of ciphers, in their update KB2919355, which is applicable to Windows 8.1 and Windows Server 2012 R2 operating systems.

The following cipher suites are enabled and in this priority order by default by the Microsoft Schannel Provider:

Cipher suite string Allowed by SCH_USE_STRONG_CRYPTO TLS/SSL Protocol Versions
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 Yes TLS 1.2
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 Yes TLS 1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 Yes TLS 1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 Yes TLS 1.2
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 Yes TLS 1.0, 1.1, 1.2
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 Yes TLS 1.0, 1.1, 1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 Yes TLS 1.0, 1.1, 1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 Yes TLS 1.0, 1.1, 1.2


Receiver for Windows 4.7, Receiver for Mac 12.5, Receiver for Android 3.12.2/3.12.3 and Receiver for Linux 13.6 introduce these ECDHE ciphers which trigger this defect.

• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 and

• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

Install KB2919355 on all Windows 8.1 client machines.

Related:

ShareFile Error “The folder structure that you tried to download is too deep to be supported by most operating systems….. your folders and files.”

The Microsoft Windows API defines the maximum file path limit as 260 characters for a fully specific path-and-filename. This includes the beginning of the directory to the file extension. While there are some exceptions to this limit, ShareFile typically enforces a file path limit on files upload or downloaded via our various apps and tools.

File Path errors refer to the length of the file path and file name rather than the size of the file. If you encounter this error when attempting to upload or download a file using one of our apps, you may need to navigate to a deeper folder within the structure you are trying to download. By downloading at a level of 1 or 2 folders deeper than the root folder, you may be able to still download the majority of your data without having to recreate the folder structure on your own computer.

Additionally, you may want to consider renaming lengthy file names that occupy the majority of the limit.

Related:

Microsoft October 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities

Patch Tuesday

Today is the October 2018 Patch Tuesday, which means a boatload of security updates are out for Microsoft products including Windows, Office, and Exchange Server. These updates fix known bugs and security vulnerabilities found within Microsoft’s products.

This article will cover the security updates released today as part of the October 2018 Patch Tuesday. These updates resolve 50 known vulnerabilities in Microsoft’s products, with 12 of them being labeled as critical.

For information about the non-security Windows updates, you can read about today’s Windows 10 KB4464330, KB4462919 and KB4462918 Cumulative Updates and the Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4462923 & KB4462926.

Critical Vulnerabilities fixed in the October 2018 Patch Tuesday updates

This Patch Tuesday fixes 12 Critical security vulnerabilities that when exploited could lead to code execution. These vulnerabilities are the most dangerous as if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.

CVE-2018-8473 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8460 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8489 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8490 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8491 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8494 – MS XML Remote Code Execution Vulnerability is a remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system.

CVE-2018-8500 – Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8505 – Chakra Scripting Engine Memory Corruption Vulnerabilityis a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8509 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8510 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8511 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8513 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

The October 2018 Patch Tuesday Security Updates

Below is the full list of vulnerabilities resolved by the October 2018 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Tag CVE ID CVE Title
Azure CVE-2018-8531 Azure IoT Device Client SDK Memory Corruption Vulnerability
Device Guard CVE-2018-8492 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8460 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2018-8491 Internet Explorer Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8473 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8512 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8530 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8509 Microsoft Edge Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2010-3190 MFC Insecure Library Loading Vulnerability
Microsoft Exchange Server CVE-2018-8448 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2018-8265 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8486 DirectX Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8484 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8453 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8472 Windows GDI Information Disclosure Vulnerability
Microsoft JET Database Engine CVE-2018-8423 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office ADV180026 Microsoft Office Defense in Depth Update
Microsoft Office CVE-2018-8501 Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8427 Microsoft Graphics Components Information Disclosure Vulnerability
Microsoft Office CVE-2018-8504 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8502 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8432 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2018-8498 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8480 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8488 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8518 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Scripting Engine CVE-2018-8511 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8500 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8505 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8503 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8510 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8513 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8411 NTFS Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8333 Microsoft Filter Manager Elevation Of Privilege Vulnerability
Microsoft Windows CVE-2018-8493 Windows TCP/IP Information Disclosure Vulnerability
Microsoft Windows CVE-2018-8506 Microsoft Windows Codecs Library Information Disclosure Vulnerability
Microsoft Windows DNS CVE-2018-8320 Windows DNS Security Feature Bypass Vulnerability
Microsoft XML Core Services CVE-2018-8494 MS XML Remote Code Execution Vulnerability
SQL Server CVE-2018-8527 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8532 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8533 SQL Server Management Studio Information Disclosure Vulnerability
Windows – Linux CVE-2018-8329 Linux On Windows Elevation Of Privilege Vulnerability
Windows Hyper-V CVE-2018-8489 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-8490 Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel CVE-2018-8330 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8497 Windows Kernel Elevation of Privilege Vulnerability
Windows Media Player CVE-2018-8482 Windows Media Player Information Disclosure Vulnerability
Windows Media Player CVE-2018-8481 Windows Media Player Information Disclosure Vulnerability
Windows Shell CVE-2018-8413 Windows Theme API Remote Code Execution Vulnerability
Windows Shell CVE-2018-8495 Windows Shell Remote Code Execution Vulnerability

Related:

7023377: Sequencing EXTRA! 9.x as a Virtual Application with Microsoft Application Virtualization 5.x

Before using the Microsoft Sequencer Package Configuration Wizard to sequence EXTRA! X-treme 9.5, document the sequencing requirements and steps by determining which EXTRA! X-treme components and features are to be installed, the location of installation files, and the location of any configured user data, such as session documents. Some EXTRA! application components may not be needed and it is recommended to install EXTRA! on a stand-alone PC to help identify and document the installation steps in advance.

If EXTRA! has any service packs or updates, ensure that the service pack installer file, *.MSP, is available for installation during the sequencing process. The EXTRA! Microsoft Office Tools have not been tested to work with Microsoft Office streamed as a virtual application.

Use the Custom Installation Wizard (CIW) to create customized installation packages. See https://support.microfocus.com/kb/doc.php?id=7021288. Also refer to the Preparing to Deploy EXTRA! X-treme – A System Administrator’s Guide as a resource, which is available from http://docs.attachmate.com/extra/x-treme/8.x/CentralManagementWalkthrough.pdf The following steps assume that an Administrative Installation has been performed per the system Administrator’s Guide.

Use the Application Virtualization Sequencer Wizard to start the sequencing process with EXTRA! X-treme 9.5:

1. Launch the Microsoft Application Virtualization Sequencer

2. Select “Create a New Virtual Application Package”

3. For the Packaging Method select “Create Package (default)”

4. Press Next

5. Resolve any issues shown on the Prepare Computer list

6. Press Next

7. For the Type of Application choose “Standard Application (default)”

8. Press Next

9. On the Select Installer dialog choose “Select the installer for the application”

Use the Browse button to find the EXTRA! X-treme SETUP.EXE program in the EXTRA! Administrative Installation location

10. Press Next

11. On the Package Name screen enter the Virtual Application Package Name of your choice, like ” EXTRA! X-treme 9.5″

Enter the Primary Virtual Application Directory (required) name:

For example: C:Program Files (x86)Micro FocusEXTRA!

12. Press Next

13. Wait for the Virtual Environment to load.

14. Select your install language, and then click OK.

15. In the Setup Wizard, click Next.

16. Accept the License Agreement, and then click Next.

17. Enter a User Name, Organization, and under “Install this application for,” select “Anyone who uses this computer (all users).” Click Next.

18. Specify a Destination Folder, and then click Next.

19. For User Data Location, select User Defined Directory, and then click Next.

20. On the User Data Destination Folder screen, click Browse. The Attachmate variable called USERID should be entered in the path string as shown below.

c:UsersUSERIDDocumentsMicro FocusEXTRA!

and click OK, and then click Next.

Note the following:

The USERID parameter needs to be all upper case. At EXTRA!’s runtime the USERID parameter will be resolved to the currently logged-in user.

The files located at

c:Program FilesMicro FocusEXTRA!macros | schemes | sessionsENU

or

c:Program Files (x86)Micro FocusEXTRA!macros | schemes | sessionsENU

will be copied to the user’s personal folders location the first time EXTRA! is run for that particular user.

21. Select Custom, and then click Next.

22. On the Custom Setup dialog, de-select any features not needed so that they will not install.

For example, de-select the following:

Application OptionsAPI Options

Application OptionsUtilities

UtilitiesKerberos Manager

UtilitiesKey Agent

23. Click Next.

24. Click the “Install” button.

25. When the Installation has completed successfully, click the Finish button.

26. If service packs or updates are to be installed to EXTRA! X-treme:

a. On the Installation dialog of the App-V sequencer, press the “Run” button

b. Select the appropriate *.MSP file(s) to install a service pack, update or patch.

27. When the update or patch is installed or if there is no further .MSP updates to install, continue on.

28. When the install is complete, check the box that says “I am finished installing”

29. Press Next

30. Wait while App-V collects the system changes and the Configure Software screen displays.

31. From the Configure Software screen, highlight the EXTRA! X-treme choice and click on “Run Selected” to launch the application.

(Do NOT click Run All.)

32. To create a new session document, select “Create a new session”.

Save the session file in the C:UsersPublicDocumentsMicro FocusEXTRA! folder to be available for all end-users.

33. Launch and then close any session document to create the App-V files that will be used for streaming.

If you launch the Reflection FTP client, or any session document, and a Sequencer error displays:

“The Sequencer could not stop the MSIServer service,” click OK and try again.

34. After all the applications and EXTRA! Host sessions have been run and closed, press Next.

35. Verify the data on the Installation Report screen and resolve any issues

36. Press Next.

37. On the Customize screen decide if further customization is needed.

For example: if restrictions are required concerning different operating systems this is the time to do it.

38. If no further customization is needed select “Stop now. Create a basic virtualization package (default).”

39. Press Next.

40. Select “Save the package now” and enter the Save Location for the package contents

41. Press Create.

By default the App-V package will be located on the desktop of App-V Sequencing PC.

42. After the package is created press Close to finish and exit the Application Virtualization Sequencer program.

43. Copy the completed sequenced App-V package files to the Distribution Point or Virtual Application Server.

Related:

  • No Related Posts

Windows 10 Redstone 5 (Insider Preview Builds) – Citrix Known Issues

Microsoft releases regular builds of the next version of Windows 10 through their Insider Preview Program. Citrix does not support Insider Preview builds as stated on CTX224843 – Windows 10 Compatibility with Citrix XenDesktop.

This article is intended to capture known issues with Windows 10 Redstone 5 (RS5) that have been identified so far through Citrix internal testing and customer reports for the benefit of customers who are conducting early testing in preparation for when the Semi-Annual Channel release of RS5 becomes available.

  • Citrix Virtual Delivery Agent (VDA) for Windows Desktop OS
  • Citrix Receiver for Windows
  • Citrix Provisioning Services (PVS)
  • Citrix Workspace Environment Management (WEM)
  • Citrix User Profile Management (UPM)

Note:

  • This is a live article and is updated as and when new information is available.
  • All the issues mentioned in this article have been noticed with RS5 builds up to 17763.


Known Issues

The following are the known issues:

Issue 1

Issue Description

When a user tries to launch a published desktop in full-screen mode using Smart card authentication through a NetScaler environment, the PIN prompt is not visible and just the progress indicator is seen. The connection times out and the launching desktop process closes.

[LC8579]

Problem Cause

Full-screen sessions hide the PIN prompt window. The Windows Security and UAC prompt are updated from Winform to XAML. This causes the PIN prompt window to lose focus and stay in the background.

Solution

This is a known issue with Citrix Receiver (https://docs.citrix.com/en-us/receiver/windows/current-release/about/known-issues.html).

  • Users on Current Release of Citrix Receiver are advised to upgrade to Citrix Receiver 4.12 or its replacement that contains the fix.
  • Users on the LTSR version(version 4.9) of Receiver are advised to upgrade to Citrix Receiver 4.9.3000 or its replacement that contains the fix.

Issue 2

Issue Description

The mouse cursor could appear smaller within a session when using display with high DPI/Resolution

[HDX-9959]

Problem Cause

Monochrome custom cursors created via CreateCursor() in a non-DPI aware application do not scale correctly with Windows 10 v1703 and later versions. Custom cursors created via CreateInconIndirect() in a non-DPI aware application do not scale correctly in all versions of Windows 10.

Solution

  • Users on Current Release of Citrix Receiver (version 4.8) are advised to upgrade to Citrix Receiver 4.11 or its replacement that avoids the cursor scaling issue.
  • Users on the LTSR version(version 4.9) of Receiver are advised to upgrade to Citrix Receiver 4.9.3000 or its replacement that avoids the cursor scaling issue.


Issue 3

Issue Description

The mouse cursor is distorted or may disappear at times when a published application or VDA is launched in full screen on multi-monitor setup with high DPI/Resolution.

[RFWIN-7040]

Problem Cause

Monochrome custom cursors created via CreateCursor() can be distorted on multi-monitor setups with mixed DPI in Windows 10.

Solution

  • Users on Current Release of Citrix Receiver (version 4.8) are advised to upgrade to Citrix Receiver 4.11 or its replacement that avoids the cursor scaling issue.
  • Users on the LTSR version(version 4.9) of Receiver are advised to upgrade to Citrix Receiver 4.9.3000 or its replacement that avoids the cursor scaling issue.


Issue 4

Issue Description

Users are unable to uninstall Desktop Lock if Windows 10 was upgraded to RS5 with Desktop Lock installed.

[TPV-744]

Problem Cause

During the upgrade,the key CtxBackupShell is getting removed under [HKLM -> SOFTWARE -> Microsoft -> Windows NT -> CurrentVersion -> Winlogon] . As a result, an error message “1: Read failed HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonCtxBackupShell=(32bit on 32bit)” is displayed.

Solution

This issue is resolved with Redstone 5 build 17763 and newer.

Issue 5

Issue Description

Pin prompt for Smart card authentication is not available to login into VDA session. User is prompted for “Username” and “Password” instead of Smart card PIN to login into VDA session.

[HDX-13195]

Problem Cause

Microsoft has changed the way Smart Card Service (SCardSvr) works in Windows 10 v1803 and later versions. The service will run only if a Smart Card reader is connected. As ICA sessions redirect the Smart Card, it finds the service not to be running and fails.

Solution

Microsoft has provided a mechanism to enable to enable Smart Card Service (SCardSvr) by adding a registry key. To add the registry key, follow below steps on the VDA:

Caution! Refer to the Disclaimer at the end of this article before making changes to Registry

  1. Right click on Start button and choose Run
  2. Type ‘Regedit’ and click Ok.
    • On x86 machine, browse to HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Cryptography -> Calais
    • On x64 machine, browse to HKEY_LOCAL_MACHINE -> Software -> WOW6432Node -> Microsoft -> Cryptography -> Calais
  3. Right click on Calais in left pane, choose New -> DWORD (32 bit) value.
  4. Enter the value as ‘AllowServiceAccessWithNoReaders’ and hit enter.
  5. Double click on ‘AllowServiceAccessWithNoReaders’ and enter the value as 1.
  6. Close Registry Editor and restart the machine.


Issue 6

Issue Description

Print command from inside an ICA session of Windows 10 RS5 client fails to print using mapped Citrix UPS configured XPS Printer.

[HDX-13664]

Problem Cause

XPS Viewer is not available on Windows 10 v1803 and later versions by default. It is available as a Feature on Demand.

Solution

To install XPS Viewer, follow the below steps:

  • Open Command Prompt in elevated mode
  • Run the command “Dism /online /add-capability /CapabilityName:XPS.Viewer~~~~0.0.1.0”

Note:

  • The machine should be connected to the Internet for above command to acquire and install XPS Viewer.


Issue 7

Issue Description

Some maximized applications in Local App Access(LAA) enabled desktop sessions cannot be minimized using the minimize button. (Example application: Notepad, CMD)

[LC8813]

Problem Cause

The issue is due to an incorrect function call getting triggered for LAA enabled desktops.

Solution

This issue is resolved in Citrix XenDesktop 7.18 and CU2 for XenDesktop 7.15.

Issue 8

Issue Description

Citrix Workspace Environment Management (WEM) Agent fails to work when Windows 10 is upgraded to Redstone 5.

[TPV-1184]

Problem Cause

The ‘Norskale’ key under [HKLM -> System -> CurrentControlSet -> Control] is removed during the upgrade to Redstone 5.

Solution

This issue is resolved with Redstone 5 build 17763 and newer.

Issue 9

Issue Description

Upgrade from Windows 10 v1803 to Redstone 5 fails if Citrix User Profile Manager (UPM) is installed.

[TPV-1431]

Problem Cause

The upgrade fails with an error message “error during MIGRATE_DATA operation”.

Solution

The Microsoft KB4343909 resolves this issue. Install KB4343909 OR its replacement prior to upgrade of Windows 10 RS5.

Issue 10

Issue Description

Citrix User Profile Manager (UPM) stops working after Windows 10 is upgraded to Redstone 5.

[TPV-1307]

Problem Cause

The upgrade process is removing some of the registry entries related to UPM.

Solution

Citrix is working with Microsoft to resolve this issue.

Workaround 1:

As a workaround, users are advised to reinstall UPM after upgrading to Redstone 5.

Workaround 2:

Add the registry keys manually that were removed during upgrade.

Caution!

  • Refer to the Disclaimer at the end of this article before making changes to Registry.
  • Below steps need to be performed by an administrator as it involves changing of permissions of Trusted Installer key of registry.

Part A – Setting permissions to Administrator group.

  1. Login to the VDA as domain administrator
  2. Right click on Start button and choose Run
  3. Type ‘Regedit’ and click Ok.
  4. Browse to HKEY_LOCAL_MACHINE -> System -> CurrentControlSet -> Control -> Winlogon -> Notifications
  5. Right click on Notifications and choose ‘Permissions…
  6. Click on Advanced and switch over to the Owners panel by clicking on the link Change next to ‘Owner:’.
  7. Enter Administrator under ‘Enter the Object name to select’ and click Ok.
  8. On the Advanced Security Settings window, check the box for ‘Replace owner on subcontainers and objects’.
  9. On the Permissions for Notifications window, grant Full permission to Administrators group.
Part B – Add the missing registry keys
  1. Browse to HKEY_LOCAL_MACHINE SYSTEM -> CurrentControlSet -> Control -> Winlogon -> Notifications -> Configurations -> Default -> Logon
  2. On the right pane, double click on Logon
  3. Add a comma separated value ‘UserProfileMan’ right after SessionEnv and click Ok. It should look similar to below:
User-added image
  1. Double click on Logoff
  2. Add a comma separated value ‘UserProfileMan’ right after Profiles and click Ok. It should look similar to below.
  3. Browse to HKEY_LOCAL_MACHINE SYSTEM -> CurrentControlSet -> Control -> Winlogon -> Notifications -> Components
  4. Right click on Components and choose New -> Key
  5. Name it ‘UserProfileMan’ and double click on it.
  6. Once under ‘UserProfileMan’, in the right pane, right click on empty space and choose New -> String Value
  7. Enter String name as Events and value as ‘Logon,Logoff‘ and click Ok.
  8. Right click on empty space and choose New -> String Value
  9. Enter String name as ServiceName and value as ctxProfile and click Ok.

Part C – Restore permissions to TrustedInstaller

  1. Browse to HKEY_LOCAL_MACHINE -> System -> CurrentControlSet -> Control -> Winlogon -> Notifications
  2. Right click on Notifications and choose ‘Permissions…
  3. Click on Advanced and switch over to the Owners panel by clicking on the link Change next to ‘Owner:’.
  4. Select Object Types and check all the boxes and click Ok.
  5. Select ‘Locations…’, then select Local Computer.
  6. Enter ‘NT ServiceTrustedInstaller’ under ‘Enter the Object name to select’ and click Ok.
  7. On the Permissions for Notifications window, uncheck Full permission to Administrators group.


Issue 11

Issue Description

Client Drives are not getting mapped within a Redstone 5 Build 17666 VDA.

[LCM-4255]

Solution

This issue is not seen with Redstone 5 build 17682.

Issue 12

Issue Description

Unable to open Internet Explorer, unable to install 3rd party browsers like Chrome after installing Citrix VDA on Redstone 5 Build 17666

[LCM-4254]

Solution

This issue is not seen with Redstone 5 build 17682.

Issue 13

Issue Description

UPS Printers are not getting mapped within a Redstone 5 Build 17661 VDA.

[LCM-4253]

Solution

This issue is not seen with Redstone 5 build 17682.

Issue 14

Issue Description

Upgrade to Redstone 5 build 17713 on x86 platform fails with error message “Modern Setup Host has stopped working”.

[TPV-1695]

Solution

This issue is not seen with Redstone 5 17723 build and newer.

Issue 15

Issue Description

Upgrade to Redstone 5 build 17744 fails and rolls back.

[TPV-1785]

Problem Cause

The upgrade process fails with error message “The installation failed in the SECOND_BOOT phase with an error during BOOT operation”.

Solution

This issue is not seen with builds 17754 and later.


Issue 16

Issue Description

WinSCard ‘AccessStartedEvent’ is not signalled when the Smart Card Service is running, with no Smart Card reader present. This may break explicit Smart Card authentication within an ICA Session.

Problem Cause

When the Microsoft Smart Card Service is running, calling the SCardListReaders API should return the SCARD_E_NO_READERS_AVAILABLE error.

Solution

This issue is fixed with builds 17754 and newer builds.

Issue 17

Issue Description

Smart Card is not detected during launch of Redstone 5 17751 VDA.

[TPV-1826]

Problem Cause

A message “Connect the Smart Card” is displayed though the Smart Card is connected to the end point.

Solution

This issue is fixed with builds 17754 and newer builds.


Issue 18

Issue Description

Mouse pointer is not visible within a RS5 HDX 3D pro session. All operations inside the session are to be performed by keyboard using shortcuts.

[LCM-4951]

Solution

Citrix is working with Microsoft to resolve this issue.


Issue 19

Issue Description

After HDX 3D Pro VDA is upgraded from Windows 10 v1803 to RS5, the policy “Use hardware encoding for video codec” is not in effect and Hardware Encoding is disabled. The Registry information related to BitMap Provider is also not as expected post upgrade.

[LCM-4955, LCM-4956]

Solution

Citrix is working with Microsoft to resolve this issue.

Workaround:

  • After upgrading to RS5, restart the VDA and run below commands:

C:Program FilesCitrixICAServiceNvFBCEnable.exe -enable

  • Make sure FBC is enabled by running

C:Program FilesCitrixICAServiceNvFBCEnable.exe -checkstatus


Note – If status is still shown as disabled, then Nvidia driver may need to be reinstalled. After reinstalling the driver, try to enable FBC again.

Related:

  • No Related Posts