Q&A with Jon Rolls of Quest Software #1

Jon Rolls talks to Virtual Strategy Magazine about why Quest bought ChangeBASE.

VSM: What is ChangeBASE and why did Quest acquire them?

JR: ChangeBASE is a UK-based company of just over 30 employees that creates and sells software for assessing and remediating compatibility problems with Windows applications on a range of platforms and deployment technologies. ChangeBASE gives you rapid assessment of whether the applications in your organization will work unmodified on Windows 7, on 64-bit Windows, on Terminal Server/ Session Virtualization, and with various application virtualization/streaming technologies. Once the assessment is complete, it offers to automatically remediate many common problems with a range of application installer fixes and automated packaging into application virtualization solutions. In addition, ChangeBASE can assess compatibility issues for Web applications when used with different Web browsers and versions of Internet Explorer.

With the impending end of support for Windows XP in April 2014, application compatibility has suddenly leapt into focus as organizations struggle with a vast sprawl of new and old applications, with no automated way to assess whether they will work on Windows 7 or any of the other application deployment options available. Quest Software (QSFT) is well-established as a leader in migration solutions for Windows customers with industry standard solutions for migrating Active Directory, Exchange, SharePoint, and more. The addition of ChangeBASE to the Quest portfolio now puts Quest squarely at the heart of Windows desktop migration, whether it’s Windows 7 or desktop/app virtualization in all its various forms. In addition to Quest’s other desktop management assets in the areas of user, desktop and virtualization management, the company  is building a significant presence in the world of User Workspace Management.

To read the full article, CLICK HERE.

Platform and Office News

Here's the second section of this month's industry newsletter.

Platform News

The experience of installing Windows 8 has been improved.

Windows 8 defrag has new options. 

Synaptics have unveiled a great-looking mouse driver for Windows 8.

Make your Windows 7 desktop more Autumnal with a theme.

Office News

Microsoft Office Starter 2010 is a free version of Word and Excel 2010. It also allows you to create a portable version which can be run off a USB drive.

Office 15 beta is rumoured to be out in January.

How to extract customisation information from an Office 2010 MSP.

Word was better than WordPerfect according to Bill Gates in Novell’s billion dollar lawsuit filed in 2004, currently going through the courts.

How Office may look in the future.

Packaging News

It's time for another snippet of industry news from Carl Bennett, Technical Specialist at ChangeBASE, now part of Quest Software.

A new tool from Microsoft, the Program Install and Uninstall Troubleshooting Tool, attempts to resolve MSI install issues.

Active Setup introduction on InstallShield blog.

A nice roundup of Program Compatibility Assistant’s features care of Chris Jackson.

All regsvr32 does is Load¬Library, Get¬Proc¬Address, and then calls the function. Why can’t you query if it was successful?

InstallShield 2012 SP1 is out.

More news on Symantec’s retirement of Wise. 

Examine the contents of MSU and CAB Microsoft Update installs.

Lessmsi, the tool for quickly extracting files from MSIs now has shell integration.

Microsoft Deployment Toolkit 2012 Beta 2 is available.

ChangeBASE's award-winning Browse-It solution

Earlier this year, ChangeBASE received the TechWorld Enterprise Application of the Year Award for AOK Browse-It, its automated website and web application compatibility testing tool. 

Here's a video of all the winners, including ChangeBASE's own Chief Technical Architect, Greg Lambert, speaking to Mike Simons, Editor at TechWorld. 

For more information on how our award-winning, automated testing tool can check your websites and web applications for compatibility with Internet Explorer 8 and 9, please visit the Browse-It product page.

Update your Parent's Browser Day!

In October, despite encouragement from Microsoft, 7.9% of the world were still using Internet Explorer 6. This has lead to a call to arms from Alexis Madrigal, Senior Editor at The Atlantic - "Do it for the web developers. Do it for the designers. Do it for your parents. On Friday, November 25, every old web browser must go."

With useful strategies to help cover up your involvement in the switch and avoid parental confrontation, Madrigal has it covered. Let's hope that the cause gets the momentum it deserves! 

This is the last of many strategies that have attempted to wean users off the out-dated browser, making it all the more important for organisations to ensure that their websites and web applications keep up with the pace of change. Adopting a later version of Internet Explorer is essential. As highlighted in a previous post, however, incompatibilities with IE8/9 may cause major presentation and operational issues, seriously impeding the experience of both users and employees. 


ChangeBASE's Browse-It solution, winner of the TechWorld Enterprise Application of the Year Award 2011 and now a part of Quest Software, takes the pain out of this process by automating the testing of websites, intranets, portals and web-based applications for compatibility with Internet Explorer 8 and 9. No more guessing where problems may lie and why, and no more potential customers being hindered by a bad user experience. 


For more information on ensuring the compatibility of your web applications, please visit the ChangeBASE Browse-It site or get in contact here.


Thanks for reading, and have a happy Update your Parent's Browser Day!

Automated fixing by Quest's ChangeBASE solution set

Compatibility analysis of an organisation's application estate is essential preparation for any migration project - you need to know exactly what will and won't work in order to keep your business fully functional.

Identification alone, however, is not enough. So an application has issues - what if replacing it or leaving it behind isn't an option? Manual remediation can be a costly and lengthy process, with the results wholly dependent on the quality and consistency of the skilled resource used. What if the sheer scale of the application estate means this will take months, maybe years? For many, this simply isn't feasible.

Automated remediation of many of the Windows 7 application compatibility issues is one of the central benefits provided by Quest's ChangeBASE solution set. On average, 95% of Amber issues found can be resolved automatically, leaving your skilled resource to focus its efforts on where it is really needed. What's more, as Quest's ChangeBASE solution set pinpoints every issue found, your team is directed straight to the problem armed with the information it requires to take rapid action.

A recent POC analysing 190 packages highlights just how much of a difference automated fixing can make to a project. Windows 7 Amber issues, as shown below, affect 69 packages, or around 36% of the total. 

According to the report, getting these Amber packages working on Windows 7 would require an effort level of 296, that is to say approximately 296 hours of manual work or almost 8 weeks full-time. And that's just for 190 packages. Fortunately, 97% of these Amber issues can be automatically remediated by ChangeBASE. It's no wonder that the organisation is question added Fix-It functionality to their project and are now reaping the cost and time saving benefits of automated remediation.

For more information on how Quest's ChangeBASE solution set can not only assess your estate, but ultimately make the process of getting applications working faster, simpler and less costly, please visit the Fix-It product page or get in contact at sales@changebase.com.

The ChangeBASE solution set is now a part of Microsoft StartNow

Calling all ChangeBASE partners!

Quest's ChangeBASE solution set can now be used to test a sample of your client’s applications for the application compatibility section of the Microsoft StartNow, POC Jumpstart and 10 week Production Pilot programs (the last of which which can be used to scope a client's estate of up to 2000 MSIs.)

The ChangeBASE solution automatically tests and remediates client applications for compatibility with Windows 7. In addition, partners delivering the various POC programs will be able to show customers how they could move forward with their IE, Office 2010 and App-V deployment and identify issues or considerations that they should keep in mind (such as how to plan application virtualization with the OS upgrade). 

Software will be provided to AOK Certified partners so that they can deliver the POC onsite.

Why Quest's ChangeBASE solution set?

• Get 95% of your clients applications working on Windows 7.
• Reduce the time and cost of migration to a new OS or target platform.
• Run over 220,000 application compatibility checks in minutes.
• Automatically the remediate majority of issues found in minutes.
• Guarantee the quality of packages as with AOK the packages are consistently of the same high quality.
• Reduce the risk by providing partners and clients with granular information about their application estate to make informed migration and application deployment decisions.

What do the StartNow, POC Jumpstart and Production Pilot programs offer you as a partner?

• Ability to use AOK to automate the scoping, testing and remediation of a client’s application estate.  
• Automated Windows 7, 64-bit, Server 2008, RDS, Office 2010, Application Virtualisation and Internet Explorer 8/9 compatibility assessment of a client’s estate saving you huge amounts of time, money and effort.  
• Automated fixing of a sample of these issues found, further adding to time, money and effort savings as well as differentiating yourself from the competition.
• Provision of a detailed RAG (red, amber, green) report for your client showing which applications may experience problems and which of these can be automatically remediated.
• Ability to show your clients that application or browser compatibility doesn’t have to be a blocker to the migration to Windows 7, therefore stimulating them to make the Windows 7 migration decision earlier and with more confidence.

For more information please visit the ChangeBASE Jumpstart page, or the Microsoft POC Jumpstart or Production Pilot pages.

To register your interest and generate your licence for the StartNow and POC Jumpstart programmes, please visit the ChangeBASE POC portal once you are AOK certified - if this is not yet the case, you can register for free CBT training here. 

For the 10 week Production Pilot programme please contact us to request your licence or for further information.

Virtual Platform of the Week – Microsoft App-V

This post sees Ben Cook complete his comparative application compatibility assessment of virtualisation technologies offered by the four major vendors, made possible by the automated testing functionality of Quest's ChangeBASE solution set. The results reveal how your application estate may react to each technology in very different ways, with significant impact on the success of your project.

Ben has tested the usual set of applications, ChangeBASE AOK 4.1, FileZilla 3.5.1, Google Chrome 14 and Lightroom 3.3 (x64), for compatibility with Microsoft App-V to see how they would behave and function in such an environment. As you can see, ChangeBASE has given all four the go ahead:

VReady-It confirmed the suitability of these applications by successfully converting them into the required virtual format in minutes.

This ChangeBASE blog series has highlighted the difference between the range of virtualisation technologies on offer, and in turn the need to understand how the decision you make will impact your business. Choosing to virtualise is not enough - the benefits of virtualisation may mean little to an organisation who has had to dramatically increase resource budget in order diagnose and fix application problems, or to leave business-critical applications behind due to incompatibility.


Even in the limited scope of the assessments made in this blog series, we have seen application suitability range from 100% to 50%. In the case of our chosen applications, although this is of course not representative of other samples or estates, App-V was identified as most suitable. There are of course other factors to consider, but application compatibility must be assessed in order to ensure a successful migration project.


This is where Quest's ChangeBASE solution set comes in, allowing you to automatically assess the suitability of your application estate with all major virtualisation technologies before choosing which one or combination of these is best suited, and to get your applications converted into the chosen virtual format faster. Please visit the Virtualise-It and VReady-It product pages for more information, or get in contact here.

Thanks for reading!

Application Estate Assessment - Windows 7 and 64-bit

Over the past few weeks, the Professional Services team has been assisting one of our latest clients to conduct a preliminary Windows 7 and 64-bit compatibility assessment of 190 packages. I'd like to share the results with you so that you can see how the automation offered by Quest's ChangeBASE solution set makes getting your application estate working in a new environment simpler, faster and less costly.

As you can see, an overwhelming majority of the packages tested have been identified as Green, meaning that no compatibility issues have been flagged by Quest's ChangeBASE solution set. These can be passed on for UAT and deployment on the new platform. 

The Windows 7 analysis has identified 35% of the packages as Amber, meaning that the compatibility issues they contain can be remediated. Such issues have been picked up by the following checks, which make up just a small number of the 250,000+ that are included in the ChangeBASE solution set:

• Custom Action Security Scan (v3.15) 
• Elevated Privileges Detection (v1.04)
• Hard Coded File References Scan (v3.42) 
• Install Logic Scan (v1.12) 
• Legacy Control Panel Applet Scan (v3.17)
• Legacy Help File Scan (v3.25)
• UAC File Header Analysis (v1.06) 

Automated fixing is available for the vast majority of these issues, so your organisation's skilled resource can focus on where it is needed most and leave the more trivial tasks to ChangeBASE.

1% of those packages tested against Windows 7 checks and 8% of those checked against Windows 7 64-bit checks have been flagged as Red, which indicates a more substantial issue that can not be fixed. Had these applications been deployed on the target platform, it is likely that they would not have functioned correctly, if at all, posing a huge risk to the organisation. The inclusion of non-supported drivers and 16-bit files, among other faults, are a key cause for concern for this particular client.

For more information, please visit the ChangeBASE website.

November 8th Patch Tuesday Report by ChangeBASE

Application Compatibility Update

By: Greg Lambert

Executive Summary

With this November Microsoft Patch Tuesday update, we see again a relatively small set of updates. In total there are 4 Microsoft Security Updates; 1 with the rating of Critical, 2 with the rating of Important, and 1 with the rating of Moderate. This is a small update from Microsoft and the potential impact for the updates is likely to be minor.

As part of the Patch Tuesday Security Update analysis performed by the ChangeBASE AOK team, we have seen little cause for potential compatibility issues.

Given the nature of the changes and updates included in each of these patches, most systems will require a reboot to successfully implement any and all of the patches and updates released in this November Patch Tuesday release cycle.

Sample Results

 Here is a sample of the results for one application and a summary of the Patch Tuesday results for one of our AOK Sample databases:

 MS10-028: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution.

 

And here is a sample AOK Summary report for a sample database where the AOK Patch Impact team has run the latest Microsoft Updates against a small application portfolio:

 

A RED issue is generally one that pertains to how the code or actual program works. In this case we will flag as Red issues where a package tries to use objects or functions that have been deprecated from the OS or where their use has been restricted. In this case there are no changes that a packager (or AOK Workbench) can make to the install routine to fix the problem. The problem needs to be dealt with at the program code level by the programmer that wrote it or by providing a more up to date driver. However it is reasonably straightforward once a programmer has the information provided by AOK Workbench to make these changes. For vendor MSIs an upgrade may be required.

An AMBER issue is one that pertains to the installation routine. A packager can change things in the installation routine and so can AOK Workbench. Anywhere an issue is found and a change can be made to the installation routine to get rid of it we will flag it as amber. AOK Workbench fixes almost all of the issues it flags as amber. For the few issues that require a decision to be made, a packager can manually  remediate these using the issue data provided by AOK Workbench.

Applications flagged as GREEN have no issues identified against them.

Testing Summary

 

MS11-083	Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
MS11-084	Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657)
MS11-085	Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
MS11-086	Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837)

Security Update Detailed Summary

*All results are based on a ChangeBASE Application Compatibility Lab’s test portfolio of over 1,000 applications.

MS11-083	Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
Description	This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system.
Payload	Tcpipreg.sys, Tcpip.sys
Impact	Critical - Remote Code Execution

MS11-084	Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657)
Description	This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment. In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an e-mail message or Instant Messenger message.
Payload	Win32k.sys
Impact	Moderate - Denial of Service

MS11-085	Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
Description	This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application.
Payload	Wab32.dll, Wab32res.dll, Wabimp.dll
Impact	Important - Remote Code Execution

MS11-086	Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837)
Description	This security update resolves a privately reported vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). The vulnerability could allow elevation of privilege if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain. By default, Active Directory is not configured to use LDAP over SSL.
Payload	Adamdsa.dll
Impact	Important - Elevation of Privilege