Thursday 23 February 2012

Guest Blog from Greg Lambert: The Internationalization of Quest ChangeBASE

Here's a sneaky peak at what's happening on Greg Lambert's Application Compatibility Blog.

Check out more from Greg - http://aokcompat.blogspot.com

The Internationalization of Quest ChangeBASE

  • Spanish
  • French
  • German
  • Italian
  • Russian
  • Portuguese
You can now  find the ChangeBASE application compatibility product descriptions in your language of choice at the following locations;


This should really help out those working with ChangeBASE in Latin America and in Europe.  And when I am in Berlin next, I think it will be really helpful for me to be able to say ;
"Schnelle, automatische Anwendungsbereitschaft für Microsoft Windows und Office, virtualisierte Desktop- und applikationsbezogene Umgebungen und neue Browser-Versionen" 
And since you may not speak any of the above languages (I wish I could speak Italian), we have a new video available from Quest. This is similar to the previous animated series and does a great job explaining vWorkspace.

You can view the Quest vWorkspace video  here:

Wednesday 15 February 2012

Microsoft Patch Tuesday - February 14, 2012

Application Compatibility Update with Quest ChangeBASE

Executive Summary
With this February Microsoft Patch Tuesday update, we see a set of 9 updates; 4 with the rating of Critical and 5 with the rating of Important. This is a moderately large update from Microsoft, with one notably large payload (MS12-011); however the potential compatibility impact for these updates is likely to be low.

As part of the Patch Tuesday Security Update analysis performed by the ChangeBASE team, we have seen a small number of potential compatibility issues caused by updates MS12-011, MS12-013 and MS12-015. All identified issues are designated at Amber issues by Quest ChangeBASE, as they would be relatively straight forward to fix with no serious compatibility impact.

Given the nature of the changes and updates included in each of these patches, most systems will require a reboot to successfully implement any and all of the patches and updates released in this February Patch Tuesday release cycle.

Sample Results

Here is a sample of the results for an application tested for compatibility with these updates:

MS12-01 Vulnerability in C Run-Time Library Could Allow Remote Code Execution


And here is a sample Summary report for a sample database where the Quest ChangeBASE Patch Impact team has run the latest Microsoft Updates against a small application portfolio:


Quest ChangeBASE RAG Report Summary

Security Update Detailed Summary


MS12-008
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
Description
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally. An attacker would have no way to force users to visit a malicious website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website.
Payload
Win32k.sys, Updspapi.dll, W32ksign.dll
Impact
Critical - Remote Code Execution


MS12-009
Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
Description
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities.
Payload
Afd.sys, Updspapi.dll
Impact
Important - Elevation of Privilege


MS12-010
Cumulative Security Update for Internet Explorer (2647516)
Description
This security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
No specific files
Impact
Critical - Remote Code Execution


MS12-011
Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
Description
This security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. These vulnerabilities could allow elevation of privilege or information disclosure if a user clicked a specially crafted URL.
Payload
Audits.asx, Auditsettings.ascx, Dispform.asx_multilang, Dispform.asx_xlatelist, Dlc.workflow.routing.dll, Dlc.workflow.tasks.dll, Dlc.workflow.tasks.dll2, Dlcworkflowactionsvs_dll, Dlcworkflowactions_dll, Editdlg.htm_multilang, Editform.asx_multilang, Editform.asx_xlatelist, Featurestapling.xml, Microsoft.office.documentmanagement.dll, Microsoft.office.documentmanagement.dll_isapi, Microsoft.office.documentmanagement.pages.dll, Microsoft.office.policy.dll, Microsoft.office.policy.dll_isapi, Microsoft.office.policy.pages.dll, Microsoft.office.workflow.feature.dll, Microsoft.office.workflow.pages.dll, Microsoft.office.workflowsoap.dll, Mopap.dll, Newform.asx_xlatelist, Schema.xml_multilang, Schema_records, Upload.asx_multilang, Acsacnt.apx, Acscntrl.acx, Addbestbet1.aspx, Addcs.apx, Addentity1.aspx, Addfeaturedcontent1.aspx, Addfedl.apx, Addkeyword1.aspx, Addmanagedproperty1.aspx, Addrankpromotion1.aspx, Addshr.apx, Addsnm.apx, Addspellcheck1.aspx, Addtype.apx, Addusercontext1.aspx, Admcmds.xml, Adminlistcontrol1.ascx, Admin_sitemap_pub.xml, Admmap.apx, Adsearch.aspx, Advanced_aspx, Advsfast_aspx, Advsrch_aspx, Aform1.apx, Ajaxtkit.js, Aslibalt.xml, Aslibft.xml, Assetpck.xsl, Astptlbr_asx, Bb.apx, Bdcph.dll, Bestbetorder1.aspx, Blckvert.mst, Blglsbnd.mst, Blkband.mst, Blksingl.mst, Blueband.mst, Bluetabs.mst, Bluevert.mst, Busdatar.dll, Categ.apx, Centraladminpopupselector1.aspx, Cformsec.acx, Client.config, Clientx.dll, Clientxr.dll, Cmscrntl.rsx, Cms_tenantadmindeploymentlinksfeature_feature_xml, Connfxom.dll, Connfxom.dll_0001, Connfxph.dll, Contextualkeywordmanagement1.aspx, Convfeat.xml, Cpyfedl.apx, Crawledcategories1.aspx, Crawledproperties1.aspx, Credentialfieldsettingssection.ascx, Crprop.apx, Default_aspx, Deffast_aspx, Depfeat.xml, Dispfast_aspx, Docxpageconverter.exe, Ecrcntrl.acx, Editcategory1.aspx, Editcrawledproperty1.aspx, Editcs.apx, Editdlg.htm_ldoclib, Editdlg.htm_pubfeap, Editdlg.htm_pubresfeat, Editfast_aspx, Editrule.apx, Editsch.apx, Edtfedl.apx, Edtrelst.apx, Emconfig.xml, Enfet.xml, Enhsrch.apx, Enlayfet.xml, Enthmft.xml, Enthmpst.asx, Entityexcludelist1.aspx, Entityincludelist1.aspx, Entitymanagement1.aspx, Escntrl.acx, Eupref.apx, Ewsmodel.xml, Expfedl.apx, Explrank.apx, Extendedsearchadministration.aspx, Extendedsearchadminlinks.xml, Fast.search.admin.compileddictionary.client.config, Fast.search.admin.contentcollection.client.config, Fast.search.admin.deleteditem.client.config, Fast.search.admin.deployment.client.config, Fast.search.admin.keyword.client.config, Fast.search.admin.linguisticmanager.client.config, Fast.search.admin.persisteddictionary.client.config, Fast.search.admin.schema.client.config, Fast.search.admin.spellchecker.client.config, Fast.search.admin.termentityextractor.client.config, Fast.search.query.client.config, Fastcentraladminhelpcollection, Fastenduserhelpcollection, Feapsite.xml, Frmadmin.apx, Fs.admin.dll, Fs.admin.dll.isapi, Fsfrmact.xml, Glsband.mst, Hauto1.apx, Hauto2.apx, Hauto3.apx, Hedit1.apx, Hmng1.apx, Ibonet.xml, Ibptem.xml, Impfedl.apx, Keyworddetails1.aspx, Kword.apx, Laymap.apx, Laymapes1.apx, Layouts_sitemap_pub.xml, Lcscntrl.acx, Lobigen.dll, Lobitooi.dll, Lobitool.dll, Logcss.apx, Logerr.apx, Loghst.apx, Logsmry.apx, Logvwr.apx, Lstcat.apx, Lstcct.apx, Lstcs.apx, Lstdspgp.apx, Lstkw.apx, Lstmnp.apx, Lstsnm.apx, Managedpropertymanagement1.aspx, Managesssvcapplication.aspx, Masttpl.mas, Mchrule.apx, Mchrule1.apx, Mcrcntrl.acx, Mediaplayer.xap, Microsoft.office.server.chart.dll, Microsoft.office.server.chart_gac.dll, Microsoft.office.server.userprofiles.proxy.dll, Microsoft.sharepoint.publishing.dll_isapi, Microsoft.sharepoint.taxonomy.dll, Microsoft.sharepoint.taxonomy.dll_gac, Microsoft_office_securestoreservice.dll, Mngfedl.apx, Mngrules.apx, Mngshr.apx, Mngtypes.apx, Mobileresults_spx, Mobilesearch_spx, Mprop.apx, Msdym7.dll_osssearch, Msdym7.lex_osssearch, Msscpi.dll, Mssdmn.exe, Mssearch.exe, Msslad.dll, Mssph.dll, Mssrch.dll, Msswelcm.apx, Mstr4tsc.dll, Mswb7.dll_osssearch, Mswb70011.dll_osssearch, Mswb7001e.dll_osssearch, Mswb70404.dll_osssearch, Mswb70804.dll_osssearch, Natlang6.dll_osssearch, Natlangnlsd0000.dll_osssearch, Natlangnlsd0002.dll_osssearch, Natlangnlsd0003.dll_osssearch, Natlangnlsd0009.dll_osssearch, Natlangnlsd000a.dll_osssearch, Natlangnlsd000c.dll_osssearch, Natlangnlsd000d.dll_osssearch, Natlangnlsd000f.dll_osssearch, Natlangnlsd0010.dll_osssearch, Natlangnlsd0018.dll_osssearch, Natlangnlsd001a.dll_osssearch, Natlangnlsd001b.dll_osssearch, Natlangnlsd001d.dll_osssearch, Natlangnlsd0020.dll_osssearch, Natlangnlsd0021.dll_osssearch, Natlangnlsd0022.dll_osssearch, Natlangnlsd0024.dll_osssearch, Natlangnlsd0026.dll_osssearch, Natlangnlsd0027.dll_osssearch, Natlangnlsd002a.dll_osssearch, Natlangnlsd0039.dll_osssearch, Natlangnlsd003e.dll_osssearch, Natlangnlsd0045.dll_osssearch, Natlangnlsd0046.dll_osssearch, Natlangnlsd0047.dll_osssearch, Natlangnlsd0049.dll_osssearch, Natlangnlsd004a.dll_osssearch, Natlangnlsd004b.dll_osssearch, Natlangnlsd004c.dll_osssearch, Natlangnlsd004e.dll_osssearch, Natlangnlsd0414.dll_osssearch, Natlangnlsd0416.dll_osssearch, Natlangnlsd0816.dll_osssearch, Natlangnlsd081a.dll_osssearch, Natlangnlsd0c1a.dll_osssearch, Natlangnlsg0009.dll_osssearch, Natlangnlsl0002.dll_osssearch, Natlangnlsl0003.dll_osssearch, Natlangnlsl0009.dll_osssearch, Natlangnlsl000a.dll_osssearch, Natlangnlsl000c.dll_osssearch, Natlangnlsl000d.dll_osssearch, Natlangnlsl000f.dll_osssearch, Natlangnlsl0010.dll_osssearch, Natlangnlsl0018.dll_osssearch, Natlangnlsl001a.dll_osssearch, Natlangnlsl001b.dll_osssearch, Natlangnlsl001d.dll_osssearch, Natlangnlsl0020.dll_osssearch, Natlangnlsl0021.dll_osssearch, Natlangnlsl0022.dll_osssearch, Natlangnlsl0024.dll_osssearch, Natlangnlsl0026.dll_osssearch, Natlangnlsl0027.dll_osssearch, Natlangnlsl002a.dll_osssearch, Natlangnlsl0039.dll_osssearch, Natlangnlsl003e.dll_osssearch, Natlangnlsl0045.dll_osssearch, Natlangnlsl0046.dll_osssearch, Natlangnlsl0047.dll_osssearch, Natlangnlsl0049.dll_osssearch, Natlangnlsl004a.dll_osssearch, Natlangnlsl004b.dll_osssearch, Natlangnlsl004c.dll_osssearch, Natlangnlsl004e.dll_osssearch, Natlangnlsl0414.dll_osssearch, Natlangnlsl0416.dll_osssearch, Natlangnlsl0816.dll_osssearch, Natlangnlsl081a.dll_osssearch, Natlangnlsl0c1a.dll_osssearch, Newffast_aspx, Nightandday.mst, Nl7data0011.dll_osssearch, Nl7data001e.dll_osssearch, Nl7data0404.dll_osssearch, Nl7data0804.dll_osssearch, Nl7lexicons0011.dll_osssearch, Nl7lexicons001e.dll_osssearch, Nl7lexicons0404.dll_osssearch, Nl7lexicons0804.dll_osssearch, Nl7models0011.dll_osssearch, Nl7models001e.dll_osssearch, Nl7models0404.dll_osssearch, Nl7models0804.dll_osssearch, Notesmodel.xml, Notesservice.svc, Notessiset.apx, Noteswebservice.dll.oss, Onet.xml, Orgsingl.mst, Oss.basic.feature.xml, Oss.basic.searcharea.xml, Oss.cntrl.adminlinks.xml, Oss.cntrl.feature.xml, Oss.cswp.sts_dwp, Oss.dwpadvancedsearchbox_dwp, Oss.dwpcoreresults_dwp, Oss.dwpdualchinesesearch_dwp, Oss.dwphighconfidence_dwp, Oss.dwppeoplecoreresults_dwp, Oss.dwpsearchbox_dwp, Oss.dwpsearchpaging_dwp, Oss.dwpsearchstats_dwp, Oss.dwpsearchsummary_dwp, Oss.enhanced.adminlinks.xml, Oss.enhanced.feature.xml, Oss.enhanced.mobilesearch.xml, Oss.enhanced.searcharea.xml, Oss.farm1.sys_dwp, Oss.farmsa.lst_dwp, Oss.health.crawlprocessingperactivity.aspx, Oss.health.crawlprocessingpercomponent.aspx, Oss.health.crawlqueue.aspx, Oss.health.crawlratepercontentsource.aspx, Oss.health.crawlratepertype.aspx, Oss.health.feature.xml, Oss.health.querylatency.aspx, Oss.health.querylatencytrend.aspx, Oss.health.reports.xml, Oss.health.sharepointbackendquerylatency.aspx, Oss.healthpushdown.feature.xml, Oss.intl.dll, Oss.peoplerefinement_dwp, Oss.portal.feature.xml, Oss.powershell.searchcmdlets.xml, Oss.querysuggestions_dwp, Oss.refinement_dwp, Oss.sa1.sys_dwp, Oss.search.admin.client.config, Oss.search.admin.web.config, Oss.search.admin.web.svc, Oss.search.powershell.format.xml, Oss.search.powershell.help_ntrl.xml, Oss.search.powershell.types.xml, Oss.search.webservice.client.config, Oss.search.webservice.svc, Oss.search.webservice.web.config, Oss.searchactionlinks_dwp, Oss.searchbestbets_dwp, Oss.searchresults_aspx, Oss.searchserverwizard.feature.xml, Oss.shcuts.sys_dwp, Oss.srch.12.rsx, Oss.srch.rsx, Oss.srchadm.rsx, Oss.srchcenurlsite.ftr.xml, Oss.srchconnectorgenerator_aspx, Oss.srchrssgen_xsl, Oss.srchrss_aspx, Oss.stplg1_dwp, Oss.summaryresults_dwp, Oss.swpf.advancedsearchbox_dwp, Oss.swpf.coreresults_dwp, Oss.swpf.dualchinese_search_dwp, Oss.swpf.highconfidence_dwp, Oss.swpf.peoplecoreresults_dwp, Oss.swpf.peoplerefinement_dwp, Oss.swpf.querysuggestions_dwp, Oss.swpf.refinement_dwp, Oss.swpf.searchactionlinks_dwp, Oss.swpf.searchbestbets_dwp, Oss.swpf.searchbox_dwp, Oss.swpf.searchpaging_dwp, Oss.swpf.searchstats_dwp, Oss.swpf.searchsummary_dwp, Oss.swpf.summaryresults_dwp, Oss.swpf.topanswer_dwp, Oss.tcscsearchresults_aspx, Oss.topanswer_dwp, Oss.upgrade.config.xml, Oss.webconfig.spss.xml, Oss12plc.config, Oss12plc.dll, Pblyfeat.xml, Pblyprovui.xml, Pefeat.xml, People_aspx, Pepfast_aspx, Pepresults_aspx, Peprfast_aspx, Pkmexsph.dll_0001, Plnfeat.xml, Plnkfeat.xml, Pnfeat.xml, Popupselector1.aspx, Portal.dll, Portal.dll_001, Portal.js, Ppldefault_aspx, Pplresults_aspx, Pplsearchres.aspx, Premstpl.xml, Prm0001.bin_osssearch, Prm0005.bin_osssearch, Prm0006.bin_osssearch, Prm0007.bin_osssearch, Prm0008.bin_osssearch, Prm0009.bin_osssearch, Prm000b.bin_osssearch, Prm000e.bin_osssearch, Prm0013.bin_osssearch, Prm0015.bin_osssearch, Prm0019.bin_osssearch, Prm001f.bin_osssearch, Pubfeat.xml, Pubonet.xml, Pubprft.xml, Pubrfeat.xml, Pubtfeat.xml, Query9x.dll_0001, Quickacc.xml, Rankpromotionmanagement1.aspx, Ratings.js, Reportcenterdoclibeditdlg_htm, Reportcenterdoclibschema_xml, Reportcenterdoclibupload_aspx, Resfast_aspx, Resrem.apx, Results_aspx, Rleditdlg.htm, Rlschma.xml, Rlupload.aspx, Scfeatr.xml, Scfonet_xml, Scftabslistschema_xml, Schema.xml_ldoclib, Schema.xml_pubfeap, Schma.xml, Schreset.apx, Sclonet_xml, Scltabslistdispform_aspx, Scltabslisteditform_aspx, Scltabslistnewform_aspx, Scltabslistschema_xml, Scope.apx, Scope1.apx, Scpdspgp.apx, Scriptforwebtaggingui.js, Sctabslistdispform_aspx, Sctabslisteditform_aspx, Sctabslistnewform_aspx, Sctabslistschema_xml, Scwedadm.apx, Scweddbs.apx, Scwedisv.apx, Scwedqsv.apx, Scwfinsh.apx, Scwtpcfg.apx, Sdefault_aspx, Search.admin.fdprov.xml, Search.admin.saprov.xml, Search.admin.web.parts.dwpfiles.xml, Search.admin.web.parts.feature.xml, Search.js, Search.web.parts.dwpfiles.xml, Search.web.parts.feature.xml, Searchextensionsfeature, Searchextensionswebpartdescription, Searchextensionswebparts, Searchmain.aspx, Searchom.dll, Searchom.dll_0001, Searchres.aspx, Selcrpr.apx, Selmpr.apx, Sharepointpub.dll, Sharepointpub_gac.dll, Showfulltextindexmapping1.aspx, Siteactn.xml, Sitesv3siteslistdispform_aspx, Sitesv3siteslisteditform_aspx, Sitesv3siteslistnewform_aspx, Sitesv3siteslistschema_xml, Sitesv3tabslistdispform_aspx, Sitesv3tabslisteditform_aspx, Sitesv3tabslistnewform_aspx, Sitesv3tabslistschema_xml, Sm.asx, Sp.publishing.resources.rsx, Sp.ui.rte.publishing.debug.js, Sp.ui.rte.publishing.js, Spdisco.aspx, Spellcheckmanagement1.aspx, Sppubint.dll, Sppubint_gac.dll, Spscrntl.rsx, Spsintl.dll, Srcadmin.apx, Srchcenhlp.xml, Srchcenurl.xml, Srcheml.apx, Srchout.apx, Srchprx.apx, Srchssl.apx, Sresults_aspx, Tamanagesssvcapp.aspx, Targetappgeneralsettingssection.ascx, Taxonomy.sql, Taxupdateprocs.sql, Tpcfgfh.apx, Tplapset.apx, Tquery.dll, Treecontrol.js, Updsched1.apx, Upgrade.dll_001, Upload.aspx_ldoclib, Upload.aspx_pubfeap, Upload.aspx_pubresfeat, Urlselector.aspx, Usercontextmanagement1.aspx, V2vpblyfeat.xml, Vwfrmlk.xml, Vwscope1.apx, Vwscopes.apx, Vwscpse1.apx, Vwscpset.apx, Wacproxy.ashx, Web.config, Webconfig.extended.search.xml, Wizardlist.aspx_2060739507, Editdlg.htm_dcl, Microsoft.office.server.dll, Microsoft.office.server.dll_isapi, Microsoft.office.server.filtercontrols.dll, Microsoft.office.server.native.dll, Microsoft.office.server.openxml.dll, Microsoft.resourcemanagement.dll, Office.odf, Offxml.dll, Osafehtm.dll, Osrvintl.dll, Schema.xml_dcl, Sspadmin.mas, Svrsetup.dll, Svrsetup.exe, Upload.aspx_dcl, Accountjoiner.dll, Activityinformation.sql, Adgalmaattributeinclusionlis, Adgalmadata.xml, Adgalmamandatoryattributelis, Adgalmamandatoryobjectclassl, Adgalmaobjectclassinclusionl, Adgalmvdata.xml, Admaattributeinclusionlist.x, Admamandatoryattributelist.x, Admamandatoryobjectclasslist, Admaobjectclassinclusionlist, Admapropertypages.dll, Aduisettinginit.xml, Antixsslibrary.dll, Assemblyinfo.cs, Assemblyinfo.vb, Assemblyinfo.vb.galsync, Assemblyinfo.vb.logging, Atl90.dll.21022.08.vc90_atl_x64.rtm, Build.xml, Certmgr.exe, Common.microsoft.identitymanagement.logging.dll, Common.microsoft.resourcemanagement.automation.dll, Common.microsoft.resourcemanagement.automation.dllhelp.xml, Common.microsoft.resourcemanagement.dll, Configdb.dll, Constants.sql, Constantspecifiers.sql, Containerpicker.dll, Crt.manifest, Cscdextensioncallbasedscript, Cscdextensionfilebasedscript, Csexport.exe, Csmaobjectscript.xml, Csmvobjectscript.xml, Cspasswordextensionscript.xm, Cssearch.dll, Databasesettings.sql, Dbmapropertypages.dll, Dbuisettinginit.xml, Dropsqlpersistenceproviderlogic.sql, Dropsqlpersistenceproviderschema.sql, Drop_procs.sql, Edirectoryma.dll, Edirectorymaattributeinclusi, Edirectorymamandatoryattribu, Edirectorymamandatoryobjectc, Edirectorymaobjectclassinclu, Edirectoryuisettinginit.xml, Editconnectionfilters.aspx, Editdsserver.aspx, Editlink.aspx, Editproperty.aspx, Enableservicebroker_storedprocedure.sql, Exch2007extension.dll, Exch2010extension.dll, Exchangema.dll, Exchangemaattributeinclusion, Exchangemamandatoryattribute, Exchangemamandatoryobjectcla, Exchangemaobjectclassinclusi, Exchangeuisettinginit.xml, Filemauiconfig.xml, Fimmaattributeinclusionlist.xml, Fimmadata.xml, Fimmamandatoryattributelist.xml, Fimmamandatoryobjectclasslist.xml, Fimmaobjectclassinclusionlist.xml, Fimmapropertypages.dll, Fimmvdata.xml, Functionlibrary.dll, Galma.vb, Galmv.vb, Galsync.dll, Galsync.sln, Galsync.vbproj, Galutil.vb, Genericsolutionfile.xml, Globaloptions.dll, Grouplistview.dll, Helpurl.xml, Ibmdsmaattributeinclusionlis, Ibmdsmamandatoryattributelis, Ibmdsmamandatoryobjectclassl, Ibmdsmaobjectclassinclusionl, Ibmdsmapropertypages.dll, Ibmdsuisettinginit.xml, Importhelperconfig.xml, Iplanetmapropertypages.dll, Ipmaattributeinclusionlist.x, Ipmamandatoryattributelist.x, Ipmamandatoryobjectclasslist, Ipmaobjectclassinclusionlist, Ipuisettinginit.xml, Lnmaattributeinclusionlist.x, Lnmamandatoryattributelist.x, Lnmamandatoryobjectclasslist, Lnmaobjectclassinclusionlist, Lnschema.dsml, Lnuisettinginit.xml, Logging.dll, Logging.sln, Logging.vb, Logging.vbproj, Logging.xml, Maconfig.dll, Maconfig.dll_help.xml, Maexecution.dll, Maexport.exe, Mahostm.dll, Mahostn.dll, Makecert.exe, Managelinks.aspx, Managementpolicyrule.sql, Managesocialitems.aspx, Manifest.21022.08.vc90_atl_x64.rtm, Mapackager.exe, Mapropertypages.dll, Mcrypt.dll, Membership.sql, Mgrperms.aspx, Mgrpolicy.aspx, Microsoft.identitymanagement.externalsettingsmanager.dll, Microsoft.identitymanagement.findprivatekey.exe, Microsoft.identitymanagement.settingscontract.dll, Microsoft.identitymanagement.setuputils.dll, Microsoft.identitymanagement.sqm.dll, Microsoft.logging.dll, Microsoft.metadirectoryservices, Microsoft.metadirectoryservicesex.dll, Microsoft.office.server.userprofiles.activedirectorymaextension.dll, Microsoft.office.server.userprofiles.dll, Microsoft.office.server.userprofiles.dll_isapi, Microsoft.office.server.userprofiles.ldapmaextension.dll, Microsoft.office.server.userprofiles.managementagent.dll, Microsoft.office.server.userprofiles.metaverseextension.dll, Microsoft.office.server.userprofiles.synchronization.dll, Microsoft.resman.dll, Microsoft.resman.service.exe, Microsoft.resourcemanagement.service.exe.config, Microsoft.resourcemanagement.service.exe.ilminstall, Microsoft.resourcemanagement.service.exe.mossinstall, Microsoft.resourcemanagement.serviceconfiguration.preparationutility.exe, Microsoft.resourcemanagement.serviceconfiguration.utility.exe, Miisactivate.exe, Miisclient.exe, Miisclient.exe.config, Miiserver.exe, Miiserver.exe.config, Miiskmu.exe, Miisrcw.dll, Mms.chm, Mmscntrl.dll, Mmsevent.dll, Mmsmaad.dll, Mmsmads.dll, Mmsmaed.dll, Mmsmaext.dll, Mmsmafim.dll, Mmsmaip.dll, Mmsmaxml.dll, Mmsperf.dll, Mmsperf.h, Mmsperf.ini, Mmsps.dll, Mmsscpth.dll, Mmsscrpt.exe, Mmsscrpt.exe.config, Mmsserverrcw.dll, Mmsuihlp.dll, Mmsuishell.dll, Mmsutils.dll, Mmswmi.dll, Mmswmi.mof, Mmswmix.mof, Msft.metads.dll, Msft.metads.host.dll, Msft.metads.host.gac.dll, Msft.metads.impl.dll, Msft.metads.xml, Msft.metadsex.dll, Msft.metadsex.xml, Mstlay_mysite.master, Msvcm90.dll, Msvcp90.dll, Msvcr90.dll, Mv.dsml, Mvdesigner.dll, Mvviewer.dll, Notesmapropertypages.dll, Ntma.dll, Ntmaattributeinclusionlist.x, Ntmamandatoryattributelist.x, Ntmamandatoryobjectclasslist, Ntmaobjectclassinclusionlist, Ntuisettinginit.xml, Objectlauncher.dll, Objectschemaconfigpopulate.sql, Objectschema_storedprocedures.sql, Objects_indexes.unfiltered.sql, Objects_storedprocedures.sql, Objects_tables.sql, Objects_views.sql, Objectviewers.dll, Operations.dll, Personalsites.aspx, Portaluiconfigurations.sql, Preview.dll, Profilesrp.sql, Profilup.sql, Propertypageconfig.xml, Propertysheetbase.dll, Psite_mysite.master, Rightrule.sql, Rulerctrl.dll, Schemacollections.sql, Searchscopes.sql, Sets_storedprocedures.sql, Soccom.js, Socialsrp.sql, Socialup.sql, Sourcecode.galsync.dll, Sourcecode.logging.dll, Sourcecode.logging.xml, Sqlerrormessages.sql, Sqlpersistenceproviderlogic.sql, Sqlpersistenceproviderschema.sql, Sqlpersistenceservice_logic.sql, Sqlpersistenceservice_schema.sql, Sqlworkitemschedulerlogic.sql, Sqlworkitemschedulerschema.sql, Sqmapi.dll, Storedprocedures.sql, Svrexport.exe, Syncsetuputl.dll, Sync_storedprocedures.sql, Sync_synchronizationrules.sql, Tables.sql, Teditconnectionfilters.aspx, Teditdsserver.aspx, Teditlink.aspx, Teditproperty.aspx, Timezones.sql, Tmanagelinks.aspx, Tmanagesocialitems.aspx, Tmgrpolicy.aspx, Tpersonalsites.aspx, Uiutils.dll, Uocconfigurations.sql, Upcmdlet.xml, Userprofileservicewsdl.aspx, Values.sql, Vbcdextensioncallbasedscript, Vbcdextensionfilebasedscript, Vbmaobjectscript.xml, Vbmvobjectscript.xml, Vbpasswordextensionscript.xml, Vbwmirunscript.xml, Vsprojectcs.xsl, Vsprojectvb.xsl, Wmirunscript.xml, Xmlmapropertypages.dll
Impact
Important - Elevation of Privilege


MS12-012
Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
Description
This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Colorcpl.exe, Colorui.dll, Icmui.dll
Impact
Important - Remote Code Execution


MS12-013
Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
Description
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. An attacker who successfully exploited the vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Msvcrt.dll
Impact
Critical - Remote Code Execution


MS12-014
Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
Description
This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Iacenc.dll, Updspapi.dll
Impact
Important - Remote Code Execution


MS12-015
Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
Description
This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Saext.dll, Seqchk10.dll, Vpreview.exe, Vviewdwg.dll, Vviewer.dll
Impact
Important - Remote Code Execution


MS12-016
Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
Description
This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted web page using a web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
No specific files
Impact
Critical - Remote Code Execution


*All results are based on a Quest ChangeBASE Application Compatibility Lab’s test portfolio of over 1,000 applications.

For more info about Quest ChangeBASE, please visit www.quest.com/changebase


Thursday 9 February 2012

Quest vWorkspace and ChangeBASE team up for the ultimate in browser compatibility solutions

IE6 is firmly becoming a bad word in the world of Microsoft, as this legacy browser version is now the biggest hurdle preventing organisations across the globe from fully embracing Windows 7. With Quest's acquisition of ChangeBASE, two technologies have now come together to enable organisations to finally get off IE6 for good.

Quest ChangeBASE Browser Compatibility helps you achieve application readiness by assessing your web sites and web-based applications for compatibility with Internet Explorer 8 or 9. This unique, automated solution provides a quick, easy and cost-saving approach to web applications and web site testing, whether they’re on the internet, intranet or extranet. With the extensive range of automated compatibility checks included, you can ensure browser upgrades or updates don’t cause incident or an unnecessary burden on IT resources. The detailed reports help you to prioritize remediation and ensure that the issues with the greatest impact will get resolved first. And don't just take Quest's word for it - TechWorld named ChangeBASE's browser compatibility tool as Enterprise Product of the Year 2011.

And for those IE6 issues that can't be fixed, Quest vWorkspace provides an elegant solution with its virtualisation capabilities. vWorkspace lets you deploy a blended virtualisation model – pairing the appropriate technologies to users based on their unique needs while keeping the average cost per virtual desktop to a minimum. In developing the IE 6 Compatibility Edition, Quest has taken the current release of vWorkspace, explicitly locked it down so that it will only run Internet Explorer and extended it by offering the capability to redirect named URLs to IE 6 while others are processed by whatever browser is locally set as the default. On his Virtualization Practice blog, Simon Bramfitt says that vWorkspace "represents a pragmatic solution to an awkward dependency on legacy development standards".

We're really excited about the opportunity presented by pairing these two capabilitites for taking on the IE6 challenge, so if this sounds like a solution for your organisation, get in touch.

And if you're in the UK, Quest are giving you the opportunity to learn more about these technologies in a 1 day event at Old Trafford Stadium in Manchester - and you'll get a guided tour of Manchester United's ground too!

Wednesday 1 February 2012

Quest Software launches Quest ChangeBASE products

It gives me enormous pleasure to announce the general availability (GA) of the three Quest ChangeBASE products.

Since Quest Software acquired the people and products of ChangeBASE last October, we’ve been working hard to integrate the two companies as well as rebrand the products and determine new product roadmaps.

The results are now here, and are available from both the main Quest Software pages and from the site of ScriptLogic, a wholly-owned subsidiary of Quest Software.

Quest ChangeBASE is all about application readiness. This means: making your applications ready for new platforms, new versions of platforms and new patches. Change happens all the time – it’s not just e.g. Windows 7, it’s also application releases and patches, application and desktop virtualization (especially terminal servers) and let’s not forget Patch Tuesdays, driver updates… it goes on and on.

So, maintaining a healthy application estate is all about approaching change with two things in mind:

1.     Change is never over. Think of a continuous process, not a single migration.
2.     Automation. Automate as much as you can – from application discovery (what’s out there, what’s being used) through application assessment (what will work on the new platform/with the new version), automated fixing and (if you’re going for application virtualization), automated virtualization. Outsourcing to an off-shore lab where all testing is manual may get you to Windows 7 (but it’ll be expensive – and slow – and may miss key issues), but it won’t help you deal with the constant change of patches, updates and versions.

Today, we launch three new products: ChangeBASE Standard, ChangeBASE Professional and ChangeBASE Browser Compatibility. All three are one-stop shop solutions for specific Application Readiness use-cases. All three provide quality, detailed, automated application compatibility assessment for particular target platforms. The details are to be found on the websites, but the broad-brush picture is: if you want to assess and fix compatibility of your applications with Windows 7 or Office, look at ChangeBASE Standard. If you also want to assess for suitability with application virtualization or terminal servers, look at ChangeBASE Professional. ChangeBASE Professional can also automate the virtualization of your applications. If you want to understand if your website and web apps will work with the newest versions of Internet Explorer, look at ChangeBASE Browser Compatibility.


All three products feature short-time-to-value, download-and-go and extensive automation. All three will radically accelerate your platform migrations as well as the ongoing management of your application estate. Exactly the same trial version of Quest ChangeBASE is available from both the Quest Software site (here) and from the ScriptLogic site (here).

Finally, for those who are already ChangeBASE customers: thank you! No functionality has been lost in this rebranding and repackaging. Get in touch and we can walk you through how the new products map to what you have.
Before we acquired them, ChangeBASE had already amassed a great set of customers all around the world. We look forward to welcoming you to Quest ChangeBASE.

Regards,

Hugh McEvoy
Manager, Product Management
Quest Software