Welcome to Kraft Kennedy

On August 2nd, Microsoft released an out-of-band patch addressing a critical security flaw in the Windows shell.  This flaw affects all versions of Windows and could allow remote execution of code under certain circumstances.  Obviously, any critical patch released outside of Microsoft’s normal patch release schedule should be treated with a sense of urgency.  We in the Support Practice Group have already taken steps to implement this patch at all of our clients and can happily report that we have not seen any issues whatsoever with the patch, so far.  Additional information on the security flaw and the associated patch is available from Microsoft here.

One of our SPG consultants, Joe Szabo, recently noticed an issue where even though it looked like our BES 5.0 server should be prepopulating users’ new Blackberry devices with 200 previous email messages it, was not doing so.  In the Blackberry Administration console, he expanded BlackBerry Solution Topology > BlackBerry Domain > Component view > Email and checked to ensure that the server was set to prepopulate 200 previous messages.  Joe did some research and found that by default Blackberry only prepopulates messages for new users on their first Enterprise Activation.  It will not prepopulate messages if those existing users activate a new Blackberry device.

To force prepopulation for all users, Joe added the following registry keys:

[HKEY_LOCAL_MACHINE\SOFTWARE\Research In Motion\BlackBerry Enterprise Server\Agents]
“ForceMsgPrepopOnActivation”=dword:00000001
“ForceMsgPrepopDays”=dword:0000000e
“ForceMsgPrepopMessages”=dword:000002ee

On an x64 server, you would add these entries under:

[HKEY_LOCAL_MACHINE\Software\WOW6432Node\Research In Motion\BlackBerry Enterprise Server\Agents]

We have confirmed that this works for BES 5.0, but it should work for older BES versions as well.

One of our primary concerns here in the Support Practice Group is to maintain our clients’ networks in tip top shape, and this means regularly applying patches and hotfixes. At the moment, we are leveraging WSUS to monitor and deploy patches to servers and workstations at many of our clients, which allows us to select which updates we want to approve and distribute to client machines in the background. We then can manually kick off the install and subsequent reboot once all the necessary updates have been downloaded to each client.

Continue reading…

As consultants to legal professionals, we here at Kraft Kennedy often have to deal with sensitive or private information or data. This often means something as simple as password protecting case privileged files or documents as they are emailed back and forth between opposing counsel or other parties.

I recently came across this issue for a client in the Support Practice who wanted to password protect some documents they had compressed and needed to email to co-counsel in the Far East. My first inclination was to recommend one of the tried and true file compression utilities, like WinZip or WinRAR. After all, Windows is good for compressing files, but doesn’t offer any of the more robust features that these utilities have, right?

Continue reading…

Move over H1N1; recent months have seen an uptick in a particularly sinister breed of virus, commonly called scareware.

This form of malware disguises itself to appear as though it is an anti-virus or anti-spyware program, when, in fact, it is exactly what it claims to prevent. Often, the rogue software will appear as a red shield in the system tray very similar to the yellow windows update icon, or in a web browser window designed to look just like Symantec or a similar anti-virus program interface. It will alarm the user that the computer has already been affected with spyware or malware, and urge them to click to scan the computer or clean the viruses off the hard drive. Of course, this will only download further malware, or require the user to purchase a registration key and refuse to remove the infection until that is done.

Continue reading…

Most PC users have probably had this complaint at some point during their user experience, and certainly anyone who was worked in support of users has heard it countless times: “My computer is too slow!”

Workstation slowness can be frustrating for anyone, and a tighter economy means reduced budgets, which makes it harder for IT departments to keep pace with technology. What then can one do to improve workstation performance when IT admins have to put off workstation upgrade or refresh projects? Well, there are all the usual tricks. Adding RAM may be a cost efficient alternative to replacing workstations or you could turn off all resource intensive visual effects and adjust Windows to run for best performance.

But there is another quick trick that has proven useful to members of the Support Practice Group: recreating the WSUS database on the workstation. The Windows Server Update Service is a useful and commonly used method of managing the distribution of Microsoft updates to user workstations, and its standard practice for SPG clients.

WSUS client workstations contact the server to determine which updates are required and approved, and keeps a log in the following file: c:\WINDOWS\SoftwareDistribution\Datastore\datastore.edb. Overtime, this database file will grow, and as it grows it can begin to wear on performance. If you find a copy that has grown to 20-30+ MB, try renaming the file and allowing Windows to rebuild a copy from scratch. It’s a very quick and easy fix that can yield immediate benefits in workstation performance.

In working with a colleague, we came across what appears to be a bug within Outlook relating to meetings disappearing from calendars after an update is sent.  This has been confirmed to affect Outlook 2007 but it may affect other versions as well.

Symptom:  A meeting for which you are the owner/organizer disappears from your calendar after sending an update to all attendees if the meeting request was sent to a distribution list or group of which you are a member.  The meeting does not disappear if you are explicitly in the attendee list.

Workaround:  Before sending a meeting request to a distribution list or group, expand the membership by clicking the “plus” sign next to the name.  Once you see all of the members expanded, you may send the meeting request or remove yourself from the attendee list so that future updates will not fall victim to this bug.  I would recommend that you remove yourself entirely as an attendee in case other issues arise as a result.

We are unclear as to whether Microsoft is aware of this bug or has a fix in development. Hopefully the above workaround will help some of you that are experiencing this problem.