Select Page

Month: July 2015

OpenType Font Driver Vulnerability – CVE-2015-2426

Microsoft has identified a vulnerability which impacts all versions of Microsoft Windows which could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts. For Home Users and Organizations without Dedicated IT Staff If you do not have automatic updating enabled, go to Windows Update, download and install updates.  If you have automatic updates enabled, no action is necessary.  It’s that easy. For IT Professionals This small update requires a reboot so please plan accordingly. Executive Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software section. The security update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. For more information about the vulnerability, see the Vulnerability Information section. For more information about this update, see Microsoft Knowledge Base Article 3079904.Suggested actions. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically. Customers who have not enabled automatic updating, or who install updates manually, can use the links in the Affected Software...

Read More

Lync 2013 to Skype for Business 2015 Enterprise Edition Upgrade

The following are my notes from recently upgrading Lync 2013 Enterprise Edition to Skype for Business 2015 Enterprise Edition.  Our production environment consisted of all Microsoft Server 2012 R2 virtual servers running in a VMware environment.  Our database back-end servers are Microsoft SQL Server 2012. Pre-requisites Ensure all servers are fully patched up.  I ran updates July 16th, 2015 after Patch Tuesday and the servers running IIS 8+ were still needing the hotfix outline here (https://support.microsoft.com/en-us/kb/2982006). Edge Servers Install Microsoft .Net Framework 3.5 if you have not already.  You may also check for updates after you install .Net 3.5 as there will be updates available.  However, these updates will not prevent the successful installation of Skype for Business 2015. Front-end Servers, Persistent Chat, File Stores, Database Back-ends No additional installs. Connect to computer in the topology that does not have Lync OCSCore or any other Lync components installed. I used a database back-end.  If you try this from a computer in the topology, you will get this error message: You cannot perform this upgrade until you have used Skype for Business Server 2015, Topology Builder to upgrade the Lync Server 2013 Pools and then publish the upgraded topology. If you have already published an updated topology those changes might not have replicated to this computer. You can force an immediate replication by running the Invoke-CsManagementStoreReplication cmdlet. You can also...

Read More