Ivanti Security and Patch News
· (March 31, 2017) Microsoft has released KB4012219 an update that includes improvements and fixes that were a part of Monthly Rollup KB4012216 (released March 14, 2017). This update also includes these new quality improvements and is a preview of the next Monthly Rollup update. Key changes include:
Enabled a warning message in Group Policy Management Console (GPMC) to alert administrators of a design change that may prevent the processing of a User Group after installing security update MS16-072.
Addressed issue that prevents a smart card module from pairing with a contactless smart card reader.
Addressed issue where a Scale-Out File Server that uses dual parity disks loses access to a disk if a disk fails while the parity log is being written.
Addressed issue with the Spaceport driver that causes disks to detach after a hard restart.
Addressed issue in multipath I/O when Driver Verifier is enabled.
Addressed issue that causes workload disruption in Azure StorSimple appliances after installing KB3169982. Installation occurs using the KB3172614 rollup (released 2016.07).
Addressed issue that causes crashes in a customer’s data path management software because of a regression in multipath I/O after installing KB3185279, KB3185331, or KB3192404.
Addressed issue where installation of KB3121261 on a third-party, thinly provisioned Storage Area Network causes multipath I/O Event ID 48. This is in response to Small Computer System Interface status - 0X28 - SCSISTAT_QUEUE_FULL (SRB Status - 0X4 - SRB_STATUS_ERROR).
Addressed issue to provide PowerShell cmdlets that enable and gather diagnostics for storage spaces.
Addressed issue with multipath I/O failure that can lead to data corruption or application failures.
Addressed issue that causes File Explorer to hang when performing a search on a network drive while connected using the Remote Desktop Protocol.
Addressed issue that causes a crash when the user tries to connect to the server using WinShare and Remote Desktop Services. Stop error 0x50 at win32k!pDCIAdjClr+0x4f.
Enabled detection of processor generation and hardware support when PC tries to scan or download updates through Windows Update.
Improved support for networks by adding new entries to the Access Point Name (APN) database.
Simplified listing of Approved Servers in the Point and Print group policies by allowing wildcards in the server name.
Addressed issue to update Windows Defender on Windows 8.1.
Addressed issue that prevents clients from accessing a file server when using Server Message Block 1.0 and NT LAN Manager authentication after installing MS16-110/KB3187754.
Addressed issue that produces corrupted output when you use the fread() function to read data from a pipe.
Addressed issue to set and persist the Quality of Service settings on a per-host basis.
Addressed issue that breaks high-availability and fail over of a clustered virtual machine (VM). This occurs when the default data store settings for the VMs are configured inconsistently across the nodes in the cluster. For example, some data store settings are in %ProgramData%, while others use shared storage.
Addressed issue where, under high load, the background tasks threads are blocked. None of the clusters that use Virtual Hard Disk Sharing can access their disks. This results in unresponsive virtual machines.
Addressed issue (error 0x800b) that causes System Center Virtual Machine Manager to fail after live migrating a virtual machine between two Hyper-V clusters.
Addressed issue where false file conflicts occur when Windows Server Work Folders is reinstalled after installing Azure Hybrid File Services.
Addressed issue where share contents go offline if remote clients connect over slow links when encryption is enabled and offline caching is disabled for a server share.
Addressed issue to generate Remote Desktop Services self-signed certificates to use SHA-2 instead of SHA-1. After this update, any existing self-signed certs in RD Session Host should be updated with SHA-2 certs. However, existing self-signed certs (if any) in Connection Broker and Gateway should be regenerated using the Remote Desktop Management Services (RDMS) UI.
Addressed issue to allow a user to set the password for a virtual account.
Addressed issue where IIS Automatic Certificate Rebind feature breaks client certificate mapping with active directory by disabling DS Mapper upon renewal of the server certificate. As a result, no user will be able to access the site unless an administrator manually remakes the binding and enables the DS Mapper.
Addressed issue where Active Directory returns incorrect active thread count numbers for Lightweight Directory Access Protocol requests. Incorrect thread counts prevent Office 365 from load balancing correctly.
Addressed issue to update time zone information.
Addressed issue with random crashes on Hyper-V servers when users access Virtual Hard Disk files on Cluster Shared Volumes.
Addressed issue that causes file share witnesses stored on a Scale-Out File Server cluster 2012R2 to fail. Event ID for this Error is 1562 and you will get an Error 64 in the Cluster Log for the failed Healthcheck (from RFC 7205769).
Addressed issue where, after installing security update MS16-123, administrators cannot access some network drives that are mapped using the Distributed File System Namespace. This lack of accessibility occurs even though User Account Control and EnableLinkedConnections are enabled.
Addressed issue where virtual Network File System (NFS) server shares intermittently fail to mount when another NFS share is assigned the same ID in a clustered environment.
Addressed issue to add the LiveDump capture feature that will trigger a live kernel dump if requests are stuck for an extended period.
Addressed issue where Failover Cluster Manager crashes when connecting to a cluster with a long name (15+ characters). This occurs after .NET 4.6.1 is installed.
Addressed issue that crashes Exchange servers whenever a customer installs an Exchange cumulative or security update. Error code: STOP 0x3B
Addressed issue that prevents the capture of network traffic when Microsoft Advanced Threat Analytics starts and stops the session that monitors traffic in promiscuous mode.
Addressed issue where users cannot connect to wireless, proxy, and VPN authentication. The Online Certificate Status Protocol responder service intermittently returns an IIS 500 error when processing client requests. This causes the clients to fail revocation checking and fail authentication to the required service.
Addressed issue to provide a maintenance mode for Active Directory domain controllers.
Addressed issue where Active Directory Federation Services (AD FS) fails to authenticate external users because the ADFS proxy servers time out.
Please visit the following page for more details: https://support2.microsoft.com/kb/4012219
· Vulnerability ID – 4012219_MSU
· Vulnerability ID – N/A
New Patch Downloads
Where to Send Feedback
At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future. Please continue to provide feedback by contacting our local support organization.
Ivanti Product Support
Copyright © 2017 Ivanti Software. All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.
Information in this document is provided for information purposes only. The information presented here is subject to change without notice. This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.