Update

Important: Update Your Mozilla Web Browser to Firefox 58.0.1

Mozilla has released an important update for its Firefox web browser to patch a critical vulnerability that could allow remote attackers to execute malicious code on computers running an affected version of the browser.

Affected web browser versions include Firefox 56 (.0, .0.1, .0.2), 57 (.0, .0.1, .0.2, .0.3, .0.4), and 58 (.0). The vulnerability has been addressed in Firefox 58.0.1

Security fix

When using certain non-default security policies on Windows (for example with Windows Defender Exploit Protection or Webroot security products), Firefox 58.0 would fail to load pages (bug 1433065).

Reference link to 58.0 release notes

Known Issues of Security fix

  • Users running Firefox for Windows over a Remote Desktop Connection (RDP) may find that audio playback is disabled due to increased security restrictions.
  • Users running certain screen readers may experience performance issues and are advised to use Firefox ESR until performance issues are resolved in an upcoming future release.

 

According to a security advisory published by Cisco, Firefox 58.0.1 addresses an ‘arbitrary code execution’ flaw that originates due to ‘insufficient sanitization’ of HTML fragments in chrome-privileged documents (browser UI).

 

Hack Details:

Hackers could exploit this vulnerability (CVE-2018-5124) to run arbitrary code on the victim’s computer just by tricking them into accessing a link or ‘opening a file that submits malicious input to the affected software.’

The advisory states.

“A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely,”

This could allow an attacker to install programs, create new accounts with full user rights, and view, change or delete data. However, if the application has been configured to have limited rights the impact is less on the system itself and should only impact the current session logged in.

 

Cannot remediate host because it is part of HA Admission Control enabled Cluster

Recently my team and I ran into incident with and error while patching esxi servers using VMware Update Manager(VUM).  When attempting o remediate the following error message was shown:

“cannot remediate host because it is part of HA Admission Control enabled Cluster”

Cause:

vCenter Server uses admission control to ensure that sufficient resources are available in a cluster to provide failover protection and to ensure that virtual machine resource reservations are respected.

Admission control imposes constraints on resource usage and any action that would violate these constraints is not permitted. If an automated process needs to take actions, it might temporarily violate the failover constraints.

 

Solution:

Before patching of the ESXi Servers that are part of the HA Cluster, make sure you have disabled “Admission Control”. Once server has been patched you can re-enable Admission Control on the cluster.

 

Steps to disable Admission Control

  • Right-click the cluster and click Edit Settings.
  • Under Cluster Features, click VMware HA.
  • Under Admission Control, select Disable: Power on VMs that violate availability constraints.
  • Click OK

This can also be disabled in the VMware Update Manager remediation wizard. When you remediate check the option “Disable High Availability admission control if it is enabled for any of the selected clusters.

 

Exchange Server 2013 SP1

If your following my posts you may notices I touched on a bug with Exchange 2013 SP1 before even posting about this update. That’s because I started to write this and didn’t yet finish; better late than never; I guess!

The following enhancements have been made with the release of Service Pack 1 for Exchange 2013

  • Support for running Exchange 2013 SP1 on Server 2012 R2.
  • Support for Windows Server 2012 R2 Domain Controllers and Windows Server 2012 R2 Forest and Domain Functional Level.
  • MAPI over HTTP. More information on MAPI over HTTP here. Note that MAPI over HTTP requires Outlook 2013 SP1; you can download Office 2013 SP1 32-bit version here and the 64-bit version here.
  • DLP policy tips for OWA.
  • Add custom document types to DLP using fingerprinting technologies.
  • Cmdlet logging in Exchange Administrative Console.
  • Support for IP-less DAGs (on Windows Server 2012 R2).
  • S/MIME support.
  • Rich-Text editor for OWA.
  • Edge Transport server role.
  • Support for SSL Offloading.

Notice
Since the release of Microsoft Exchange Server 2013 Service Pack 1 (SP1), Microsoft has become aware of an issue that affects some customers who use transport agents that are provided by third-party OEMs. For more information about this issue and a supported fix, see the following Microsoft Knowledge base article:

2938053 Third-party transport agents cannot be loaded correctly in Exchange Server 2013

This service pack resolves the issues that are described in the following Microsoft Knowledge Base (KB) articles:

  • 2860242 HTML format is lost after saving as an MSG file in Exchange 2013
  • 2900076 Mailbox quota warning message uses an incorrect language in Exchange Server 2013
  • 2910199 “Reply all by IM” chat window displays seven recipients in Outlook Web App
  • 2913999 Meeting request body and instructions are lost in delegate’s auto-forwarded meeting request
  • 2918655 Microsoft.Exchange.Servicehost.exe crashes after you enable FIPS
  • 2918951 Users cannot access public folders after you upgrade to Exchange Server 2013 Cumulative Update 3
  • 2925281 Outlook connectivity issue if SSLOffloading is “True” in Exchange 2013
  • 2925544 Empty ExternalURL value for ActiveSync virtual directory after build-to-build upgrade of Exchange Server 2013
  • 2927708 Resource mailboxes that are created by EAC will not be updated by policies in Exchange Server 2013
  • 2928748 Default from delegate’s address in shared mailboxes in Exchange Server 2013
  • 2928803 Long server connection for Outlook after a database failover in Exchange Server 2013
  • 2930346 POP3 access does not work if the name of the resource mailbox differs from the user’s name
  • 2930348 Manual redirection occurs in Outlook Web App if External URLs in each site are the same
  • 2930352 Outlook Web App cross-site silent redirection does not work in Exchange Server 2013

Minecraft 1.7.1 Pre-release @ jermsmit.com – Snapshot Server

Okay! It’s here Friends, the update that changed the Minecraft Word.
We are now running the Minecraft Pre-release 1.7.1 on the minecraft.jermsmit.com:25566 server.

So lets sum up quickly what we have under the hood of this new release; best of all its all yours officially Friday, October 25th 2013. See you on the snapshot server and see you all once again in game on Friday.

  • New world generation!
    • Double the amount of biomes, with new trees/flowers/blocks.
    • New “Amplified” world option.
    • Less ocean, more awesome.
  • New blocks!
    • Two new types of wood.
    • Stained glass! With both blocks and panes.
    • Packed ice, red sand, podzol.
    • Lots of new flowers, including double-tall versions of current plants.
    • Portals can be bigger sizes!
  • Fishing!
    • Added more type of fish.
    • Redone the fishing mechanics. Can now catch junk and treasure too.
    • Fishing rod enchantments!
  • Maps!
    • Put them in an item frame and hang them on your wall. They’re extra big!
    • Lots of new colours for lots of blocks!
    • Now with less lag!
  • Achievement & Statistics overhaul!
    • Now both world (or server) specific.
    • In multiplayer, it’s announced to everybody when you get an achievement.
      • You can move your mouse over this in the chat to see what it was!
    • Some new achievements and statistic types were added.
    • Zoomable achievements screen!
  • Multiplayer enhancements!
    • Servers can now put a 64×64 image called “server-icon.png” in their folder, that you will see on your server list.
    •  You can see who’s online before joining a server; move your mouse over the player count!
    • Lots of hidden preparation for allowing name changes.
  • Resource pack changes!
    • You can now have multiple selected.
    • They can completely re-do your sounds, adding new ones or changing current ones.
    • Servers can now recommend a resource pack for you to use.
  • Chat & command improvements!
    • New commands to spawn mobs or blocks of any type.
    • Command block minecart!
    • Clickable links to achievements and items.
    • Click on somebody’s name in the chat to message them!
  • Lots and lots of technical work!
    • Completely rewrote how the network (multiplayer) works.
    • Completely rewrote the sound manager.
    • New graphics options.
    • Basic shader support testing.
    • Many bugs fixed, including:
      • [MC-291] – Screenshots are treated as links in the console.
      • [MC-673] – Sky/lighting doesn’t get darker during a thunderstorm
      • [MC-715] – V-Sync in Window mode, settings not activated between sessions.
      • [MC-784] – Letters in Arabic Language not connected
      • [MC-881] – Boat inflicts fall damage if it runs aground in some fashion (Slabs, Mobs, Soul Sand)
      • [MC-944] – Armour with Protection on it seems to reduce against hunger damage
      • [MC-1018] – Black Lighting under overhangs
      • [MC-1105] – Villagers act like it is Raining when they are in the Desert, and it Rains elsewhere.
      • [MC-1379] – Transparent texture makes transparent texture behind invisible
      • [MC-2638] – Old AI mobs and Wolves don’t turn back to passive in Creative
      • [MC-2915] – Attempting to tp to an invalid coordinate returns “commands.generic.double.invalid”
      • [MC-3305] – Cyrillic font not displaying on signs and in chat (Russian language)
      • [MC-3871] – Cauldron water does not put out fire / damage blaze
      • [MC-3973] – Silk Touch, pre-lit Redstone Lamps
      • [MC-4150] – Baby Zombies do not drop any loot / xp
      • [MC-4482] – Saplings placed on Farmland are not affected by Bonemeal
      • [MC-4732] – Tools and weapons lose durability without doing damage
      • [MC-4921] – Sounds (eg. Mobs / Portals / Water) Don’t Immediately Fade
      • [MC-4973] – Zombie Pigman from Nether Portal still spawns even if doMobSpawning is false
      • [MC-5238] – 10 MB server texture pack limit too small
      • [MC-5305] – Arrows from a flame bow aren’t extinguished from rain
      • [MC-5550] – Night Time Doesn’t Immediately Allow Sleep
      • [MC-6820] – The generation of terrain surface layer produces local straight glitches (fix included)
      • [MC-7449] – Silverfish infected Stone Brick varients appears as normal stone brick.
      • [MC-8331] – Command block text disappears if too long
      • [MC-9271] – Opening a singleplayer world is counted as a multiplayer join in the statistics
      • [MC-9547] – Incorrect usage string for /scoreboard teams empty
      • [MC-9779] – Old versions of output-server.log and lock files remain on harddisk
      • [MC-10077] – Ajasent Obsidian Blocks prevent Nether portal appearing
      • [MC-10257] – when a pig gets struck by lightning it spawns without a sword
      • [MC-10984] – GS4 query listener fails to send player list when len(players) > 127
      • [MC-11027] – Axes accelarate the speed at which Slabs are broken
      • [MC-11280] – Sometimes Water flows out of newly generated Village Farms
      • [MC-11518] – RCON and Scoreboard Command Output Formatting
      • [MC-12450] – Missing usage string commands.scoreboard.players.list.usage
      • [MC-12452] – Scoreboard team join command fails on invalid team name
      • [MC-12454] – Scoreboard option seeFriendlyInvisibles not listed in usage
      • [MC-12541] – the letters for the ‘off’ setting on smooth lighting aren’t capitalised
      • [MC-12731] – Minecraft crashes if you click edit or delete on a LAN game
      • [MC-12769] – when typing /help with a number higher than 4, it produces the wrong message
      • [MC-12984] – getting a locked chest pushed into your head crashes the game
      • [MC-13565] – Fireworks sometimes don’t stack when they should
      • [MC-13661] – When re-sizing window before game loads internal view doesn’t resize
      • [MC-14521] – Boats cannot be steered by using the “left” and “right” keys
      • [MC-14865] – Carpets Are Not Flammable
      • [MC-15547] – Structures (witch huts, nether fortresses etc.) don’t get saved with the world file
      • [MC-15564] – Start up failure: “Cannot determine close requested state of uncreated window”
      • [MC-15688] – Axe breaks all slabs in adventure mode. No drops for stone.
      • [MC-16324] – Massive Amount of “[SEVERE] Reached end of stream” messages
      • [MC-16435] – Boats Still Break on Lily’s
      • [MC-16849] – Crash near pyramid
      • [MC-16910] – Packet250CustomPayload(dk)
      • [MC-17090] – Invalid teamcolors throw an NPE in the console
      • [MC-17831] – Crash selecting resource pack [13w24b]
      • [MC-18569] – Server resourcepacks not implemented yet
      • [MC-18672] – Textures disappearing after setting player walkSpeed to 0
      • [MC-19483] – sounds playing after leaving world
      • [MC-19604] – Cannot /playsound records
      • [MC-21870] – Screen goes blank when modifying walk speed
      • [MC-22927] – Animals running forever after being hit
      • [MC-26151] – Minecraft has advice on an error report that should be deleted.
      • [MC-26608] – /spreadplayers confirmation text is wrong
      • [MC-26660] – Constant minecart sound
      • [MC-27284] – /scoreboard teams option color: Tab doesnt list all options.
      • [MC-27904] – The Hindi, Malay and Norsk (Bokmål) language appear 2 times
      • [MC-28400] – Breeding animals gives xp even if doMobLoot gamerule is false
      • [MC-28405] – The saddle equip sound effect does not play when equipping a pig with a saddle.
      • [MC-28478] – Successful hit sound effect does not match the sound in the assets sound folder
      • [MC-28625] – The horse armor equip sound does not play when replacing others
      • [MC-28768] – Horse Breeding Doesn’t Produce Markings Correctly on Foal
      • [MC-29088] – Shearing sound does not play when shearing a mooshroom
      • [MC-29279] – Bug: the command block can be damaged by the explosion of Blue Wither Skulls
      • [MC-29321] – Jukeboxes play at the sound volume for effects until you change the music volume
      • [MC-29361] – Oceans are too big
      • [MC-29424] – Players appear offset for other clients after going through nether portals
      • [MC-31031] – Spawn eggs can be used on top of water, but not lava
      • [MC-31065] – Villages not generating? (snapshot 13w37b)
      • [MC-32250] – Typo on “Unable to Load Worlds” screen
      • [MC-32534] – piston extention givies tile.nill.name
      • [MC-32679] – Spawned in enderportals are not nameable

How to uninstall CrashPlan Debian

I wanted to update CrashPlan to the latest version. So I download the latest Linux install and what I found after attempting to install was that I needed to uninstall the existing version before installing the new one.

The following steps

Stop the CrashPlan process from running

/etc/init.d/crashplan stop

Manually delete the following directories

/usr/local/crashplan

/var/lib/crashplan

/usr/local/var/crashplan

Manually delete the following file

/etc/rc2.d/S*crashplan

Once completed I followed the steps from my previous how to install post