Today we have applied all the new patches from Microsoft.  We ran into some problems because of our security stack on the host end points.  We are running Windows 7 and Server 2008 R2 systems as well as other Operating Systems.  

The problem came into existence when MS13-063 (2859537) was deployed to windows systems running mcafee application control.  It exists because there is a problem with McAfee Solidcore 6.1 and 6.0.1 and the patched Windows kernel.  When memory protection is turned on all our applications and services that aren't part of the core operating system fail upon reboot.

We have a temporary fix to work around the problem while McAfee works on a permanent fix.  

Step 1:

Go into ePO console and turn off 3 solidcore features.

Select Policy Catalog > Application Control > Windows Options > Features

Uncheck memory protection and the 2 sub check boxes

save the policy

Step 2: This fixes the broken systems

Log into the system being affected

Click start > programs > McAfee > Solidifier > McAfee solidifier command line

change directory to c:\program files\mcafee\solidcore

run passwd command and enter the solidcore password to unlock solidcore

run sadmin recover

run sadmin features disable mp

run sadmin features disable mp-nx

run sadmin features disable pkg-ctrl

reboot the system

all applications and services should come back online

Blackberry Z10 day 1 review

So I was given the opportunity to take the BlackBerry Z10 for a test drive. It has been roughly 24 hours since my cut over from a Galaxy Nexus.

Likes: BlackBerry Hub is an excellent center for all things I care about. The integrated SMS, MMS, Facebook, LinkedIn, etc. creates a time saving central hub for things I care about.

The Web browsing seems to deliver a better experience than on my Android or iPhone.
The keyboard is also fantastic.

Dislikes: there is a lack of native apps that I used on a regular basis on both my Android and iPhone. This seems to be my only dislike at the moment.

Though the previously mentioned dislike is a bit annoying, I was pleasantly surprised how well the HTML 5 versions of apps like GMAIL, Google voice, etc. worked.

In fact the only app that I can't replace with an HTML 5 variant so far seems to be Google Authenticator.  However to get around that that just have a code sent via text message, problem solved for now.  Now I do understand a code via SMS text could be a security concern because it isn't encrypted and could be intercepted, etc. But this is a trade off needed ff the time being.

Welcome to my blog

I named my blog according to how my job goes at times.  I have to clean up other people's shit.  Hence IT Custodial Engineer.  I'll be posting random stuff to help document things that I hope will make other people's lives easier and even prevent idiots from doing stupid stuff to need an IT Custodial Engineer such as myself to step in.  Enough with my rant and run on sentences.  To the blog!

Paging all IT Custodial Engineers.  Clean up in server rack 2!