Cumulative Update – Fixes June 2015 SharePoint 2010 (201506-SP2010)

Its hard to keep track of what bugs were fixed a cumulative update. I intend to share my reading and document the fixes that come out every month across SharePoint products. Some call it regurgitating what’s already out there… but good luck finding it in Google search! Some updates aren’t cumulative . Hope this blog posts help someone some day!

Disclaimer: Cumulative Updates are to be applied specifically when you have an issue fixed by it, I recommend you keep a close eye on the security fixes that come with Cumulative Updates and then decide accordingly. Don’t rush to apply a Cumulative Update just for the sake of it. Many Cumulative Updates have had serious issues in the past and there’s no easy rollback! http://www.jeremytaylor.net/2014/04/12/latest-cumulative-updates-service-packs-hotfixes-sharepoint-sql/

 

Name: June 2015 Cumulative Update for SharePoint 2010

Build: ​14.0.7151.5001 ​

For previous build numbers: http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=224

 

SharePoint Foundation 2010 fixes

This security update contains fixes for the following nonsecurity issues:

  • When you click a user name if multiple matches are found for a people field on a SharePoint Server 2013 site in Internet Explorer 11, the matches are not displayed.
  • You cannot scroll to see the resources on the right-side grid of the build team page if there are many resources.

Pasted from <https://support.microsoft.com/en-us/kb/3054847>

 

Security Updates in June 2015 for SharePoint Foundation 2010:

Microsoft Security Bulletin: MS15-046 (rereleased)

  1. Multiple Microsoft Office Memory Corruption Vulnerabilities – CVE-2015-1682

 Vulnerability information:

Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.

Exploitation of these vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message.

An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Source: https://technet.microsoft.com/library/security/MS15-046

 SharePoint Server 2010 fixes (includes the above fixes)

 

 

  • This update improves the English proofing tools.

 

Source: https://support.microsoft.com/en-us/kb/3054874

 

 

Security Updates in June 2015 for SharePoint Server 2010:

Microsoft Security Bulletin: MS15-046 (re-released!)

  • IMPORTANT UPDATE:

V3.0 (June 9, 2015): To address issues with the security updates for all affected Microsoft Office 2010 software, Microsoft re-released MS15-046 to comprehensively address CVE-2015-1682. Microsoft recommends that customers running affected Office 2010 software should install the security updates released with this bulletin revision to be fully protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3057181 for more information and download links.

 

 Vulnerability information:

See https://technet.microsoft.com/library/security/MS15-046

Project Server 2010 (includes the above fixes)

This update fixes the following issue:

  • When you try to edit a resource in Project Web App, you receive an unknown error that resembles the following in the ULS logs:

 

Exception occurred in method Microsoft.Office.Project.Server.BusinessLayer.Project.ProjectQueueUpdatePDPProjectCF System.Data.SqlClient.SqlException: The EXECUTE permission was denied on the object ‘MSP_ReadLocalAndEnterpriseLookupTableInfoByUIDs’, database ‘ProjectServer_Published_PWA’, schema ‘dbo’.

 

Source: https://support.microsoft.com/en-us/kb/3054887


Cumulative Update – Fixes May 2015 SharePoint 2010 (201505-SP2010)

Name: May 2015 Cumulative Update for SharePoint 2010

Build: ​14.0.7149.5000 ​

Its so hard to keep track of what bugs were fixed a cumulative update. I intend to share my reading and document the fixes that come out every month across SharePoint products. Who knows it may help someone some day!

Disclaimer: Cumulative Updates are to be applied specifically when you have an issue fixed by it, I recommend you keep a close eye on the security fixes that come with Cumulative Updates and then decide accordingly. Don’t rush to apply a Cumulative Update just for the sake of it. Many Cumulative Updates have had serious issues in the past and there’s no easy rollback! http://www.jeremytaylor.net/2014/04/12/latest-cumulative-updates-service-packs-hotfixes-sharepoint-sql

For previous build numbers: http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=224

 

SharePoint Foundation 2010 fixes

Improvements and fixes

This security update contains fixes for the following nonsecurity issues:

  • Incoming email messages are not processed if the Sandboxed Solutions Resource Quota value for the site collection is set to 0.
  • When you open a page that contains multiple value lookup fields, you receive the following error message:
    Sorry, something went wrong Attempted to use an object that has ceased to exist. (Exception from HRESULT: 0x80030102 (STG_E_REVERTED))
  • Assume that you use the IfHasRights function to customize a Data Form Web Part (DFWP). When you save the form and go to the form in browser, you receive the following error message:
    Unable to display this Web Part. To troubleshoot the problem, open this Web page in a Microsoft SharePoint Foundation-compatible HTML editor such as Microsoft SharePoint Designer. If the problem persists, contact your Web server administrator.

Source: https://support.microsoft.com/en-au/kb/3017815

 

Security Updates in May 2015 for SharePoint Foundation 2010:

Microsoft Security Bulletin: MS15-047

  • Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution – Microsoft SharePoint Page Content Vulnerabilities – CVE-2015-1700

Microsoft SharePoint Server 2010 Service Pack 2 (2956192)

Vulnerability information:

Remote code execution vulnerabilities exist when SharePoint Server improperly sanitizes specially crafted page content. An authenticated attacker could attempt to exploit these vulnerabilities by sending specially crafted page content to a SharePoint server. The attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site. Systems that are running an affected version of SharePoint Server are primarily at risk.

Source: https://technet.microsoft.com/library/security/MS15-047

 

SharePoint Server 2010 fixes (includes the above fixes)

  • Translates some terms to multiple languages to make sure the accuracy of the meaning.

Source: https://support.microsoft.com/en-au/kb/2956199

 

  • Updates Yoruba proofing tools.

Source: https://support.microsoft.com/en-au/kb/2920814

 

Security Updates in May 2015 for SharePoint Server 2010:

Microsoft Security Bulletin: MS15-046

  • Vulnerabilities in Microsoft Office Could Allow Remote Code Execution – Memory Corruption Vulnerability CVE-2015-1682

Microsoft SharePoint Server 2010 Service Pack 2 – Word Automation Services (2965233)

Microsoft SharePoint Server 2010 Service Pack 2 – Excel Services (2956194)

 

Vulnerability information:

Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.

Exploitation of these vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message.

An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Project Server 2010 (includes the above fixes)

Fixes the following issues:

  • When you try to insert a task for a project in the Schedule Web Part in Project Web App, you receive the following error message:
    This edit is unsupported in Project Web App.
    This issue occurs if the project has a particular structure of outline levels or task indentations and if you are using Internet Explorer 11.
  • When you export or print a resource plan for a project in Project Web App, the work or full-time equivalent is incorrect. For example, suppose that you enter the values 1d, 2d, and 3d. The print may show the values as 0.63d, 1.75d, and 2.63d.
  • When you publish a project in Project Web App in which tasks contain formulas that use the ProjDateDiff function, incorrect calculations may be made. This issue occurs if your project calendar does not use the default calendar configuration (08:00-12:00 and 13:00-17:00).

Source: https://support.microsoft.com/en-au/kb/2965314


Antivirus for SharePoint 2013

The aim of this post is to shed light on why you need an antivirus for SharePoint. This post could be served as you ‘business case’ for an antivirus to pass on to your Security team / management.

Here are some of my notes gathered from various blogs that I have read, discussions and presentations that I have had:

  1. ForeFront antivirus for SharePoint 2010 wont work for SharePoint 2013 (not supported by Microsoft)
  2. Microsoft is discontinuing support for ForeFront antivirus for SharePoint 2010 31st December 2015 – there are no replacement products except third part vendors. Lots of backlash from MS customers.
  3. We can apply the extension period so that we have additional time to migrate to an alternative solution for SharePoint 2010 protection but its important to note there is no protection from Microsoft for SharePoint 2013.
  4. Documents uploaded into SharePoint can of course contain malware
  5. Once documents are in a SharePoint database, file system antivirus engines cannot understand / detect malware, infected files found in SharePoint content databases
  6. Antivirus for SharePoint prevents SharePoint from becoming a repository of infected files by scanning and cleaning files stored in SharePoint which are not accessible to endpoint AV solutions
  7. Antivirus for SharePoint detects, removes viruses, spyware, malware and other threats in files uploaded to and downloaded from SharePoint servers
  8. While your own organisations workstations and antivirus are properly implemented and maintained, there is a risk that your customers/suppliers/federated partners files & content may contain threats. The risk is your own organisation has no control over what content is uploaded into and downloaded from your SharePoint farms, depending on how your SharePoint sites are consumed. You might not have the opportunity to clean files being uploaded to a SharePoint site if the end users (in federated partner scenario) has an out-dated laptop containing malware.
  9. Antivirus for SharePoint is the only defense we have against this risk of malware in SharePoint content databases.
  10. It is advisable to install the file system Antivirus in addition to a SharePoint antivirus. Note you must exclude certain folders from being scanned by the file system antivirus. http://support.microsoft.com/kb/952167

 

Notes:

SharePoint 2013 introduces NO CHANGES to the SharePoint Antivirus API (a.k.a SharePoint Portal Server Virus Scanning Application Programming Interface (VS API)). Source: http://www.harbar.net/archive/2013/02/22/Antivirus-and-SharePoint-2013.aspx

 

Documents can of course contain malware but it’s just not the most common vector. Source: http://www.harbar.net/archive/2013/02/22/Antivirus-and-SharePoint-2013.aspx

 

Prevents your SharePoint server from becoming a repository of infected files by scanning and cleaning files stored in SharePoint which are not accessible to endpoint AV solutions. Source: http://www.symantec.com/protection-for-sharepoint-servers/

 

Symantec Protection for SharePoint Servers detects and removes viruses, spyware, and other threats in files uploaded to and downloaded from your SharePoint server(s). Source:  http://www.symantec.com/protection-for-sharepoint-servers/data-sheets-white-papers/

 

MSMS interfaces with SharePoint using the recommended security architecture via the SharePoint VirusScan API and SharePoint Object Model. Source: http://www.mcafee.com/us/products/security-for-microsoft-sharepoint.aspx

 

What are the options for SharePoint 2013 Antivirus?

 

Symantec Protection for SharePoint Servers

http://www.symantec.com/protection-for-sharepoint-servers/

  • Familiar vendor to a lot of environements
  • Can be used with Symantec Enterprise Vault for SharePoint and Symantec Backup Exec for SharePoint to deliver a comprehensive security, archiving, and data recovery solution.

 

 

ESET® Security for Microsoft SharePoint Server

http://www.eset.com/int/business/products/collaboration-sharepoint/

  • First engine for SharePoint 2013 – very customisable / powerful.
  • Very light and efficient antivirus

 

 

Kaspersky Security for Collaboration (SharePoint)

http://www.buykaspersky.com.au/kaspersky-security-for-collaboration-sharepoint

  • Light and well known vendor, well trusted security solution

 

 

McAfee Security for Microsoft SharePoint

http://www.mcafee.com/us/products/security-for-microsoft-sharepoint.aspx

  • No comment at this time.

 

 

Sophos SharePoint Security

http://www.sophos.com/en-us/products/sharepoint-security.aspx

  • No comment at this time.

 

 

TrendMicro PortalProtect SharePoint Security

http://www.trendmicro.com/us/enterprise/network-web-messaging-security/portalprotect-microsoft-sharepoint/index.html

  • No comment at this time.

 

If you have experience in any of the above, I’ll be happy to hear from you.

Thanks! Jeremy


Converting Vmware vmdk to Hyper-V vhd

Scenario:

You have a vmdk file for Vmware and want to convert it to a Hyper-V compatible hard disk file such as vhd.

 

Solution:

Download Microsoft Virtual Machine Converter Solution Accelerator (4.3MB)
http://www.microsoft.com/en-au/download/details.aspx?id=34591

It works on Windows 7, Windows Server 2008 R2, Windows Server 2012

Once installed, run the following:

In a command prompt window, go to the path to MVDC.exe (32bit is usually installed here by default – C:\Program Files (x86)\Microsoft Virtual Machine Converter Solution Accelerator).

MDVC.exe ‘path to vmdk file’ ‘path to vhd file’

Example:

cd '.\Program Files (x86)\Microsoft Virtual Machine Converter Solution Accelerator'
.\MVDC.exe 'D:\Temp\SERVER123.vmdk' 'D:\Temp\SERVER123.vhd'

Once your file is a vhd, you can easily import it into Microsoft Hyper-V and convert it to a vhdx.

 

  • If you want to convert several machines at once, then look at the Migration Automation Toolkit.

https://gallery.technet.microsoft.com/Automation-Toolkit-for-d0822a53

The Migration Automation Toolkit is a collection of PowerShell scripts that will automate conversions using MVMC and it is back ended by a SQL instance (SQL Express will work). You can use it to convert several machines at once, on a single server – or scale it out and execute conversions on many servers at the same time.


ULS log viewer for SharePoint 2013

Good news for all the on-premises SharePoint Infrastructure Admins and Developers. An improved ULS Log viewer for SharePoint 2013 has been released a few days ago. I was concerned for a couple of years that there wasn’t any movement on updating my number 1 favourite SharePoint tool. However, I did see a video where Bill Baer there was a hint of how bad the tool was and they’d do something about the tool.. so here it is – a new ULS Log Viewer……

Download it here:

http://www.microsoft.com/en-us/download/details.aspx?id=44020

Some new features:

1. Monitor multiple servers simultaneously

ULSLogViewer-SharePoint2013

2. Locate specific log entries via command line

3. Highlight and personalise the output if a filter match occurs

Some fixes I have noticed:

1. More stability when working with the filters

2. Multiple fixes such as filtering on pause state

Source: http://blogs.technet.com/b/wbaer/archive/2014/08/22/uls-viewing-like-a-boss-uls-viewer-is-now-available.aspx

Can we use it for SharePoint 2010?

Yes! It works well for SharePoint 2010. However, you would need to ensure that .NET 4.5.1 is installed on the server you run ULS Viewer on. With SharePoint 2010, .NET 3.5 is used and you might not find .NET 4.5.1 on your SharePoint 2010 servers.

Download Microsoft .NET Framework 4.5.1 (Offline Installer) here: http://www.microsoft.com/en-au/download/details.aspx?id=40779

I have tested it successfully on Windows Server 2012, Windows Server 2012 R2 and Windows Server 2008 R2.


Latest Cumulative updates, Service packs and hotfixes for SharePoint & SQL

Cumulative updates, service packs and hotfixes should be an important part of any on-premises SharePoint Admin’s life. They not only fix up a lot of bugs in the product but also contain important security fixes!

So the advice is to apply service packs when they arrive, well I suggest waiting it out a few weeks and look up the known issues before you apply it in your PROD environment. You should always apply any updates to a non-production environment first with similar content and code to simulate the same process in PROD.

While Cumulative Updates are to be applied specifically when you have an issue fixed by it, I recommend you keep a close eye on the security fixes that come with Cumulative Updates and then decide accordingly.

Again, don’t rush to apply a Cumulative Update just for the sake of it. Many Cumulative Updates have had serious issues in the past and there’s no easy rollback!

So how do you keep up with whats the latest Cumulative updates, Service packs and hotfixes for SharePoint & SQL?

No need to google any more if you bookmark these “Update Centers” from Microsoft. They provide an easy way to look at whats the current version of Service Pack and Cumulative Update and hotfixes for SharePoint, SQL and related products.

Update center for Office, Office servers, and related products
This includes SharePoint Server, Office Web Apps and Project Server

Link: http://technet.microsoft.com/en-US/office/ee748587.aspx
(This Update Center has an RSS Feed too, so you can subscribe to it).

 

Update Center for Microsoft SQL Server
Link: http://technet.microsoft.com/en-us/sqlserver/ff803383.aspx

 

Updates for App Fabric 1.1
There is no “Update Center for AppFabric”. I recommend a search in the Microsoft Support site for “Cumulative Update Microsoft AppFabric 1.1”

Link: https://support.microsoft.com/en-us/search?query=Cumulative%20Update%20Microsoft%20AppFabric%201.1&p=

 

 


IISRESET across SharePoint farm servers

Here is something I use when I want to perform an IISRESETacross an entire SharePoint farm. Its useful if you have a large SharePoint farm.
Oh – yea, this will take down your farm while the IISRESET is restarting the services, so its best to test this on a non production environment first. Ensure you have an outage/agreed maintenance window to perform this task on a production farm.

All you got to do is spin up PowerShell on any SharePoint server in the farm and run this:

Write-Host -ForegroundColor Blue “IIS will  be reset across the entire farm”
Add-PSSnapin Microsoft.SharePoint.PowerShell -erroraction SilentlyContinue
[array]$servers= Get-SPServer | ? {$_.Role -eq “Application”}
$farm = Get-SPFarm
foreach ($server in $servers)
{
     Write-Host -ForegroundColor Yellow “Attempting to reset IIS for $server”
        iisreset $server /noforce “\\”$_.Address
        iisreset $server /status “\\”$_.Address
        Write-Host
        Write-Host -ForegroundColor Green “IIS has been reset for $server”
        Write-Host
}
Write-Host -ForegroundColor Green “IIS has been reset across the SharePoint Farm”
Start-Sleep -Seconds 5
Write-host

 

Reference: http://wellytonian.com/2012/04/iis-reset-your-whole-sharepoint-farm/


Retrieve / Decrypt lost password from Application Pools in IIS SharePoint

If you don’t have access to your organisations password safe or if you or your team mate has forgotten to add a password to a certain service account used in SharePoint, it is possible to retrieve the password from IIS!

There is a way to find out the application pool identity password via command line thanks to the inetsrv appcmd! :)

Open IIS and take note of the application pool name that runs the application pool identity with the password you want to retrieve.
In my example it is “SharePoint – intranet80”, so please replace this as appropriate to your environment.
Keep in mind – this works for any IIS application pool – SharePoint web app, SharePoint service applications or non SharePoint IIS / .NET sites application pools!

Open a command prompt and run this:

&$env:windir\system32\inetsrv\appcmd.exe list apppool "SharePoint - intranet80" /text:ProcessModel.Password

 
Thanks:
http://joelblogs.co.uk/2012/09/22/recovering-passwords-for-sharepoint-2010-farm-web-application-and-service-application-accounts/


Clear SharePoint cache

It may be necessary to clear the SharePoint cache, depending on the circumstance and symptoms such as unexpected results with timer jobs may occur.

Clearing the SharePoint cache can be summaried by the following 4 steps:

1. Stop the Timer service on all servers in the farm

2. Backup the Cache.ini file on all servers in the farm

3. Delete XML files on all servers in the farm

4. Start the Timer service on all servers in the farm

Continue reading


Configure IP forwarding for NLB PowerShell

There are advantages of having two Network Interface Cards – NICs on webservers – specially with SharePoint, since I work with SharePoint most of the time (some other open source products too!).

When configuring ‘Unicast’ NLB mode, Unicast takes over the NIC, thats why we used to create two NICs and set up IP forwarding so that requests that arrive on one NIC (Public) are sent to the other NIC (Private) connected to the other servers in the domain.

Here are the steps I follow to configure NLB and IP forwarding between the two NICs (multi-homed computer for the experienced). 😉

1. I usually rename the first NIC as “Private”.

2. Add a new NIC and call it “Public”.
Configure an IP address and Subnet mask. Do not configure a default gateway on the Public NIC.

3. Configure the Windows NLB cluster.
In Windows Server 2012, to add the NLB feature:
Add-WindowsFeature -Name NLB
Add-WindowsFeature -Name RSAT-NLB
Configure the Windows NLB cluster (google up for more info)

4. Configure IPv4 forwarding via PowerShell:
Set-NetIPInterface -InterfaceAlias Public -AddressFamily IPv4 -Forwarding Enabled

5. Point your DNS A record to the IP of the ‘Public’ NIC.