WSUS and the auto approve problem

If you automatically approve security updates in WSUS you will find that both the security and security/nonsecurity bundles will be deemed applicable and will want to install.  To decline one or the other do the following:

Download from here and in the example below, Daniel is declining the security monthly bundle

Connect-PoshWSUSServer -WsusServer YourServer -port 8530
Get-PoshWSUSUpdate -Update “Security Monthly Quality Rollup” | Deny-PoshWSUSUpdate

Hat tip and major thank you and kudos to Daniel on the list serve:

At ITDev Connections

And tomorrow will be the big change in Microsoft updating.

In the meantime I’m making sure I’m all set for my Session on Windows 10 updating as well as patching the Internet of things.

If you are here in Vegas, stop by and say Hi!

Yo, Quickbooks, SBS 2011 *is* Server 2008 R2

So have you spotted this yet?  Quickbooks 2017 throws off an error obviously pulling bad OS string data from something.  Let see if we can get some attention to this and get this fixed.

As … you know Intuit?  SBS 2011 is based on Server 2008 r2.  There is no such thing as Server 2011.

Updated:  Manually install  .net 4.6.2  .  Now install the QB running as compat wizard.  Pick XP sp2 (don’t ask just try it).  Got a report that this worked.

RWW and SBS 2008

I got it working as a workaround by replacing the mstscax.dll (Version 10.0.14393.0) in %windir%\SysWOW64\ with the “backup file” in “Windows.old\WINDOWS\SysWOW64” version (10.0.10586.494)

I had to take ownership of the file and give Administrators Full control access to be able to replace the file.

Hope this helps someone out.

Be aware this is an extremely temporary fix.  The next feature release will replace that dll for sure.  If there is a security update to RDP, this will also replace the dll.  So be prepared for it to not stick.

I’m still trying to work with the Essentials team to get this understood to see what our long term options are.

How fast does ransomware run?

Spotted this online….

Starting at execution, here are the times it took for the following ransomware samples to encrypt the files and notify me with a ransom screen:


  • Chimera: 18 seconds
  • Petya: 27 seconds
  • TeslaCrypt 4.0: 28 seconds
  • CTB-Locker: 45 seconds
  • TeslaCrypt 3.0: 45 seconds
  • Virlock: 3 minutes 21 seconds
  • CryptoWall: 16 minutes

Want to see ransomware in action?

This is an analysis of an email that I got….

Check it out here:

Or a shorter link to it is here:

Packing the geek stuff

Getting ready to get on a plane tomorrow for Atlanta.  Philip Elder is heading there as well and I’m looking forward to getting his SMB and cluster views first hand.

By the way have you seen the upcoming SMB virtual sessions with the new technology heading our way?

SMB Tech Jumpstart: Hybrid Identity:

Date: Oct 03, 2016  |  Time: 10:00 AM – 11:00 AM  |  Location: Skype Meeting

SMB Tech Jumpstart: Hybrid Identity

Are you interested in EMS and Azure, but you aren’t sure where to start? Do you feel like you don’t quite know the technologies you’re selling? Maybe you just don’t know where to begin to understand all of the Microsoft tools?


Our new SMB JumpStart: Hybrid Identity program kicks off on October 3rd, and you won’t want to miss this great opportunity designed to help your team comprehend, adopt, and deploy Microsoft Technologies to expand your business opportunities.

This four-week program includes weekly webinars focused on a new aspect of the chosen technology, as well as hands-on independent learning assignments and Office Hours sessions, to help insure engagement and individual comprehension. If you have additional questions, there will be a members-only Yammer group where you can consult technical experts. At the end of the series, you will be your company’s Identity technical champion, ready to identify, pitch, and implement new customer services.

Benefits to you:

In this 4-week program on Hybrid Identity, you’ll receive step-by-step guidance and resources each week on the following topics:

  • Choosing a Champion and Activating Your Internal Use Rights
  • Connecting your On Premises Active Directory with Office 365 and Azure
  • Using Multi-Factor Authentication and Single Sign-on for other Software as a Service solutions
  • Custom Portal Branding, Password Writeback, and other enhanced Azure Active Directory Premium benefits

Who should participate: This program is best-suited for companies who are ready to commit to starting a EMS or Azure practice today. We recommend your company’s Office 365 technical lead attend the sessions.


Ready to get started?

The program kicks off on Monday, October 3rd.

Register for the program and you will receive access to the webinars, private Yammer group, and resources webpage.


Webinar (10-11am PST) Office Hours (10-11am PST)
October 3 October 7
October 10 October 14
October 17 October 21
October 24 October 28

Come and talk with me about Ransomware

I’ll be in two locations in September and October talking about Ransomware

The first is at Microsoft’s Ignite –

The second is a birds of a feather session on Ransomware at ITDEV connections in Las Vegas.

Ignite is sold out and ITDEV is almost sold out… so hurry fast

A new updating model

Further simplifying servicing models for Windows 7 and Windows 8.1

Get ready for a big change to how we install updates for Windows 7 and 8.1.  If you receive updates via windows update, your 7 and 8.1 updates are going to a cumulative 10 model.

If you are managing updates with WSUS and/or SCCM you’ll see one security update bundle and one non security update bundle each month.

Just a reminder – if you adding Windows 10

Adding Windows 10 to SBS 2008

Adding Windows 10 to SBS 2011

Adding Windows 10 to SBS 2011 Essentials

Adding Windows 10 to Windows Server 2012 Essentials

Adding Windows 10 to Windows Server 2012 R2 Essentials

There are some edits you need to make to get all of this to work.