This tactic can be used to lure users to a suspicious site and be prompted to hit their F1 key ... some cases if the dialog is ignored the site will continue to prompt until they either kill their IE session or log off completely.

Microsoft urges users to not hit F1 if presented to do so by any website.  They also provide further workarounds in their security advisory article:

http://www.microsoft.com/technet/security/advisory/981169.mspx

Keep in mind this exploit does not affect Windows Vista, 7, or Server 2008.

Always practice safe web browsing.

No thank you Facebook!  In this post I’ll walk through making your profile a bit more private and even a little more secure from new people you friend.  I mean, you don’t give a random person you just met at school, work, or on the street your phone number, address, birthday, favorite whatever!  Why should new friends on Facebook be any different?

First things first, let’s make sure your Facebook profile isn’t searchable publically … for example if someone Google’s your name they would find your Facebook profile come up as a search result.

Welcome to my situation :)  If we lose an IIS server we would have to move all the sites that box was hosting to another and then update the CNAME's target fully qualified domain name field.

Found a bunch of great stuff online on how to modify a single record ... that's great for updating maybe a handful, not if it's over 100+ records and I'm not about to do that manually via MMC console!  So I need to get a little creative and here's what I came up with.

$CNAMES = import-csv "Path to CSV file"
$Query = "Select * from MicrosoftDNS_CNAMEType"
Foreach($CNAME in $CNAMES)
{
$CNAME
$Record = Get-WmiObject -Namespace "root\microsoftdns" -Query $Query -ComputerName dnsserver | Where-Object{$_.Ownername -match $CNAME.Aliases}
$Record.RecordData = "FQDN of new IIS server"
$Record.put()
}

The script can be modified to update any kind of DNS record, so it's not locked into just updated CNAME's.

I pretty much have a bunch of CSV files that contain a single colmn called Aliases, these CSV files hold all the CNAME aliases for all our sites.  As you can see in the first line of the script I pretty much delcare $CNAMES to import in all the data from the CSV file to be used later in the script.  I then declare what kind of DNS record I'm looking for as $Query.

In order to apply the change to each row in the CSV file I needed to place the PowerShell command that will be making the change in a Foreach statement, hence the Foreach($CNAME in $CNAMES).  The next few lines are pretty much the meat and potatoes of the script and is pretty self explanitory and accurate with what you might find searching the web.

Now with the $Record.RecordData = "FQDN of new IIS server" can easily be changed to allow the person running the script to enter what FQDN to change to manually.  By simply changing that line to $Record.RecordData = Read-Host "Enter the new Target Host FQDN", the Read-Host cmdlet asks for user input on the console allowing the user to type whatever he/she wants ... what is typed in the console the script will use to modify the CNAME with.

Of course this script is available for you to use in anyway shape of form ... but I do not take responsibility if something goes wrong.  As any administrator will tell you, test first and test again.  Any script examples I post is 'use at your own risk'.  Look at what the script is doing rather than copy, paste, and execute.  Don't know what a certain parameter or commandlet does - Google search :)  Thanks.

Help make your job a little easier with PowerShell and ActiveRoles Management Shell for Active Directory!

http://www.quest.com/powershell/activeroles-server.aspx

Many of the Active Directory related scripts I post on this site uses Quest Software's cmdlets ... it's truly miles ahead of having to do tasks within ADUC or through the clunky command prompt tools of the past :)

They just recently updated to version 1.3 that added a bunch of cmdlets like:

• new-qadcomputer
• set-qadcomputer
• disable-qadcomputer
• enable-qadcomputer
• reset-qadcomputer

These new cmdlets greatly helped reduce my workload, scripts I'll be sharing with my visitors in the near future!

Give it a look!

You can find the details of this vulnerability from the following Microsoft Security Advisory:
http://www.microsoft.com/technet/security/advisory/979352.mspx 

Microsoft annouced they will release an out of cycle update for this Vulnerability, that should be released today.

There is a workaround that you can apply to your system to help protect yourself.  In the above link they mention setting the Internet zone security setting to high will protect users from this attack.  You can find this setting in Internet Options, and click on the Security tab.

This one is pretty serious ... reports link this vulnerability being used in the china-based attack on Google's Gmail service last week.

http://www.us-cert.gov/cas/alerts/SA10-012B.html

The vulnerabilities that were found, and are addressed in the US-CERT security alert was a vulnerability in the Embedded Open Type font engine.  The other was multiple vulnerabilities in Adobe Flash Play 6 that is included in Windows XP by default.

US-CERT recommends all users installed the latest Windows Updates available from Microsoft and upgrade (or remove) Flash Player.

So please go do your Windows Updates and keep your computer safe!

All you need to do is provide a domain controller, check the information you would like the tool to look for and then just hit the Discover button.  The tool will query your AD/DNS environment and provide you with a status, which you can then click Draw! and all the information will be drawn to a Visio document.

I’ve used this tool against Windows 2000, 2003, and 2008 Active Directory installations; it also seemed to work well discovering Exchange 2003 and 2007 organizations.