Tag Archives: security

paloalto Traps doesn’t know about MC Upgrade (yet)

If you are not familiar with Traps, it’s an endpoint protection solution from paloalto:

Traps replaces legacy antivirus and secures endpoints with a multi-method prevention approach that blocks malware and exploits, both known and unknown, before they compromise endpoints such as laptops, desktops and servers.

We are running Traps on different endpoints (Win/Mac) and found a few glitches in the early stage but they were solved rather quickly and so far it’s been running well, without interfering day-to-day processes or performance. That was until we started to roll-out a new FP to the IBM Notes clients on Windows.

To manage and upgrade our Notes clients we use panagenda’s MarvelClient and have been running it successfully for different upgrades. But at one point we received more and more error logs, from the same users, where the upgrade was failing. After some digging, we found the problem. Traps, which is monitoring activity on your endpoint, found the activity caused by MCUpgrade.exe to be suspicious and therefore blocked access to it.

We notified paloalto about this “issue”, which actually is correct behavior since they didn’t know about MCUpgrade, and have whitelisted MCUpgrade in our configuration, including a very explicit path where the exe has to be located. This solved our problem and the IBM Notes client upgrades with MCUpgrade are working again.

updated security bulletins from IBM

Two security bulletins have been updated today, they will give you a reason more to install IF 2 for IBM Notes 9.0.1 Fixpack 5 on Windows.

more details:

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM Notes
Security Bulletin: libpng related security vulnerabilities identified in IBM Notes

small update: installing the IBM Notes 64-bit 9.0.1 IF1 (for Mac) caused some issues.. I was not able to launch IBM Notes anymore, installing the IF1 again would launch an error that “the fix was only for the 64bit client” and therefore would not run. I ran the install for the 9.0.1 64-bit client again which fixed the problem and now the «About IBM Notes» shows:
Release 9.0.1 (64-bit) SHF619

FP/IF nightmare all over again or only a local issue?

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server bundled with IBM Domino 9

In case you are using the IBM HTTP server bundled with an IBM Domino 9 server, you should get the fixes posted today.

From the Security Bulletin:

IBM recommends not using the IBM HTTP Server option and instead using “IBM Domino Interim Fixes to Support TLS 1.2”.
However, for those customers who have a continuing need to use IBM HTTP Server (IHS), the fix linked below will patch Domino 9.0.1 for Windows with IHS patch 8.5.5.7. There is a W32 and a W64 version that should be used based on the 32-bit/64-bit edition of Domino that is installed.

you can find all details about the Security Bulletin here

Download the fix:
901FP4HF517_W32.exe
901FP4HF517_W64.exe

IBM Notes/Domino Security Bulletin: Vulnerabilities in the IBM Java SDK

Fresh from the press: new downloads available for IBM Notes and IBM Domino to fix the Java issues disclosed in the Oracle January 2015 Critical Patch Update.

This Java vulnerabilities affect all current versions of IBM Notes and Domino and if you don’t control some of the Java behaviour on the server or client via restrictions or ECL you should get these Java patches.

Direct links to patches for 9.0.1 FP3:
Windows
JVMPatch_SR16FP3_W32_901.3_ClientServer
JVMPatch_SR16FP3_W64_901.3_Server

Linux
JVMPatch_SR16FP3_Linux64_901.3_Server
JVMPatch_SR16FP3_Linux_901.3_ClientServer

Get more information and direct download links to all the patches here.

BlackBerry Blend

One of the highlights with the BlackBerry OS update 10.3.1 is the availability of BlackBerry Blend.

Basically it gives you the opportunity to access data from your BlackBerry by pairing the device with your computer or tablet.
You then use the BlackBerry Blend app on your computer/tablet to access the BlackBerry Blend Dashboard which gives you access to work as well as personal accounts/data

BlackBerry Blend dashboard

You can read/answer your messages on a bigger screen and use the keyboard to type but the real benefit in my opinion is that you don’t have to configure your work account on your private tablet or transfer files from you device. As BlackBerry puts it “No saving to a cloud, no transferring information between devices. It’s just there.

There are a few settings which are controlled by BES policies so you might have to check with your admin if a feature does now work. Policies for BlackBerry Blend are available in BES 10.2.4 or later.

Find out more about BlackBerry Blend here

a long overdue “thank you”

A bit over a month ago René Winkelmeyer stirred up some dust with his discovery and blog post about the security issue with the new Outlook iOS/Android App. Shortly after his post, his colleague Detlev Pöttgen posted an easy solution to prevent the app from connecting to the Traveler server on his blog.

Because of the big security issue with this app, I’ve sent out an email, (yes, email, get over it) to our customers with the information about René’s discovery, Detlev’s solution and the recommendation to implement it as soon as possible.

The feedback has been very positive. What astonished me was that most customers had not heard about the issue at all.
Many customers replied and were thankful for the information and solution provided and I would like to forward this “thank you” to René and Detlev, great work guys.