Apr
18
2014

Security Hot Fix Now Available for Dell KACE K3000 OpenSSL Vulnerability

The Dell KACE family of appliances includes the K1000 Systems Management Appliance, the K2000 Systems Deployment Appliance and the Dell KACE K3000 Mobile Device Management Appliance. While all three appliances utilize OpenSSL, only the K3000 utilizes a version of OpenSSL that is vulnerable to the Heartbleed vulnerability detailed at http://www.us-cert.gov/ncas/alerts/TA14-098A. The Heartbleed vulnerability affects all versions of the K3000. The Heartbleed vulnerability doesnot affect any version of the K1000 or K2000 appliances.

Dell KACE has released a security hot fix for the K3000 (applies to minimum version 1.1.98240) that can be downloaded here to remediate this vulnerability.

For customers on earlier versions, you will need to upgrade to v1.1.98240 prior to applying the security fix.  K3000 downloads can be accessed here:  https://www.kace.com/support/my/downloads

The hotfix can also be found in the following Knowledge Base article:

122931 –  Security Hot Fix Available for Dell KACE K3000: Dell KACE Response to Heartbleed OpenSSL Vulnerability

Information on Dell KACE hotfixes can be found at: http://www.kace.com/support/resources/kb/SearchKB

Posted in Featured, New Posts, Tech Talk | Tagged , , | Leave a comment
Apr
18
2014

K1000 Vulnerability Hotfix

Dell acknowledges the vulnerabilities detailed at http://www.itwire.com/opinion-and-analysis/the-linux-distillery/63397-new-security-exploit-found-in-dell-kace-k1000-appliance. Hotfixes have been posted for both K1000 v5.5 as well as K1000 v5.4 SP1. Please carefully read the information and related articles at http://www.kace.com/support/resources/kb/solutiondetail?sol=SOL121792

Customers on versions prior to K1000 v5.5.90548 or K1000 v5.4.76848 (5.4 SP1) should upgrade to current server/agent versions immediately and apply the hotfix. Until customers upgrade and patch their appliances, Dell recommends that all customers with KACE K1000 appliances that are exposed to the Internet should shut down all inbound ports and ensure that the  K1000 is not accessible from the Internet. Customers should also shut down all outbound ports from the K1000 except for ports 80 and 443.

The new consolidated hotfix for K1000 5.5 is now available.  This hotfix is a rollup of all the previous hot fixes for v5.5.

NOTE:  THIS VERSION HAS AN UPGRADE PATH FOR ALL VERSIONS OF 5.5.  KACE RECOMMENDS ALL CUSTOMERS UPGRADE TO THIS VERSION: K1 5.5.90548

  • The 5.5 hot fix can be downloaded here.  Warning: The hotfix will reboot the K1000
  •  This hot fix includes:

    • Everything from the previously shipped 5.5 consolidated patching hot fix.
    • Everything from the previously shipped 5.5 consolidated performance hot fix.
    • The previously shipped 5.5 security hot fix.
    • Additional security fixes
    • Fix to the backup procedure during db backups.
Posted in Featured, New Posts, Tech Talk | Tagged , , | Leave a comment
Apr
17
2014

The New Windows Security – Achieving PC Lockdown without User Backlash in Five Easy Steps

Remember the good old days, when an anti-malware solution was “good enough” PC security? Life was easier back then. IT problems were simpler, and PCs seemed easier to maintain: Grant administrator privileges to a troublesome user, and his or her issues just melted away. Those days are over now. Managing that same network in today’s world requires greater effort and smarter solutions. Throwing administrator privileges at a user issue is no longer the everyday practice; it’s a resume-producing event. Today’s Windows security requires locking down PCs and their installed applications in new and unexpected places. Unapproved apps must be blocked from execution, and administrator privileges must be removed—all without impacting users.

Makes you miss the old days, doesn’t it?

Thankfully, new approaches are evolving to meet IT’s new demands. One can’t simply lock down a PC by eliminating administrator rights and blocking applications—not impacting users means treading lightly. You’ll need intelligent tools, a gentle touch and just the rightMonitor with lock displayed on screen amount of communication to achieve modern-day PC lock-down with user satisfaction.

Concerned about how to get there? Consider these five steps as your guide for PC lockdown success:

Step 1: Targeted approval

Step 2: Configuration Lockdown

Step 3: Selective elevation

Step 4: Integrated service desk

Step 5: User self-service

PC lockdown is a balancing act: organizations need to give users the tools and flexibility they need to do their jobs while avoiding the security, compliance and other risks that local administrative rights introduce. Implementing the best practices explored in this white paper requires the right tools. With the K1000 Management Appliance and Desktop Authority Management Suite, enterprises can maximize user productivity while also maintaining centralized control over security policies.

Download The New Windows Security – Achieving PC Lockdown without User Backlash in Five Easy Steps to learn more about these steps that will enable you to ensure that users get the most benefit from today’s information technologies, while also safeguarding the content and configuration of their systems.

Posted in New Posts | Leave a comment
Apr
16
2014

Here’s what’s coming up in KACE Kontinuing Education

KACE Kontinuing Education (KKE) is an ongoing free supplement to JumpStart training. Each week we offer new topics and/or revisit popular ones. Pay close attention to the session time, language, and topics that you’re interested in. The complete list along with registration information, and recordings are always available at www.kace.com/KKESend ideas for topics you’d like added!

Date

Time

Language

Topic

16-Apr 7 AM PST; 10 AM EST; 3 PM GMT English Understanding K1000 Log Files / Troubleshooting Tips
17-Apr 8 AM PST; 11 AM EST; 4 PM GMT English Technician Toolkits
22-Apr 8 AM PST; 11 AM EST; 4 PM GMT English Post Install Tasks…What’s after the OS?
23-Apr 7 AM PST; 10 AM EST; 3 PM GMT English K1000 – Advanced Software Distribution
24-Apr 8 AM PST; 11 AM EST; 4 PM GMT English Open Q&A Forum
29-Apr 7 AM PST; 10 AM EST; 3 PM GMT French Automatiser avec KACE
29-Apr 7 AM PST; 10 AM EST; 3 PM GMT Portuguese K2000 – Migrando para Windows 7 e 8
29-Apr 9 AM PST; 1 PM EST; 5 PM GMT English Patching Week 101: Basics and Beyond
30-Apr 7 AM PST; 10 AM EST; 3 PM GMT English K1000 – Scripting 101
1-May 9 AM PST; 1 PM EST; 5 PM GMT English Patching Week 201: Testing & Automation
6-May 9 AM PST; 1 PM EST; 5 PM GMT English Under the Microscope: K1 Agent
7-May 7 AM PST; 10 AM EST; 3 PM GMT English Getting the most out of the Software Catalog
Posted in Featured, New Posts | Tagged , , | Leave a comment
Apr
10
2014

Dr. K’s Korner – Customer Q&A

Every month we take questions for Dr. K. and answer the best one in front of the world!

Have a question for Dr. K? Send an e-mail to kketeam@kace.com

QuestionDr. K- Is it possible to get instant alerts when software is detected/no longer detected? If so, how?

Answer: Well, not really “instant”, but you can get them pretty quickly. A few terminology things to keep in mind-

  • Alerts=Desktop Messaging; Displayed locally upon agent inventory.
  • E-Mail Alerts=E-mail to specific user about a condition; sent up to every 15 minutes.
  • Scheduled Reports=Highly customizable E-Mail; send up to every hour.

With that in mind, you might choose to use any or all of the options. For example- a good alert might be detecting the presence of unwanted software and displaying a desktop alert to the user reminding them of a policy; supplement that with a script or Managed Install to remove the software title. A good notification or report might be something like this:

SELECT CONCAT(S.DISPLAY_NAME, ' ', S.DISPLAY_VERSION) AS 'Software', A.NAME as 'Computer', AH.TIME as 'Installed' FROM ASSET_HISTORY AH, ASSET A, ASSET_TYPE AST, SOFTWARE S WHERE AST.ASSET_CATEGORY = "Computer" and A.ID = AH.ASSET_ID and DATE(AH.TIME) > DATE(DATE_SUB(NOW(), INTERVAL 24 HOUR)) ORDER BY Installed, Computer

There are many other examples of SQL and similar approaches on ITNinja. One of my favorite examples that shows some good efforts towards filtering out commonly accepted items such as patches is http://www.itninja.com/question/software-changes-history Adjust the interval portion to fit your desired schedule so you don’t get too much overlap. For example if I were running the report daily, I’d set the interval to INTERVAL 2 DAY but if I were getting mail hourly i’d likely set it to INTERVAL 90 MINUTE. Hope that helps!

Thanks for the question – I’ll get you a prize soon for picking your question!
—Dr. K

Posted in New Posts, Tech Talk | Tagged , , , , , | Leave a comment