On January 4th, Intel processor vulnerability was published. It is a vulnerability that affects not only Microsoft systems, but also all other systems, including iOS, Android, Linux etc.
I won’t spend the same words as you can read them in many published articles about the vulnerability and how serious it is. I just want to share two links, where is it possible to find tools / patches for Microsoft systems:
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution (PowerShell must be 5.1 or higher)
Some of my customers and friends had a problem: after installing KB4041676, VMs on Server 2016 didn’t boot. The problem is in update – Microsoft releases the update with a mistake and correct this update immediately the same afternoon, but in some cases the old update remained in cache on devices or WSUS servers. To be sure, that you have the right update, check this link and retrieve the right delta update.
What if you are already there and your VM is not booting?
To solve the issue, follow this steps:
- Start the VM from the media (DVD, ISO…)
- At the installation menu, select Repair computer and in Advanced options select Command prompt
- In command prompt, you have to execute this commands:
- reg load hklm\temp c:\windows\system32\config\software
- reg delete “HKLM\temp\Microsoft\Windows\CurrentVersion\Component Based Servicing\SessionsPending” /v Exclusive
- reg unload HKLM\temp
- After correcting the registry, we still need to remove the update with commands:
- Use dism /image:c:\ /get-packages to list all installed packages to check if the package is really installed
- When you find the package, you can uninstall with command: dism /image:c:\ /remove-package /packagename:packageidentity /scratchdir:c:\temp (package identity is an identity reported in output from previous command)
- Reboot the server
Hope it is helpful.
Well as I know many users are trying to find Windows key with some key viewer software. Nothing wrong, but this software is not always “nice” and can do something else than just show you a key. Of course, with Windows 8.1 and Windows 10 you have many times a key in BIOS, so there is no need to search for it.
Anyway, if you feel better when you have a key printed on a piece of paper, you can do that simply with one PowerShell cmdlet:
Get-WmiObject -query ‘select * from SoftwareLicensingService’
This will show you more than only a key. There are a lot of information on licensing, like KMS server, OS version, … In some cases it can be useful.
I recently bought Minix Z83 mini PC and the first think I did was to upgrade it to the latest version of OS. Unfortunately, I received immediately an upgrade error with a code 0xc1900200. This means that UEFI partition on the disk is too small. It should be at least 350MB, but deployed size is 64MB.
Well, no problem, you have just to resize the partition and this is very simple. I use a tool named EaseUS Partition Master, which gave me very good results everywhere. But there was a second disappointment: I was not able to move or resize the partition “Other” with size 16MB and in Minix forums there is no explanation what this partition is used for or if I can delete it.
I did some research what to do with current file system, why we have an additional partition and finding some answers I decided to delete this 16MB partition.
So, my steps to solve the problem were:
- Install and start EaseUS Partition Master
- Resize the system partition (C:) in a way to reduce size for 270MB and apply free space in a front of partition
- Restart the computer (EaseUS needs to restart a computer to apply changes on system partition)
- Start EaesUS Partition Master again
- Delete the partition with the size 16MB
- Resize UEFI partition to 350MB
- Apply all changes (You can see the final situation on the image)
- Close EaseUS Partition Master and restart the computer
- Update Windows with Windows 10 Upgrade Assistant.
This step will guarantee you to upgrade your OS to the latest version and avoid problems in the future. The steps are valid also for other systems and other configurations, but be careful when you have more than only needed partitions. Any additional partition is there for some reason and is better to find why before you remove or resize it.
Many administrators (including me) are not happy with two services in Server 2016. This services are OneSyncSvc (synchronizes mail, contacts, calendar and various other user data) and Download Maps Manager (for application access to downloaded maps) and are really not critical on server OS.
This is the reason why, you can disable them in almost all cases without any deep research. Anyway, when you try to disable OneSyncSvc from services console, you will receive an error, as this service cannot be disabled. At this point, use a trick and disable both services form elevated command prompt using commands:
sc config “OneSyncSvc” start= disabled
sc config “MapsBroker” start= disabled
Of course, before you run this commands, services have to be stopped, otherwise you will receive an error. You can do this also from command prompt:
sc stop “OneSyncSvc”
sc stop “MapsBroker”
This two simple commands will put services into startup type “disabled” and errors in Server Manager that are related to non-running services will disappear. Problem solved.