Me too when applying it to 1709.
Take care, Anthony Meluso Network and Computer System Administrator Passaic Valley Regional High School 100 East Main St. Little Falls, NJ 07424 973-890-2500 x2501 http://www.pvhs.k12.nj.us On Tue, Jan 9, 2018 at 1:13 PM, Brian Illner <[email protected]> wrote: > No errors in the offlineservicing log when I applied that update to a > vanilla 1607 wim from the MS source media. > > > > > > > > *BRIAN* *ILLNER |* Canal Insurance Company > 864.250.9227 <(864)%20250-9227> > 864.679.2537 <(864)%20679-2537> Fax > > > > > Visit canalinsurance.com for news and information. > > > <https://www.linkedin.com/company/canal-insurance-company> > > *WARNING*: *As the information in this transmittal (including > attachments, if any) may contain confidential, proprietary, or business > trade secret information, it should only be reviewed by those who are the > intended recipients. Unless you are an intended recipient, any review, > use, disclosure, distribution or copying of this transmittal (or any > attachments) is strictly prohibited. If you have received this > transmittal in error, please notify me immediately by reply email and > destroy all copies of the transmittal. While Canal believes this > transmittal to be free of virus or other defect, it is the responsibility > of the recipient to ensure that it is virus free and no responsibility is > accepted by Canal (or its subsidiaries and affiliates) for any loss or > damage arising therefrom.* > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Adam Juelich > *Sent:* Tuesday, January 9, 2018 10:42 AM > > *To:* [email protected] > *Subject:* Re: [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > This is a good question, Brian. > > > > Let us know how it goes. > > > > On Tue, Jan 9, 2018 at 8:11 AM, Brian Illner <[email protected]> > wrote: > > Thanks Rod > > > > This is outside of any AV considerations. We install our AV during an OSD > task sequence instead of including it on the reference images. > > > > I’m trying to find out if MS has (temporarily?) broken a basic feature of > CM and MDT without manual administrator intervention because of this. > > > > Going to fire up the test environment shortly to see what happens there. > > > > *BRIAN* *ILLNER |* Canal Insurance Company > 864.250.9227 <(864)%20250-9227> > 864.679.2537 <(864)%20679-2537> Fax > > > > > Visit canalinsurance.com for news and information. > > > <https://www.linkedin.com/company/canal-insurance-company> > > *WARNING*: *As the information in this transmittal (including > attachments, if any) may contain confidential, proprietary, or business > trade secret information, it should only be reviewed by those who are the > intended recipients. Unless you are an intended recipient, any review, > use, disclosure, distribution or copying of this transmittal (or any > attachments) is strictly prohibited. If you have received this > transmittal in error, please notify me immediately by reply email and > destroy all copies of the transmittal. While Canal believes this > transmittal to be free of virus or other defect, it is the responsibility > of the recipient to ensure that it is virus free and no responsibility is > accepted by Canal (or its subsidiaries and affiliates) for any loss or > damage arising therefrom.* > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Rod Trent > *Sent:* Tuesday, January 9, 2018 8:23 AM > *To:* [email protected] > *Subject:* RE: [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > Setting that registry works in some situations – but not all. > > > > There’s a master list of supported AV software: > > > > http://myitforum.com/myitforumwp/2018/01/09/the-master-list-of-antivirus- > compatibility-with-microsofts-meltdownspectre-patches/ > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com <[email protected]>] *On Behalf Of *Brian > Illner > *Sent:* Tuesday, January 9, 2018 8:13 AM > *To:* [email protected] > *Subject:* RE: [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > Aaron – If setting that registry key is now mandatory for the time being > for the security updates to install, how does that affect OS offline > updates servicing in MDT and CM? Broken I assume without manually editing > the WIM first for the key? > > > > https://support.microsoft.com/en-us/help/4072699/january-3- > 2018-windows-security-updates-and-antivirus-software > > > > > > > > *BRIAN* *ILLNER |* Canal Insurance Company > 864.250.9227 <(864)%20250-9227> > 864.679.2537 <(864)%20679-2537> Fax > > > > > Visit canalinsurance.com for news and information. > > > <https://www.linkedin.com/company/canal-insurance-company> > > *WARNING*: *As the information in this transmittal (including > attachments, if any) may contain confidential, proprietary, or business > trade secret information, it should only be reviewed by those who are the > intended recipients. Unless you are an intended recipient, any review, > use, disclosure, distribution or copying of this transmittal (or any > attachments) is strictly prohibited. If you have received this > transmittal in error, please notify me immediately by reply email and > destroy all copies of the transmittal. While Canal believes this > transmittal to be free of virus or other defect, it is the responsibility > of the recipient to ensure that it is virus free and no responsibility is > accepted by Canal (or its subsidiaries and affiliates) for any loss or > damage arising therefrom.* > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com <[email protected]>] *On Behalf Of *Aaron > Czechowski > *Sent:* Monday, January 8, 2018 8:40 PM > *To:* [email protected] > *Subject:* RE: [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > We just published a blog post with a piece on SQL (in Config Manager > infrastructure section): https://blogs.technet.microsoft.com/ > configurationmgr/2018/01/08/additional-guidance-to-mitigate-speculative- > execution-side-channel-vulnerabilities/ > > > > Let me know if you have any further questions/comments. > > > > Aaron > > > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com <[email protected]>] *On Behalf Of *Sherry > Kissinger > *Sent:* Monday, 8 January, 2018 11:52 > *To:* [email protected] > *Subject:* Re: [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > Have you read through this yet: https://support.microsoft.com/ > en-us/help/4073225/guidance-for-sql-server > <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4073225%2Fguidance-for-sql-server&data=02%7C01%7Caaron.czechowski%40microsoft.com%7C068f54ea2032472e831b08d556d2286e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636510383014781575&sdata=DTXKrzyNfoaNdIUhdBwRX5CYT%2BwDHVL5ME5639aRCU4%3D&reserved=0> > ? > > Keeping in mind that's the SQL recommendation, and there isn't (as far as > I know), specific guidance from the ConfigMgr team regarding the SQL > instances used for ConfigMgr. > > > > My (probably incorrect) take on it...It doesn't matter WHAT version of SQL > 16 you have. the first SQL 16 version which addresses the vulnerability is > CU7 for SP1. So if you are at SQL 16 SP1 No CU, you would want to apply > CU7--if your scenario fits one of the scenarios outlined in the guidance, > AND you don't care about what the ConfigMgr team has-yet-to-publish for > guidance so that you do not break your ConfigMgr SQL instance from working > correctly. If you are still using SQL 16 no SP, you'd update to SP1, and > apply CU7. That's my likely INCORRECT interpretation. But that's why I'm > just waiting for more info, and not trying to guess anything. > > > > I personally plan on just "wait for more info" regarding ConfigMgr SQL > information, from the ConfigMgr Team. > > > > On Mon, Jan 8, 2018 at 12:39 PM, Brian Illner <[email protected]> > wrote: > > Could someone explain the SQL updates please? > > > > There’s SQL 2016 SP1 CU7 and SQL 2016 SP1 GDR > > > > I get that we download the Security Update for CU7 if we have that > particular cumulative update installed, but what if its CU4 or CU5? > > > > Do we use the GDR update? Or is that only for SQL 2016 SP1 that have had > NO CU applied at all? > > > > *BRIAN* *ILLNER |* Canal Insurance Company > 864.250.9227 <(864)%20250-9227> > 864.679.2537 <(864)%20679-2537> Fax > > > *Error! Filename not specified.* > > Visit canalinsurance.com > <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcanalinsurance.com&data=02%7C01%7Caaron.czechowski%40microsoft.com%7C068f54ea2032472e831b08d556d2286e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636510383014781575&sdata=wI5JflSNZ%2BxEX9NqpO8L0oRgXWm6YWdsU2wehw2cMxA%3D&reserved=0> > for > news and information. > > > *Error! Filename not specified.* > <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fcanal-insurance-company&data=02%7C01%7Caaron.czechowski%40microsoft.com%7C068f54ea2032472e831b08d556d2286e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636510383014781575&sdata=HyGDLs9ozqKHJETcomBo0Insu6yH83Af3AZkyXt05gc%3D&reserved=0> > > *WARNING*: *As the information in this transmittal (including > attachments, if any) may contain confidential, proprietary, or business > trade secret information, it should only be reviewed by those who are the > intended recipients. Unless you are an intended recipient, any review, > use, disclosure, distribution or copying of this transmittal (or any > attachments) is strictly prohibited. If you have received this > transmittal in error, please notify me immediately by reply email and > destroy all copies of the transmittal. While Canal believes this > transmittal to be free of virus or other defect, it is the responsibility > of the recipient to ensure that it is virus free and no responsibility is > accepted by Canal (or its subsidiaries and affiliates) for any loss or > damage arising therefrom.* > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Sherry Kissinger > *Sent:* Monday, January 8, 2018 10:46 AM > *To:* [email protected] > *Subject:* Re: [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > Based on how I 'interpreted' that tweet, it was specific regarding the SQL > patch. In my case, the one I would care about is SQL 16 SP1, the CU7 > (Cumulative Update 7). ConfigMgr requires "CLR" to be enabled in order to > function. Additionally, the majority of environments except for a super > small ones where they might only have ONE server with all roles--almost > everyone has at least a MP, DP, or SUP role server elsewhere. Depending on > the configuration of those other servers, they likely leverage a SQL > 'thing' called Linked Servers. CU7 also modifies Linked server > configuration. > > > > So just wait on deploying CU7 until further information is available. If > you haven't yet gone to SQL 16 SP1 CU6, my understanding is that version is > supported/acceptable to SCCM--but it obviously doesn't address the > Spectre/Meltdown stuff. > > > > On Mon, Jan 8, 2018 at 8:25 AM, John Aubrey <[email protected]> > wrote: > > I *THINK*, there is a SQL patch as well as the Window patches. I applied > the Windows patch had SCCM is still working. I think the SQL patch is the > one that causes issues. > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Mike Murray > *Sent:* Friday, January 5, 2018 7:16 PM > *To:* [email protected] > *Subject:* [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > Could someone expand on this? > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com <[email protected]>] *On Behalf Of *Richard > Poole > *Sent:* Friday, January 5, 2018 12:59 PM > *To:* [email protected] > *Subject:* [mssms] RE: Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > > > Thank you, > > Richard Poole > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com <[email protected]>] *On Behalf Of *Mike Murray > *Sent:* Friday, January 5, 2018 11:55 AM > *To:* [email protected] > *Subject:* [mssms] Spectre/Meltdown patch breaks ConfigMgr/SQL? > > > > Anyone have issues with this? > > > > https://twitter.com/djammmer/status/949122372384141312 > <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fdjammmer%2Fstatus%2F949122372384141312&data=02%7C01%7Caaron.czechowski%40microsoft.com%7C068f54ea2032472e831b08d556d2286e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636510383014781575&sdata=pp6R%2FV%2FK6wM2HDY%2B%2F1HkwDl552psjZiVx3cOZiqiszA%3D&reserved=0> > > > > Mike > > > > > > NOTICE: This message contains confidential information and is intended > only for the individual named. If you are not the named addressee, you > should not disseminate, distribute or copy this email. Please notify the > sender immediately by email if you have received this email by mistake and > delete this email from your system. Email transmission cannot be guaranteed > to be secure or error-free, as information could be intercepted, corrupted, > lost, destroyed, arrive late or incomplete, or contain viruses. The sender, > therefore, does not accept liability for any errors or omissions in the > contents of this message. This email neither constitutes an agreement to > conduct transactions by electronic means nor creates any legally binding > contract or enforceable obligation in the absence of a fully signed written > contract. > > > > > > > > > > > -- > > Thank you, > > Sherry Kissinger > > > My Parameters: Standardize. Simplify. Automate > Blog: http://mnscug.org/blogs/sherry-kissinger > <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmnscug.org%2Fblogs%2Fsherry-kissinger&data=02%7C01%7Caaron.czechowski%40microsoft.com%7C068f54ea2032472e831b08d556d2286e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636510383014781575&sdata=Bu4QDF%2FMutBXUfgPD6xAMQWxgrPMy2w8fTyY1cnIlBM%3D&reserved=0> > > > > > > > > > -- > > Thank you, > > Sherry Kissinger > > > My Parameters: Standardize. Simplify. Automate > Blog: http://mnscug.org/blogs/sherry-kissinger > <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmnscug.org%2Fblogs%2Fsherry-kissinger&data=02%7C01%7Caaron.czechowski%40microsoft.com%7C068f54ea2032472e831b08d556d2286e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636510383014781575&sdata=Bu4QDF%2FMutBXUfgPD6xAMQWxgrPMy2w8fTyY1cnIlBM%3D&reserved=0> > > > > > > > > > > > > > > > >
