Consider the following scenario:

• You have a computer that is running Windows Vista or Windows Server 2008.
• You start the computer from an Internet SCSI (iSCSI) device by using Challenge Handshake Authentication Protocol (CHAP) authentication on a network adapter.
• You configure a second network adapter for an iSCSI start without using CHAP authentication.

In this scenario, when you start your computer, you receive a Stop error message that resembles the following:

*** Fatal System Error: 0×0000000A (parameter 1, parameter 2, parameter 3, parameter 4)
IRQL_NOT_LESS_OR_EQUAL (a)

Notes:

• The four parameters in the Stop error message vary, depending on the configuration of the computer.
• Not all “Stop 0×0000000A” error messages are caused by this problem.

Transmission Control Protocol (TCP) loopback latency and User Datagram Protocol (UDP) latency in Windows Server 2008 or in Windows Vista are longer than TCP loopback latency and UDP latency in Windows Server 2003.

This issue affects applications or services that use TCP loopback or UDP for communication.

If an optional NDIS Lightweight Filter (LWF) driver is installed and the driver is not started, the network will not be available for up to 90-seconds.

Consider the following scenario:

• On a computer that is running Windows Vista or Windows Server 2008, an application uses the SetupVerifyInfFile function to validate an.inf file.
• The function uses the AltPlatformInfo parameter.
• The version of the .inf file is newer than the version of the operating system.
  In this scenario, the validation fails.

For example, assume that you install a Microsoft System Center Configuration Manager (SCCM) 2007 site server. Then, assume that you try to import a Windows 7 driver into an Operating System Deployment (OSD) image. In this scenario, the driver import fails. At the same time, you receive the following error message:

Error: Failed to import the following drivers: <Driver file> The selected driver is not applicable to any supported platforms.

Note: SCCM 2007 uses the SetupVerifyInfFile function to validate the .inf file.

Consider the following scenario:

• You run a Remote Desktop session on a computer that is running Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2.
• The Use Remote Desktop Easy Print printer driver first policy is enabled. This policy redirects the print function to a client printer first.
  Note: By default, the Use Remote Desktop Easy Print printer driver first policy is enabled on a computer that is running Windows 7 or Windows Server 2008 R2.
• The printer on the client computer uses a driver that defines a custom form size.
  Note: A custom form size is a custom paper size.

In this scenario, the client printer may print the printout by using an incorrect paper size.

The PushPrinterConnections.exe utility reads the printer connection settings from Group Policy and then adds the appropriate printer connections to the client computer. However, this utility has only a 64-bit version that is built into Windows Server 2008 x64 Edition. When you try to use this utility and Group Policy to deploy printer connections to a client computer that is running an x86 version of a Windows operating system, the following event log is logged on the client computer:

Event Type: Error Event Source: UserInit Event Category: None Event ID: 1000 Date: <Date> Time: <Time> User: N/A Computer: <Computer Name> Description: Could not execute the following script PushPrinterConnections.exe. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp

This update provides a 32-bit printer driver and the PushPrinterConnections.exe utility for Windows Server 2008.

An update is available for all the Microsoft products that use Active Directory Rights Management Services (AD RMS). This update prevents you from receiving error messages that are related to the application manifest expiry feature of the AD RMS clients.

As a follow up to the Office 2003 Information Rights Management (IRM) update, Microsoft has made additional changes in AD RMS. The application manifest expiry feature of AD RMS is no longer required.

After careful review of the original design of the AD RMS client, Microsoft has determined that the application manifest expiry feature can be completely removed. The application manifest expiry feature was a legacy feature in the original product. This feature allowed for more specific control of the applications that can access AD RMS protected content. The functionality that was provided by this feature is now included in other features that are contained in AD RMS, such as Application Exclusion and Windows Software Restrictions policies. These new features provide a new approach to allow for controlling what applications can run in your enterprise. The new approach puts the control in your hands.

Description: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit these vulnerabilities. The security update addresses these vulnerabilities by correcting the way that SMB validates SMB requests. (more…)

Description: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit these vulnerabilities, an attacker must convince the user to initiate an SMB connection to a malicious SMB server.The security update addresses the vulnerabilities by correcting the manner in which the SMB client validates responses. (more…)

Description: This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.The security update addresses the vulnerabilities by ensuring that the Windows Kernel handles exceptions properly. (more…)