Monday, March 26, 2018

Microsoft Defender - out of the darkness into the light

Often customers ask me for advice in regards of Antivirus. The next I explain in general is the difference between user-mode and kernel-mode. To make a long story short. Antivirus solutions use in general kernel-mode filter drivers. When you do there a mistake then you will see a bluescreen. Internal studies for reasons of bluescreens reveal 70% bugs in filter drivers from 3rd parties.

There are some AV vendors out there with a very poor code quality in filter drivers. I will not blame here specific vendors. The users of these vendors often raise complaints to me about them. Unfortunately these vendors have extra ordinary enterprise management capabilities. So you see pros and cons.

On the other side I hear often the "old" stories about Microsoft Windows Defender in terms of AV scanning results. Its absolutely true that these results were in the past - before June 2015 - very bad (specifically the tests from independent (how independent they are in reality I can neither proof nor deny!)). 

MS did a complete rewrite of the code and structure they are using. Combining with new technologies like block on first sight, machine learning and many more. This brought up a very good AV solution right now.

In the past I used for example AVIRA for my personal computer. But now I can state there is no other paid AV solution necessary for me. I started also in trusting Microsoft Windows Defender and its companion SystemCenter Endpoint Protection (actually the same engine. Only the management plugin makes the defender enterprise ready.)

To get the full story also checkout this blog entry from Brad Anderson.

Monday, March 19, 2018

Revised Windows 7 Skylake support by Hardware Vendors

Recently customers pressured us to accelerate Windows10 projects as they are loosing Windows 7 Skylake supported devices. And there are good news but as still it depends.

1. Windows 7 support is only given until Skylake (Intel 6th Generation). If you want to go with newer processors then you have to speed up with your Windows 10 migration.

2. If you are willing to stay with Skylake then you will receive Windows Support until January 2020.

"New Skylake devices on the supported list will also be supported with all applicable security updates for Windows 7 and Windows 8.1 through the end of support dates. During the support period, these systems should be upgraded to Windows 10 to continue receiving support after the period ends. Be aware that all support for Windows 7 ends on January 14, 2020 for all devices and support will end for Windows 8.1 on January 10, 2023."
According to: FAQ: What is the support policy for Windows 7/8.1 devices with Intel’s sixth generation of processors (also known as Skylake) that was released in late 2015?

3. Many of the hardware vendors extended the availability of certain Skylake systems until end of 2019. Also here its a decision of the hardware vendor how long they will support.


This slide is from the Dell Client Solutions Roadshow 2018. I recommend to attend this roadshow for more information's. And/or contact your Dell representative! 

HP, Lenovo and others are extending as well. For more Information's visit

Friday, March 2, 2018

SCCM automated driver management

Its always a pain to handle driver updates with each new release of Windows 10. The most simplest way to fix this is simply use Microsoft Surface products. Drivers and Bios Updates are deployed simply through Windows Update and all major headaches are gone. :-)

But unfortunately the world is not that simply. And as always there is a solution too.

Simply use the Driver Automation Tool

Thanks to Maurice Daly (MVP)

The Driver Automation Tool is a GUI developed in PowerShell which provides full automation of BIOS and driver downloads, extraction, packaging and distribution with Dell, HP, Lenovo & Microsoft client hardware.
The intuitive GUI provides you with a full list of models from the supported manufacturer, allowing you to select one or many models, it also will detect Dell and Lenovo models matched against the WMI models known to ConfigMgr.

How Does It Work?
When the tool is opened, you have the option to select your manufacturer and OS of choice. When you click on the Find Models button, the tool initiates a download of XML content from the selected manufacturer, reads in the XML and displays a full list of models for selection. Clicking on the Add to Import List adds each of these models for processing and once you click on the Start Download and Import Process button the tool starts the full process to automatically download and package the content.

MDT Support
Although primarily designed for use with ConfigMgr, the tool also supports MDT. Here you will find the ability to select your deployment shares as well as dynamic creation of folder hierarchies based on total control naming methods

  • Site server selection
  • Automatic site code discovery
  • Distribution point and distribution point group selection
  • Binary differential replication
  • Distribution priority
  • Clean up of unused drivers
  • Removal of superseded driver packages
  • Removal of source download packages
  • Driver & BIOS piloting
  • Driver & BIOS deployment state management (production, pilot, retired)
  • Auto or manual selection of the MDT PS module
  • Deployment share listing
  • Folder structure naming
FEATURES: Settings
All settings are saved into an XML file open close, and read back into the tool upon launch.