Apple has recently discontinued support for Quicktime for Windows.  Starting mid April, Apple will no longer be releasing critical security updates for this software.

Unsupported software is vulnerable to outside threats and poses a significant security risk as illustrated by the discovery of two critical vulnerabilities affecting Quicktime for Windows which will not be patched by Apple.

To address these critical vulnerabilities Tier1Net will be proactively uninstalling Quicktime for Windows on all PCs within our clients’ networks in accordance with cybersecurity best practices.

Affected clients have already been notified of this pending action.

To learn more about Apple’s discontinued support for Quicktime for Windows, please click here https://www.us-cert.gov/ncas/alerts/TA16-105A.

If you have any questions, please contact our office at (781)935-8050.

 

After more than two weeks, Apple has finally acknowledged the iOS6.1 bug and is promising a fix in an upcoming software update.

As reported earlier in the week, a critical compatibility error between Apple’s iOS6.1 and Microsoft’s Exchange Server was causing major strain to server’s CPU usage and storage capacity. To mitigate risks to Exchange servers, workarounds were suggested from disabling Calendar sync to blocking Exchange access altogether.

We advised our own clients to refrain from upgrading to iOS6.1 (or 6.1.1.) For those who had already upgraded, we advised to them to temporarily disable Calendar synching on their device, or at the very least, to restrict their mobile calendar use to “read-only” mode.

Apple has just released a Knowledge Base Article acknowledging the bug, and stating that they have “identified a fix and will make it available in an upcoming software update.”

We will let our clients know as soon as this update becomes available.

Attention Apple iOS 6.1 Users:

Within the last week, a potentially critical problem has been detected with the latest version of iOS (6.1) for iphone/ipads with regards to synching to an Exchange server.

Though not officially announced yet, many online reports, including first-hand instances from our own clients, confirm that mobile devices running on iOS 6.1 are creating excessive log files on the Exchange server.  These excessive log files run in a continuous loop and will eventually exceed Exchange server disk space, causing failure on your Exchange server.

From Windows IT Pro:

Some forums have started to register problems with excessive growth of transaction logs for databases hosting the mailboxes of iOS devices that have been upgraded to iOS 6.1 For example, this note describes a situation where upgraded devices seemed to go into a loop and ended up by generating some 50 GB of transaction logs

 
At this point, the problem is believed to be isolated to the synchronization of Calendar Items.  It is also isolated to devices running iOS 6.1.  Devices running iOS 6.0 or earlier versions are not affected.

Unfortunately there is no fix for the problem at this time (from either Apple or Microsoft.)

From ZDNET:

Until the bug is fixed, corporate users are advised to not upgrade to iOS 6.1. For users who have already upgraded, though, there is no way to revert to the previous version. IT administrators have no control over when their BYOD users upgrade, so many of them have resorted to blocking iOS 6.1 from accessing Exchange as a temporary mitigation to prevent server outages for everybody else

 
Some corporations are already taking precautions against potential Exchange failures by disabling all mobile device activesync.  However, this will prevent users from any Exchange related functions on their mobile device, including all email functions, calendaring, etc.

Prior to taking this step, Tier1Net recommends the following actions:

Recommended Actions for Users on iOS 6.1:

If you have upgraded, please remove calendar synchronization by performing the following steps.

  1. From your mobile device, confirm your iOS version by going to Settings > General > About > scroll down to Version.
  2. If your iOS Version is 6.1, remove calendar synchronization by going to Settings > Mail, Contacts, Calendars > Selecting your Exchange account > slide the Calendar to the Off position > select Delete from my iPhone. This will remove the copy of your calendar from the device.

Please note that this will REMOVE your Exchange Calendar from your mobile device.

If your company is running the latest version of Microsoft Exchange, Tier1Net will be able to provide you with a list of all devices currently upgraded to iOS 6.1. Please contact us if you would like us to compile this list of devices for you.

Additionally, Tier1Net recommends that you immediately notify all employees to REFRAIN FROM UPGRADING IPHONE/IPAD to iOS6.1 until further notice.

If one of your users is running iOS6.1 and cannot effectively work without viewing their mobile calendar, please contact us for a potential work-around.

Meanwhile, we will continue monitoring your Exchange server for excessive logging.  If excessive logging continues from any particular device, Tier1Net will have to disable activesync from that mobile device.  Removing activesync access will disable all Exchange access from that device (mail, calendar, etc.)

UPDATE: Apple has just released iOS version 6.1.1 but it is does not appear to address excessive logging issues. At this time, we still recommend taking the above precautions and refraining from upgrading.

UPDATE: Microsoft has released a Knowledge Base Article confirming the excessive logging threat and stating “Apple and Microsoft are investigating this issue. We will post more information in this article when the information becomes available.”

Please let us know if you have any questions.

Tier1Net Team