MS15-086: Security update for Update Rollup 7 for System Center 2012 R2 Operations Manager: August 11, 2015

Introduction

This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update Rollup 7 for System Center 2012 R2 Operations Manager.

Issues that are fixed in this update rollup

Operations Manager

  • The home page link in the Web Console Noscript.aspx file is vulnerable to cross-site scripting (XSS)

    A security vulnerability exists in the Web Console for System Center 2012 R2 Operations Manager that could allow elevation of privilege if a user goes to an affected website by using a specially crafted URL. This fix resolves that vulnerability. For more information, see Microsoft Security Bulletin MS15-086.

  •  "Agents by Health State" report shows duplicate entries and inconsistent data

    Sometimes a single agent has multiple entries displayed in the "Agents by Health State" report. The fix for this issue makes sure the most recent state of the agent is displayed in the report.

  • Dependent tables are not groomed (Event.EventParameter_GUID table)

    The following issues are fixed:
    • In a database, the grooming of certain MT$X$Y tables were missed because of the filtering logic. Therefore, the tables were never groomed. There were scenarios in which lots of unwanted data was stored in these tables. This issue is now fixed, and data is groomed data from these table. This results in performance gains because there is less data from which to query.
    • In Data Warehouse, the grooming of certain tables was missed occasionally because current logic expects the rows to be returned in a certain order. This issue is now fixed, and the grooming of these tables will not be missed. In some scenarios, millions of rows were stored in these tables. This issue is now fixed. Data is now groomed from these tables. This results in performance gains because there is less data from which to query.


  • Management Packs do not synchronize between management servers

    In a SQL AlwaysOn setup, the SQL in the times of failover does not acknowledge the notifications that are registered by SCOM. This leads to inconsistent data in the environment, and the changes in management pack are not reflected in the whole environment. This update resolves this issue.

  • Leaked transaction causes over 100 SPIDs in SCOM database to be permanently blocked by the "p_DataPurging" stored procedure 

    Sometimes, because of a leaked transaction in the p_DataPurging stored procedure, the SPID becomes stuck. This causes other SPIDs to be blocked, and SCOM is brought to a standstill. This issue is fixed in this update. The fix prevents other SPIDs from being blocked.

  • Operations Manager SDK crashes because of SQL errors when QueryResultsReader.Dispose is called

    The Operations Manager SDK could potentially crash when it disposes of a database connection in some scenarios. Additionally, you receive an error message that resembles the following:

    Exception object: 00000004058197a0
    Exception type: System.Data.SqlClient.SqlException
    Message: A transport-level error has occurred when receiving results from the server. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)
    InnerException: System.ComponentModel.Win32Exception, Use !PrintException 0000000405819050 to see more.

    This update handles these scenarios gracefully.
  •  You can't view dashboard performance counters that are created by using the TCP Port Monitoring template

    When you use the TCP Port Monitoring template to monitor network connectivity and the availability of local and remote assets, the template is missing a write action to the data warehouse. With the update, you can present this information on dashboards.

  • Dynamic inclusion rule is added to a group definition unexpectedly if an explicit member instance of the group disappears

    If all the explicit member instances of the group disappear, a dynamic rule is added to the group unexpectedly. With the update, no dynamic rule is generated in these situations.

  •  You can't create group by using the SQL Server 20XX Installation Seed

    On the Dynamic Members tab of the Group Creation wizard, if you have a host class of your desired class, and if you try to select the inherited property of the host class, group creation fails. For example, if you select the Display Name(Object) property of Host=Windows Computer of the Management Server class on the Dynamic Members tab, group creation fails, and you receive the following exception:

    Processing the template failed. See inner exception for details.
    Verification failed with 1 errors:
    -------------------------------------------------------
    Error 1:
    Found error in 1|StressCollectPerformancecounterMP|1.0.0.0|UINameSpaceb2240e1340254758bc3a0f1bd0082f4d.Group.DiscoveryRule/GroupPopulationDataSource|| with message:
    The configuration specified for Module GroupPopulationDataSource is not valid.
    : Cannot find specified MPSubElement DisplayName, on MPElement= Windows!Microsoft.Windows.Computer, in expression: $MPElement[Name="Windows!Microsoft.Windows.Computer"]/DisplayName$

    This update resolves this issue.

  • Add MPB support to the SCOM online catalog

    The Management Pack catalog supports only those management packs that have the .mp extension and not the .mpb file-name extension. When this feature is implemented, the Management Pack catalog now supports MPB files.

    This update helps include management packs such as Azure Management Pack and SQL Management Pack on the Management Pack catalog that were not featured because of the .mpb file-name extension.

  • Active Directory Integration in Perimeter Network fails when there is only an RODC present

    When Active Directory Integration is enabled, the SCOM agent cannot talk to an RODC to obtain SCP information and instead looks for a RW domain controller. With this update, the Agent obtains SCP information from the RODC if information is available.

  • System Center Operations Manager subscriptions that use the filter to search for specific text in the description (of the message) do not work

    When you create a message subscription by using a criterion that contains specific text in the message description, no alerts were received through notifications. With this update, you receive notifications when the message description has specific text.

  • CLR load order change

    The current behavior for agents is to choose a CLR version based on the operating system version. For Windows Server 2012 and newer, the .NET Framework 4.0 is loaded. For operating systems older than Windows Server 2012, the .NET Framework 2.0 family is loaded. On management servers, the .NET Framework 2.0 family is loaded. This essentially maps the .NET Framework version used to the version available out-of-box on the server. The problem with the current behavior is that even if the Management Pack author knows that .NET Framework 4.0 is present on the system, it cannot be used.

    In the new behavior, the agent loads the .NET Framework 4.0 if it is available else it falls back to the .NET Framework 2.0.

  • Problems in obtaining monitoring objects by using "managementGroup.EntityObjects.GetObjectReader"

    In large System Center Operations Manager installations, when entity objects under a management group are retrieved by the object reader by using buffered mode, the object reader sometimes encounters System.Collections.Generic.KeyNotFoundException messages. With this update, the object reader ignores the invalid objects if they are not available.

  • The "Threshold Comparison" setting in the consecutive-samples-over-threshold monitor cannot be configured

    Although you configured the Threshold Comparison setting in the consecutive-samples-over-threshold monitor, the conversion of the Threshold float value from the management pack was incorrect for the German locale and caused monitor configuration failures. This issue is now fixed in this update for every supported locale.

  • Agentless Exception Monitoring (AEM) causes the Health Service to crash because the maximum path length of 248 character is exceeded

    When AEM client monitoring is turned on, sometimes the Windows error reporting file is created in a large file hierarchy. In scenarios in which the path is longer than 248 characters, AEM monitoring was causing the Health Service to crash. This issue is fixed.

  • After you update management packs, the newly added default (visible) columns to view are not visible automatically

    The first time that a view is opened on the console, registry keys are written in the HKEY_Current_User hive. The customization settings for the user are written in the registry. If the default view changes, the customization settings in the registry are not updated to reflect the new defaults. This update adds the newly added default column in the view.

  • Branding update

    Updates the "Operational Insights" name to "Operations Management Suite" in the System Center Operations Management console.

UNIX and Linux Management Pack

  • In some cases, Unix and Linux agents report incorrect CPU Percent Processor Time

    The Unix and Linux agents use Percent IO Wait Time when they calculate Percent Processor Time for a CPU object. The agents no longer include IO Wait Time in the calculation when they return Percent Processor Time.

  • A Logical Disk Health alert is not generated for a UNIX or Linux Logical Disk (file system) that is unmounted if the mount point exists after the file system is unmounted

    When a file system is mounted as a subdirectory, the mount point can still exist if the file system is unmounted. The UNIX and Linux Logical Disk Health monitor now inspects a more robust set of data before it returns data about online and offline status.

Updates that are included in this update rollup

The following files are updated to support the following manageable operating systems.

Operating systemManagement pack
Debian 8 (x64)Microsoft.Linux.UniversalD.1.mpb
Debian 8 (x86)Microsoft.Linux.UniversalD.1.mpb

How to obtain and install Update Rollup 7 for System Center 2012 R2 Operations Manager

Download information

Update packages for Operations Manager are available from Microsoft Update or by manual download.

Microsoft Update
To obtain and install an update package from Microsoft Update, follow these steps on a computer that has an Operational Manager component installed:
  1. Click Start, and then click Control Panel.
  2. In Control Panel, double-click Windows Update.
  3. In the Windows Update window, click Check Online for updates from Microsoft Update.
  4. Click Important updates are available.
  5. Select the Update Rollup package, and then click OK.
  6. Click Install updates to install the update package.
Manual download of the update packages
Go to the following website to manually download the update packages from the Microsoft Update Catalog:


Installation instructions
Removal information
Files that updated in this update rollup
Властивості

Ідентифікатор статті: 3064919 – останній перегляд: 18 серп. 2015 р. – виправлення: 1

Зворотний зв’язок