The Core Technologies Blog

Our Software // Windows Services // 24×7 Operation


4 Amazing Benefits of Monitoring & Auto-Restarting your Mission-Critical Applications

4 Amazing Benefits of Auto-Restarting your Mission-Critical Software

Does your company rely on one or more important Windows applications?

Will your business (and reputation) suffer if those programs stop running or become unavailable?

If so, downtime is your enemy. Look to our AlwaysUp and Service Protector utilities to help you ensure that your applications start at boot and continue to run 24/7 — even in the face of failure.

And getting closer to 100% uptime can have a huge impact on your business. Here are four of the most important benefits of monitoring and automatically restarting your vital Windows software:

1. Fewer support calls

Less support calls

Frustrated customers make phone calls and send angry emails when software stops working. Someone in your company has to take those calls and respond to those emails — often at considerable time and expense.

Automatically curing failures eliminates those infuriating “your software is down again!” complaints. Your support staff will thank you. And even better, they will have more time to focus on the higher-value interactions that move your company forward, not backward.

2. Less off-hours interruptions

Less off-hours interruptions

Picture this: You’re at a pricey restaurant enjoying a rare evening out with friends when your phone rings. It’s your boss. An important customer is down and you need to restore service now.

You rush to your car to get your laptop and spend the next 30 minutes frantically connecting to a secure Wi-Fi network, logging into the VPN and ultimately restarting the offending application. By the time you get back to the table, your dinner is cold and your friends are ready to move on. That sucks!

But none of that needed to happen.

In an alternate universe — one where a “set-it-and-forget-it” application monitoring package has your back — the failure was detected, your application was automatically recycled and your customer was never inconvenienced. You received a friendly email letting you know what happened, just as you started your main course. You didn’t miss a beat.

3. Happier customers

Happier customers

Customers despise buggy software. It can be very stressful when they are trying to complete urgent tasks but the supporting software is down!

Making sure that your software is always available reduces stress. And less stress leads to happier, satisfied customers who remain loyal for years to come.

4. More time to focus on your business

More time to focus on your business

With fewer support calls and less toxic interruptions, you will have a few extra hours each month to focus on important issues. How will you use that valuable time?

Of course, you can move on to fighting the next customer “fire”. There are always lots of those.

But even better, why not focus on advancing and growing your business — for all customers?

Posted in Uptime | Tagged , , , | Leave a comment

Q&A: What’s the difference between a Windows Service and a Web Service?

Windows Service vs Web Service
I see that your website has a lot of information about Windows Services and you also make AlwaysUp Web Service. How is a Windows Service different than a Web Service? When would I use one over the other? I’m new to programming and a bit confused by the terminologies.

— Justin

Hi Justin.

Yes, the terminology can be confusing! Let’s start with some definitions.

What is a Windows Service?

A Windows Service:

  • Is a Windows application that integrates with the Service Control Manager.
  • Is controlled through the Services Control Panel application.
  • Implements system-level tasks that must operate outside the boundaries of a user’s login session.
  • Is usually long-running, starting when the computer boots and running uninterrupted, 24/7.
  • Works invisibly in the background. A service can’t easily show itself on a user’s desktop.
  • Can do anything that a “regular” application can. Services can read and write files, print documents, check the time, access the network, and much more.
  • Runs on Windows only. Windows Services are not available on Linux, macOS, Andriod, iOS or any other operating system.
  • Is typically written in C++ or C# (to best work with the low-level Windows Services API).
  • May or may not communicate with other programs. Inter-application communication is not a key feature and most services do not expose an interface of any kind.

A modern PC comes with one to two hundred Windows Services pre-installed, each managing an important aspect of your computing experience. For example:

  • Print Spooler: Manages all printing on your computer.

  • Power: Implements your computer’s power schemes, policies and notifications.

  • Task Scheduler: Responsible for automatically launching executables, batch files and scripts at specified times, without human intervention.

What is a Web Service?

A Web Service:

  • Interacts with other applications or services using a well-defined system of data exchange (such as REST or SOAP).
  • Typically communicates over HTTP with an appropriate messaging format on top (such as XML or JSON).
  • Is usually hosted in a web server/container, like Apache Tomcat, Microsoft IIS or Play Framework. A good framework provides easy-to-use messaging “plumbing” and makes it significantly simpler to develop a robust web service.
  • Has a web-based interface (if any at all).
  • Is not restricted to Windows alone. In fact, most web services are deployed on UNIX servers.

Examples of web services include:

Amazon Simple Storage Service (S3): Integrate cloud storage into any application.
Google Maps: Lookup addresses, plot directions, access street views and more.
WorldTimeAPI: Get the current time in any time zone.

The upshot: Windows Services and Web Services are very different!

The only things they have in common are that they are both server technologies and have the word “Service” in their names. 🙂 As a developer, you shouldn’t have much trouble choosing which technology is appropriate for your project.

However, the W* Services are not completely complementary. Though rare, there are a few applications that are both a Windows Service and web service. A good example is our own AlwaysUp Web Service, which must run 24×7 on Windows while providing an XML web service to control the computer remotely.

I hope these similar-sounding technologies make a bit more sense now. Please be sure to get in touch if you have any other questions.

Posted in Windows Services | Tagged , , | Leave a comment

Windows Services Memory Fix (Microsoft June 2020 Patch Tuesday)

Windows Services Memory Fix

On the second Tuesday of each month, Microsoft releases the latest security updates for Windows, Windows Server, and other products. This monthly event is dubbed Patch Tuesday.

The June 2020 Patch Tuesday update fixes a whopping 129 important defects. It’s the largest Patch Tuesday update ever!

As usual, we’ve scoured the list of vulnerabilities to identify fixes focused on Windows Services. Fortunately there is just one item — CVE-2020-1268.

CVE-2020-1268: Windows Service Information Disclosure Vulnerability

According to Microsoft, an attacker could leverage CVE-2020-1268 to read private areas of a service’s memory. These kind of “memory exploits” are quite serious.

The patch fixes the problem by correcting how a Windows Service handles objects in memory.

How can an attacker exploit this defect?

To exploit the defect, an attacker would have to:

  • Log in to your Windows computer

  • Run a “specially crafted application”

  • Locate something of value in the service’s memory

That is, the defect is only exploitable by an authorized person with sophisticated programming experience.

Nevertheless, it presents a significant security hole.

For example, suppose your service caches a user’s credit card information securely in RAM. A rogue employee could craft a program that invades your service’s memory space and extracts the card details. The same stealing could happen with passwords, personally identifiable information and other sensitive data that your application records in memory.

Which versions of Windows does CVE-2020-1268 affect?

Microsoft has identified and developed patches for the operating systems impacted — Windows 10 (Versions 1903, 1909, 2004) and Windows Server 2019 (Versions 1903, 1909, 2004).

Apparently the flaw does not exist in Windows 8 or Windows Server 2016, Microsoft’s other supported operating systems.

What else do you know about CVE-2020-1268?

  • The vulnerability was not publicly disclosed prior to June 2020.

  • There are no reports of exploits in the wild.

  • CVE-2020-1268 does not allow an attacker to execute code or to elevate user rights directly.

  • Because it requires access and sophistication to exploit, Microsoft classifies it as “Exploitation less likely”.

Should I apply the patch?

Yes. We agree with Microsoft’s recommendation to apply the patch.

Because, as the folks at ZDNet wisely point out:

Malware authors are known to keep on eye out on Microsoft’s monthly security updates, select the most useful bugs, and patch-diff the security updates to find the exact bug that Microsoft fixed — so they can weaponize it as soon as possible.

Questions? Problems?

If you would like to know more about CVE-2020-1268 or the enormous June 2020 Patch Tuesday update, please feel free to get in touch. We will do our best to help you.

Be safe out there!

Posted in Windows Services | Tagged , , , , , | Leave a comment

Essential Windows Services: Windows Update (wuauserv)

Windows Update Service (wuauserv)

What is the Windows Update service?

The Windows Update service is responsible for automatically downloading and installing Microsoft-created software on your computer. It is a critical component that is instrumental in keeping your PC up to date with vital security patches.

The service’s name is wuauserv. It runs inside the shared services host process, svchost.exe:

Windows Update Service

The service’s startup type is Manual. It remains dormant until explicitly started by operating system components that run on a schedule.

Is it safe to disable the Windows Update service?

In their guidance on disabling system services on Windows Server 2016, Microsoft does not designate Windows Update as a critical service. Indeed, your computer will operate just fine if you disable the service — you simply won’t get updated software from Microsoft.

But while avoiding periodic updates is great for system consistency, allowing your operating system to become stagnant can have serious security implications. It is likely that your computer will become vulnerable to attacks — especially if it is connected to an external network like the Internet.

So if you do disable the Windows Update service, we recommend re-enabling it every few weeks/months to apply security updates. Best to be safe!

How do I disable the Windows Update service and prevent it from starting?

To disable the Windows Update service:

  1. Launch the Windows Services application. You can find it by searching for “services” in the Control Panel or by running services.msc at a command prompt.

  2. Scroll the list of services to find the Windows Update service. Double-click the entry to open it.

  3. If the service is running, click the Stop button to terminate it.

  4. And in the Startup type field, change the selection to Disabled:

    Disable wuauserv
  5. Click OK to save your settings.

You can also disable the service by running these two commands from an administrative command prompt:

sc stop wuauserv
sc config wuauserv start= disabled

With the service disabled, any attempt to update your operating system will fail:

Windows Update: Error encountered

Note: To re-enable the service, simply repeat the steps above but set the Startup type back to Manual.

Questions? Problems?

If you would like to know more about the Windows Update service, or you have a specific problem, please feel free to get in touch. We will do our best to help you!

Posted in Windows Services | Tagged , , , | Leave a comment

Q&A: Why doesn’t “Allow service to interact with desktop” work?

  Our legacy Windows Service shows an alert box when it fails to print a document on our server 2012 R2 controller.

I went into the service, clicked on the properties and set it to be able to interact with the desktop. How come I still can’t see the alert windows? Do I need to change something else?

Allow service to interact with desktop

— Justin F.

Hi Justin.

Unfortunately that setting is from a bygone time. It no longer does what you expect. Let me explain.

Old versions of Windows supported interactive services

Old versions of Windows support interactive services

In Windows NT, 2000, XP and Server 2003 it was reasonable (and occasionally encouraged) for a service to create windows and other graphical elements. It was possible for someone logging in to the PC to see a service’s windows, happily intermingling with conventional applications on his desktop (like Word and Excel).

On those old operating systems, the “Allow service to interact with desktop” setting controlled the visibility of the service’s interface. If checked, the first person logging into the PC would see the service’s windows. If unchecked, the windows would not be visible. In short, the checkbox made sense.

However, in the mid-2000s, the concept of interactive services was exposed as a security risk. Hackers developed rogue Windows Services that would invade the desktop, requesting passwords, installing dangerous software and ultimately compromising a healthy computer. Those so called shatter attacks (because they visibly shatter the user’s secure environment) emerged as a serious threat.

Fortunately the folks in Redmond were quick to respond.

Interactive services are crippled (or eliminated) in current editions of Windows

Interactive services are crippled in current editions of Windows

Microsoft plugged the shatter attack security hole in Windows Vista. The remedy — known as Session 0 Isolation — is an architectural change that prevents a service’s windows from showing up on a regular desktop. Going forward, windows created by a service would be effectively hidden.

The change profoundly diminished the utility of the “Allow service to interact with desktop” option. Checking the box still enables a service to show its windows, but only on the hidden Session 0 desktop.

The reality is that on or off, the checkbox cannot empower a Windows Service to show itself on your own desktop.

But all is not lost for your situation…

However you can still see alerts from your service since you’re on Windows Server 2012

In versions of Windows where Session 0 is accessible — specifically Windows 8.1/8 and Server 2016/2012 — you can see the alerts from your service. You have to switch to Session 0 to see them though.

To make that possible:

  1. Enable interactive services.

    Start Regedit, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows and change the value of NoInteractiveServices from 1 to 0:

    Enable interactive services registry value
  2. Enable the Interactive Services Detection service.

    Launch Services, open the Interactive Services Detection service and change the Startup type to Automatic or Automatic (Delayed Start):

    Enable the Interactive Services Detection service

With that in place, Windows will pop up a window whenever your service is showing an alert in Session 0:

Interactive Services Detection prompt

Click View the message to switch to the austere Session 0 desktop where you should see your alert window.

And when you’re done, click Return now to go back to the safety of your regular desktop.

Note: There is no way to see your service’s alerts on Windows Server 2019

Unfortunately the solution for Server 2012 will not work on Server 2019 because Microsoft has completely removed access to Session 0 in their newest operating systems. There is simply no way to see an application running on the hidden desktop.

Please keep that in mind before you upgrade your server!

Posted in Windows Services | Tagged , , , , | Leave a comment