Macrium Reflect

Discussion in 'backup, imaging & disk mgmt' started by Stigg, Nov 23, 2013.

  1. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    354
    Location:
    US
    I don't have a single learning resource to recommend for VM security overall. But I would say that if you're going to test infected ISO files, and doing this with a completely separate physical system that's disconnected from any network isn't on the table for you, then a VM with the riskier integration features disabled (as you said, VMware Tools in this case) is the next best thing. I do know that there have been exploits where a guest VM can affect something on the host and/or on another guest VM running on that host, such as reading or even changing values in the memory space of the host or other guest. Just off the top of my head, I'm not sure I've heard of any exploits where actual malware running in the guest has managed to transfer itself to the host without any integration features enabled, but that doesn't necessarily mean there hasn't been such a case. All that said, these exploits are quite rare, as evidenced by the fact that the bug bounties offered by VMware and Microsoft for these type of "hypervisor escape" exploits are quite high (and also by the fact that if these were commonplace, it wouldn't really be practical for public cloud VM hosting like Amazon EC2 and Microsoft Azure to exist in the first place). Additionally, the cases I'm recalling off the top of my head were purpose-built code meant as a proof of concept, not malicious outbreaks that occurred in the wild.
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,560
    I do what Barb at Appguard recommend a while back to me. I add all the VM exe's to appguards guarded list. That way memory transfers are blocked.
     
  3. Bellzemos

    Bellzemos Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    83
    For installing potentially infected ISOs as operating systems and for testing anti-malware: would you say it's safer doing that with the latest VMWare Player v15.5, normally, with VT-x enabled - or - running an old VMWare Player v7, which I was able to run on my old Win7 PC with VT-x disabled and sandboxed (under Sandboxie)? I'd think the later, because of the sandbox protection, what do you think?

    Thank you.
     
  4. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    462
    Location:
    Germany
    Bug fixes and Improvements v7.2.4539 - 18th November 2019

    • Server Plus Edition:
    Exchange backups could crash after completion if the log file couldn't be written to. This has been resolved
    • Incorrect ReflectUI.exe Message Box:
    On system startup an incorrect pop-up dialog box could be shown by ReflectUI.exe. This has been resolved
    • viBoot:
    Images created by 'foreign' systems (not the same PC) could fail to enable the 'Boot Image' functionality in Reflect. This has been resolved
    • Macrium Image Guardian:
    We've improved the security of MIG by enhancing the malicious injection of threads into running processes.
    • Change Block Tracker:
    Minor performance and stability enhancements.
    • Rescue Media Builder:
    ◦ On some systems with dynamic disks, it was possible for the location of the PE files to be incorrectly set, causing boot menu entries to fail. This has been resolved.
    ◦ On USB-based rescue media, un-checking the "Check for devices missing drivers on boot" checkbox and rebuilding would sometimes not make the rescue media stop prompting for missing drivers. This has been resolved.
    ◦ When building Technicians media, failing to create autorun.inf will no longer cause the rescue media creation to abort.
    ◦ If the Windows ADK version 1607 was installed but a 64-bit PE 10 zip file was used to build rescue media, any subsequent 32-bit PE 10 builds would not prompt for an updated wim but would always use the 1607 wim from the ADK. This has been resolved.
    ◦ RMBuilder could fail to detect a new version of Windows RE after a Windows update. This has been resolved.
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,363
    Location:
    U.S.A. (South)
    Thanks for the new update notice.
     
  6. jpcummins

    jpcummins Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    498
    Location:
    Terre Haute, IN
    I purchased Macrium Reflect 7 Home Edition today, I took advantage of their one half price Black Friday offer. I have been using the Macrium Reflect 7 Free version and have made full backups monthly for the last three months. I presume the Home Edition will allow me to restore these Free Edition backups, should I need to. Does anyone know for sure? Should any forum members currently using the Home Edition have any suggestions or recommendations I would appreciate hearing them. As always I appreciate all replies and would thank you in advance.

    John
     
  7. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,291
    Location:
    USA
    No problem restoring backups from the free edition.That said, it will roll you back to the free version. I would keep those but start a new series of backups and then discard the older one when enough time has passed.

    I installed this update and tested it on a couple of machines. No apparent issues, so far.
     
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,844
    Having the home edition it will make a big difference in terms of speed and hard disk space particularly if one is using a small solid state drive as a backup. You need to create the first full backup, and then I would suggest making incrementals which might take, on a daily basis, about 50 seconds to a minute on average if changes are not big, and the size of incrementals might range from 300 MB to 2 GB again for average changes.

    Likewise restores are extremely fast on average 1:30 to 2 minutes and can be almost fully automated with a few clicks if you have created a "bootable rescue media". Nowadays if I have to try out a program, I take a quick incremental first, install the program, if it is fine no problem, if I don't like it a quick restore will completely remove the program, no hassles with uninstallers and registry keys left behind. I hope this helps.
     
  9. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,844
    Your test included a restore as well?
     
  10. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,844
    I've just updated to v 7.2.4539, performed an incremental and restored the system as a test, everything worked perfectly. The bootable rescue media should be patched as well.
     
  11. JasonUK

    JasonUK Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    32
    Location:
    UK
    Experienced 'VSS error: 0x80042316 IDispatch error #8470' after update which prevented image being created. Ran 'Fix VSS Problems' in Macrium > Other Tasks and rebooted and was then able to create a full backup image without further issues.
     
  12. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    354
    Location:
    US
    I suspect that was a coincidence. To my knowledge, a Reflect update does not involve making a VSS snapshot, in which case it wouldn’t be the cause of any issues with VSS, though Reflect can certainly be affected by VSS issues when trying to make a backup.
     
  13. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    354
    Location:
    US
    Any paid version of Reflect will restore any image backup, with the possible exception of image backups created by a newer release of Reflect than the version you're using for the restore, although even there I’m told that even Reflect 6.1 from years ago should be able to restore image backups created by Reflect 7.x because the image file format hasn’t changed.

    In fact, the Free version can even be used to restore image backups created by the paid version. The possible exception is Incremental backups, since Free doesn’t support creating those. I haven’t tried using Free to do that. And Free doesn’t support restoring File & Folder backups.

    As others have said, enjoy having access to Incremental backups and Rapid Delta Restore! You may also want to consider whether Image Guardian and/or CBT would be desirable for you. I like the former but don’t like the latter because of the issues it seems to keep causing, but I also don’t have a use case that would significantly benefit from CBT. Others here whose use cases benefit significantly from CBT wouldn’t go without it.
     
  14. Hadron

    Hadron Registered Member

    Joined:
    Apr 1, 2014
    Posts:
    1,388
    I see the latest Reflect update includes another CBT update.
    It will be interesting to see if anyone has issues with it.

    I got rid of it a few versions ago.
     
  15. Hadron

    Hadron Registered Member

    Joined:
    Apr 1, 2014
    Posts:
    1,388
    Nice one, John.

    For anyone else who has been thinking of hopping on the Macrium Reflect Home Edition train, now is probably as good a time as any.

    More info at the BLACK FRIDAY 50% OFF page.
     
  16. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    7,159
    Location:
    Among the gum trees
    Bug fixes and Improvements v7.2.4557 - 29th November 2019

    • Macrium Image Guardian
      While attempting to retrieve the status of a process that was closing, the MIG driver could inadvertently access an invalid address resulting in a BSoD. This has been resolved.
    • Rescue Media Builder
      • On Windows XP, the rescue media builder would sometimes give a "WIM file not found" pop-up when there was a valid WIM file present. This has been resolved.
      • When performing an automatic restore on a system with multiple network adapters, the network adapter configuration process will be logged in more detail.

    https://updates.macrium.com/reflect/v7/v7.2.4557/details7.2.4557.htm
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,423
    Location:
    Here
    Thnx for heads up Krusty :thumb:
     
  18. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    889
    Anyone able to build new (PE) rescue media with 4557?

    I first had to download almost 1 GB from Microsoft, but after that Reflect keeps prompting me endlessly about an additional 205 KB download from Microsoft...
     
  19. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    162
    Location:
    Bulgaria
    It updated my Boot Menu just fine on Win 8.1 x64.
     
  20. JasonUK

    JasonUK Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    32
    Location:
    UK
    Created both RE & PE10 rescue media without any issue with 4557. It did download c850mb from Microsoft at the start but didn't prompt for any further download. Running on Windows 10 release 1909.
     
  21. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    354
    Location:
    US
    For the download prompts, did 4557 update the WinPE 10 release that it uses for WinPE 10-based builds? Not talking about WinRE here. The WinPE 10 option has been using WinPE 10 1709 since Reflect 7.2 arrived. I can’t check myself since I’m away without my laptop, although given the issues that some seem to be having with building Rescue Media on the new release, I’m not eager to update.
     
  22. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,844
  23. JasonUK

    JasonUK Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    32
    Location:
    UK
    @jphughan ~ It still shows WinPE 1709 but did download 850mb from Microsoft when I rebuilt Boot menu build (PE) for latest Reflect version. Maybe download was because I'd updated Windows build to 1909 since last Macrium update & creation of rescue media?
     
  24. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    354
    Location:
    US
    Strange. Updating your Windows 10 environment shouldn’t require a new download because Reflect keeps its own cache of the WinPE file set, and I’ve updated Windows 10 without having to redownload WinPE 10 1709 for Reflect. But the Macrium forums have a few reports about forced WinPE downloads after this update, in some cases repetitive prompts about needing to download 205 KB (not a typo) from Microsoft and never succeeding. The preliminary suspect for the latter case seems to be anti-virus at this point, but nothing confirmed yet. Maybe something else is going on that wipes or otherwise invalidates the WinPE 10 cache?
     
  25. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    889
    Looks similar to what I reported.

    Will disable (Emsisoft) antivirus in my next attempt.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.