Master Patch List as of May 9, 2023

I’ve updated the Master Patch list for the May releases.

Remember to always review the known issues we are tracking on the Master Patch List. I will keep the latest info there.

So far trending issues are:

Business patchers – In order to fully patch systems for potential UEFI/Secure Boot there are a series of manual steps. I am NOT convinced that this is needed for anyone other than targeted nation state organizations. I’ll have exact instructions and a video should you want more information.

I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.

• Windows 11 22H2: Not recommended
• Windows 11 21H2: If you have a Windows 11 PC, recommended
• Windows 10 22H2: Recommended
• Windows 10 21H2: Recommended (if a vendor won’t support 22H2)
• Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.

As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level

It’s May updating time!

It’s that time of the month that I’ll urge you to pause your updates on your Windows platforms, but review any pending updates on your Apple platforms.  Recently Apple’s “Rapid response” patches weren’t quite as “rapid” as we would all like.  In fact on my iPhone iOS 16.4.1 is still pending even though I have auto updates enabled.

I’ll be discussing what SHOULD have occurred in Sunday’s newsletter.  In the meantime, let’s keep an eye out for this month’s Windows releases:

49 vulnerabilities if the count here is correct

Windows 11 22H2 has a new toggle button

• New! This update adds a new toggle control on the Settings > Windows Update page. When you turn it on, we will prioritize your device to get the latest non-security updates and enhancements when they are available for your device. For managed devices, the toggle is disabled by default. For more information, see Get Windows updates as soon as they’re available for your device.

As well as fixing issues in both Windows 11 22H2 and 21H2 as well as Windows 10  in the newly released Windows Local Administrator Password Solution

• This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.

Remember if you aren’t on Windows 10 22H2 at this time, I’ll want you to move to 22H2 as June 13, 2023 is the last time Windows 10 home and Pro 21H2 get updates. Windows 10 Enterprise and Education, Windows 10 IoT Enterprise, and Windows 10 Enterprise multi-session will still be serviced (apologies had that backwards). 20H2 is now fully out of support.

Ugh.  There is a secure boot vulnerability that is being “fixed” with code in the May updates, but not fully implemented.  Because you need PHYSICAL access or administrative rights to install code, this is yet another of those updates that will need to be “risk” rated for additional action.  I’ll go into this more in the newsletter.

The right to be sued

LEGAL BRIEF

By Max Stul Oppenheimer, Esq.

Law students are sometimes puzzled by the section of the Corporations Statute saying that corporations have the right to be sued.

Why, they wonder, would anyone want to be sued? Wouldn’t it be better to have the right not to be sued?

The answer is subtle.

Read the full story in our Plus Newsletter (20.19.0, 2023-05-08).
This story also appears in our public Newsletter.

Want a faster, quieter PC? Cool it in water.

PUBLIC DEFENDER

By Brian Livingston

I’m not actually suggesting that you soak your computer in a bathtub. But keeping a high-powered CPU from frying — without the earsplitting hum of roaring fans — means a liquid cooler could be just the thing your PC needs.

It’s well known that water and some nonconductive oils are much more efficient than air at removing heat from electronic components. Many tower and desktop PCs have enough space for a built-in or add-on liquid chilling system. This can enable you to push a CPU to the max without burning it out.

Read the full story in our Plus Newsletter (20.19.0, 2023-05-08).

Microsoft Office’s drawing tools

MICROSOFT 365

By Peter Deegan

Many people are aware of the powerful program Visio and its drawing powers. Fewer know that a comprehensive, though basic, set of drawing tools is available in Office programs such as Word and Excel.

Let’s dig into the hidden and more interesting possibilities of Microsoft Office Shapes and its close cousin, Icons. You can use them to make a simple flowchart or diagram, or just add some easy decoration to a document, sheet, or slide.

Read the full story in our Plus Newsletter (20.19.0, 2023-05-08).

Planning for the final digital divide

ON SECURITY

By Susan Bradley

In a letter to Jean-Baptiste Le Roy in 1789, Benjamin Franklin wrote a phrase that has often been repeated ever since.

Most of us don’t realize that his comment started with a mention of the recently signed U.S. Constitution, but instead remember only the final part of his saying.

Read the full story in our Plus Newsletter (20.19.0, 2023-05-08).

MS-DEFCON 2: Settling down for a stable Windows 10

By Susan Bradley

The order of the day is Windows 10 22H2.

With Patch Tuesday just around the corner, it’s time to defer updates. Therefore, I’m raising the MS-DEFCON level to 2.

However, there is one exception. If you are running Windows 10, update to release 22H2 as soon as possible. If you can’t get to it by Tuesday, defer — but be sure to get it done before the end of May.

Anyone can read the full MS-DEFCON Alert (20.18.1, 2023-05-04).

May 2023 Office non-Security updates are now available

The May 2023 Office non-Security updates have been released Tuesday, May 2, 2023. They are not included in the DEFCON-4 approval for the April 2022 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

Remember, Susan’s patching sequence and recommendations are based on a business environment that has IT support and may have time constraints on the updating process. Consumer patching should be more cautious due to limited technical and mechanical resources. The latter is the reason for the AskWoody DEFCON system.

Office 2013
Update for Microsoft Office 2013 (KB5002297)
Update for Microsoft PowerPoint 2013 (KB4504725)

On April 10, 2018, Office 2013 reached End of Mainstream Support. Extended Support ended for Office 2013 on April 11, 2023.
Office 2016 also reached  End of Mainstream Support on October 13, 2020. EOS for Office 2016 is October 14, 2025.

Updates are for the .msi version (perpetual). Office 365 and C2R are not included.

Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

The pros and cons of RAID 1

HARDWARE

By Will Fastie

Revisiting an old friend, it’s time to update our thinking about RAID 1.

In our all-too-brief time working together, Fred Langa and I had only one point of disagreement — RAID (redundant array of inexpensive drives). Our bone of contention dealt with RAID level 1, the “mirror.” That’s the focus of this, our spring bonus edition of the newsletter.

Following this brief explanation, I’ll provide an update on the RAID situation with two of my PCs, Onyx and Opal.

Read the full story in our Plus Newsletter (20.18.0, 2023-05-01).

Fixing Onyx’s RAID 1 failure

HARDWARE DIY

By Will Fastie

Before I was able to decommission Onyx, my daily driver desktop PC, one of my hard drives failed. Hard.

Why the hard failure? Because I didn’t take my own advice — to replace hard drives every five years. The two Seagate drives in Onyx’s RAID 1 array were built in 2014 and put into service in 2015.

One of the drives failed nine months ago, so it lasted seven years — two years later than when I should have replaced it. Fortunately, Onyx is modern enough to have a good RAID system, from Intel. The fix was remarkably easy and, for the most part, automated.

Read the full story in our Plus Newsletter (20.18.0, 2023-05-01).

Configuring RAID 1 for Opal

HARDWARE DIY

By Will Fastie

The last stumbling block in my quest to bring Opal, my new desktop PC, online has been resolved.

Back when I was building Opal, my new PC to run Windows 11, I ran into a problem configuring two 6TB drives as a RAID 1 array. I struggled with that, which surprised me because it was relatively easy setting up the mirror on my original box, Onyx.

I let Opal lie fallow. My excuse was that my wife had acquired her Lenovo Yoga, which was happily running Windows 11 Pro. That gave me access to a machine when I needed to deal with a Windows 11 topic for this newsletter. The delay that ensued turned out to have been a good thing.

Read the full story in our Plus Newsletter (20.18.0, 2023-05-01).

Can you STILL do a Windows 11?

Can you still do a Windows 11 without a Microsoft account with Windows 11 22H2?

Yes. Absolutely.  When you get to the spot where it wants you to have a Microsoft account just put in no@thankyou.com and any password.  It then says “oops” and will let you set up an account even without a password if you like.

The trick STILL works.