MS-DEFCON 4: Is Windows 11 really a disaster?

By Susan Bradley

Every month, I read headlines claiming that the latest patches for Windows 11 22H2 are causing major issues and impacting gazillions of users.

Every month, I also note that the deployments of Windows 11 in my home and office are well behaved. Some of that is surely the result of my tender ministrations, such as using an alternate menu system. But for the rest, Windows 11 is not some sort of monster stomping through neighborhoods and ruining lives.

I consider the current updates safe, so I’m lowering the MS-DEFCON level to 4.

Anyone can read the full MS-DEFCON Alert (20.39.1, 2023-09-26).

Windows 11, Surface, and Windows Copilot

MICROSOFT NEWS

By Will Fastie

In case we didn’t realize it already, Microsoft told us where we are headed.

Last week, Microsoft held an event in New York. The bulk of the presentation was about AI, specifically Windows Copilot. Not Copilot, but Windows Copilot.

This is deeply significant.

Read the full story in our Plus Newsletter (20.39.0, 2023-09-25).
This story also appears in our public Newsletter.

Why File Explorer keeps me on Windows

WINDOWS

By Josh Hendrickson

I own both a fairly powerful Windows PC and a Mac Studio.

Technically, the Mac Studio, with its M1 processor, far outstrips my desktop PC. And yet my PC continues to be my daily driver. Why?

File Explorer.

Read the full story in our Plus Newsletter (20.39.0, 2023-09-25).

Uninstalr — “World’s best cup of coffee”

FREEWARE SPOTLIGHT

By Deanna McElveen

In the movie “Elf,” Buddy discovers the world’s best cup of coffee. He may take the signage on the building a bit too literally as he bursts in to congratulate the staff of the coffee shop. Well, today I am Buddy, but I actually tasted the coffee.

Uninstalr by Macecraft Software has the words right there on their website: “Uninstalr is the best Windows uninstaller.” Well, anyone can put that on their website. I was, of course, skeptical, because I have used all the uninstaller programs.

Read the full story in our Plus Newsletter (20.39.0, 2023-09-25).

Locked out of your refurbished computer?

ON SECURITY

By Susan Bradley

Corporate “leftovers” may impact your new computer.

All of us want to purchase a good deal. Often I will look for refurbished computers, many of them systems coming off corporate leases, because they are an excellent value. Many times, they are less than three years old and support Windows 11. Some even come with Windows 11.

Most of these systems have been reset to factory defaults, so the configuration process is basically the same OOBE you would get with a new PC. You start the boot process, set it up with either a Microsoft account or a local account with the no@thankyou.com email trick, and off you go. You’re happy: you have a well-built computer that is cheaper than anything you’d purchase elsewhere.

Read the full story in our Plus Newsletter (20.39.0, 2023-09-25).

What happened to the manual?

The other day at the office AT&T insisted that we needed to upgrade our Fiber connection to a faster connection. Upon installing the new fiber connection I was left with a BGW 320 500 unit with no manual. Instead there was a QR code guiding you to download an app on the phone.

Mind you this is at the office where the intent is that this will be the backup Internet to the office, so as a result I need the necessary static IP address. While I could connect to the Internet simply by attaching to the unit’s wifi and doing a whatismyip look up, that didn’t give me the necessary information for the five IP addresses. When I reached out to the vendor, they provided me with an IP address that didn’t make sense with the IP address I was getting when connecting via wifi.

I was expecting to be given an IP address in the range of the IP address I was getting when I logged into wifi, but the address they gave me was totally different and didn’t make sense that the static IP they gave me would work given the IP address I was getting from merely connecting to the unit via wifi. Turns out this is I guess you could call it a hybrid unit. As I was told by a friend, “You can connect a device to the modem and it can dole out a dynamic IP from AT&T. But you can also connect a device using the static range they assign you – for example your own router or firewall appliance. You CAN set up your desktop/laptop with one of those usable addresses that they provided to me . You may need to reboot your router if you plug in and get a dynamic address – and then need to switch to your static IP address. NOTE: The dynamic IPs do NOT route to the static subnet.”

Learned something new about fiber equipment. But what kills me is that I’m having to google to find guidance and a manual. Why is good documentation so hard to get these days? Do you find your ISP doesn’t provide good documentation for the equipment they provide?

Apple zero days out – September 2023

Apple has fixes for zero days that have been under attack. It appears most are triggered by a specially crafted web content.

• CVE-2023-41991 – A certificate validation issue in the Security framework that could allow a malicious app to bypass signature validation.
• CVE-2023-41992 – A security flaw in Kernel that could allow a local attacker to elevate their privileges.
• CVE-2023-41993 – A WebKit flaw that could result in arbitrary code execution when processing specially crafted web content.

📱 iOS and iPadOS 17.0.1 – 3 bugs fixed
📱 iOS and iPadOS 16.7 – 3 bugs fixed
⌚ watchOS 9.6.3 – 2 bugs fixed
⌚ watchOS 10.0.1 – 2 bugs fixed
💻 macOS Ventura 13.6 – 3 bugs fixed
💻 macOS Monterey 12.7 – 1 bug fixed

Mind you iOS 17 *just* came out the other day.

These security vulnerabilities have been seen in attacks in the wild.

Apple 2030

APPLE NEWS

By Will Fastie

Mother Nature deems Apple’s ambitious clean-energy goals worthy, albeit surprising.

Oscar winner Octavia Spencer, in her starring role as Mother Nature in Apple’s fall event, stole the show. Apple goes Hollywood all the time in these events, but this was different.

In a nicely done surprise skit, Mother Nature has come to Apple to audit its progress on meeting its green goals, specifically carbon neutrality. This alone was funny because all companies seem to have stated goals, but it’s hard to know whether any are being achieved. Mother Nature was skeptical to the point of assuming Apple was just blowing smoke, so to speak.

Read the full story in our Plus Newsletter (20.38.0, 2023-09-18).
This story also appears in our public Newsletter.

Wi-Fi 7? Why not!

PUBLIC DEFENDER

By Brian Livingston

International standards bodies are just months away from finalizing a wireless networking improvement that’s being called Wi-Fi 7. When devices start supporting and using the new protocol, Wi-Fi 7 promises theoretical speeds far beyond what’s currently possible with Wi-Fi 6 (which was officially approved back in 2014).

But don’t go out and buy all new stuff just yet. Theory is one thing, and reality is another. You may never see noticeably faster speeds from any Wi-Fi 7 devices you may own in the future. What are the reasons for this? I’m glad you asked.

Read the full story in our Plus Newsletter (20.38.0, 2023-09-18).

Second city — the AI view from Washington

LEGAL BRIEF

By Max Stul Oppenheimer, Esq.

Multiple players are deciding their opening moves in reacting to the sudden entry of this technology into the public consciousness.

Not surprisingly, their approaches differ because their interests differ.

In my previous installment (2023-08-28), we saw how Microsoft is grappling with how to protect its interests — offensive and defensive — in a highly volatile and unpredictable future. In the short time since that article published, it appears that Microsoft may already be fine-tuning its approach.

Read the full story in our Plus Newsletter (20.38.0, 2023-09-18).

Zeroing in on zero days

PATCH WATCH

By Susan Bradley

September’s updates are out, with several zero days and several interesting vulnerabilities.

The good news is that for consumers and home users, many of these are unique to a business network and won’t be seen in a home network.

What will be seen this month is that the update installation and reboot process will take longer. I’m not sure what is triggering the slowness, but note that this month’s updates also include .NET updates. Patience.

Read the full story in our Plus Newsletter (20.38.0, 2023-09-18).

Got a Windows configuration update?

Did you receive a Windows configuration update that demanded a reboot?

I got it at the office where my patches are normally controlled and I’m not 100% sure what the “configuration” was updating.

I believe – but I’m not sure – it was a Moments release as the update history points to this page.

If so, it really was not a great experience. No notification, just an alert I needed to reboot and not a great deal of information about exactly what was installed. Furthermore in my LONG experience with Windows, machines do weird things if patches are installed and machines are not rebooted so I really don’t like to see machines with pending updates.

So did you receive this as well on your Windows 11 22H2? Let me know in the comments.  Needless to say I’ll be investigating as to why Microsoft handled this like this.