AskWoody

MS-DEFCON 2: Get ready for battle stations

ISSUE 18.29.1 • 2021-08-06 By Susan Bradley The annual security conference known as Black Hat is in the bag, and we are (well, I am) anxiously awaiting the next bugs that will rear their heads, based on the headlines that came out of the conference. Topics like Print Spooler bugs, Mac privacy bugs, and encryption platform attacks were just some of the headline topics that I expect to result in a new wave of patches — not just for Windows, but for almost every device. Consumer and home users In preparation for Patch Tuesday, I recommend that you take the usual actions to defer, pause, block, and just avoid updates for the operating system and Office apps. I suggest deferring until at least August 24. As always, we’ll keep an eye on side effects and issues. Remember, there are several ways to defer updates. The easiest way, in my opinion, is to click on Settings, Windows Update, Advanced Options, and then choose August 24 in the “Pause updates” section. When that clock runs out, updates will install automatically. Alternatively, use WuMgr to selectively install updates. Of course, as I always recommend, take the time to back up your system. Chromebooks should have been updated to 92.0.4515.130. It includes an improved version of Zoom as well as several other useful bug fixes. The Apple camp is still in beta testing mode on Monterey, and it’s anticipated that the release will be in September. In the meantime, you can keep up with the latest news on that beta in our forums. Business users What concerns me most is the “Microsoft Won’t-Fix-List (July 2021 Edition)” that a security researcher started in July of 2021 to document all the items that Microsoft hadn’t fixed by the end of July. Note that this list does not include all “won’t fix” items, just the ones that occurred during the month of July. I’m hoping that we see more of these issues fixed, especially those related to Print Spooler bugs. Those bugs keep me nervous about having the Print Spooler service enabled. I continue to recommend that you enable the Print Spooler service only on those computers and servers that absolutely need it for business operations. References AskWoody Master Patch List Read the full story in the AskWoody Plus Alert 18.29.1 (2021-08-06).

Firewalls don’t stop dragons

Are you familiar with the podcast “Firewalls don’t stop dragons“?

This week’s episode is about online advertising and about how you are the product.

Every time you load a web page, your personal data is being shared with thousands of companies. The ad spaces on the page are being auctioned off to the highest bidder in fractions of a second. The Irish Council for Civil Liberties calls this the biggest data breach in history, and is suing the ad tech companies on your behalf to stop this needlessly invasive and dangerous practice. My guest Johnny Ryan will explain how this real-time bidding process works and has insider documentation on the types of extremely personal data that’s being shared in order to target those ads to you.

Have a listen!

My Acer 32 gig is now on 21H1

What is that and why is this significant?

This is my ancient Acer 32 gig hard drive – never should have been sold with Windows 10 in the first place – laptop that I hadn’t paid attention to in ages. I woke it up from sleep tonight because I was straightening up the room where it is and when I went into the windows update section …  I just about fell out of my chair. 21H1 was there pending and ready to reboot.

This is the FIRST time EVER it has installed a feature release without having help.  Now granted .. now that I think about it this just showcases that everything since feature release 2004 was and is a minor update. But prior to this I had to always help it over every feature release not just the big ones.

Needless to say 21H1 is now stable and if you aren’t on it, the best way to do it is to go to the Windows 10 download page and click on update now.  Clicking there will download a small file, you click on it and it starts the process of installing the feature release. When it’s done it will prompt you to reboot. Of course, remember to have a backup ahead of time!

The August 2021 Office non-Security Updates have been released

The August 2021 Office non-Security updates have been released Tuesday, August 3, 2021. They are not included in the DEFCON-4 approval for the July 2021 patches. Unless you have a specific need to install them, you should wait until Susan Bradley (Patch Lady) approves them and any problems have been reported.

Remember, Susan’s patching sequence and recommendations are based on a business environment that has IT support and may have time constraints on the updating process. Consumer patching should be more cautious due to limited technical and mechanical resources. The latter is the reason for the AskWoody DEFCON system.

Office 2016
Update for Microsoft Visio 2016 (KB4504718)

Office 2013
Update for Microsoft Visio 2013 (KB4504728)

On April 10, 2018, Office 2013 reached End of Mainstream Support. Extended Support will end for Office 2013 on April 11, 2023.
Office 2016 also reached  End of Mainstream Support on October 13, 2020. EOS for Office 2016 is October 14, 2025.

Updates are for the .msi version (perpetual). Office 365 and C2R are not included.

Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

Is Microsoft doing enough?

In Computerworld I ask “For Windows security, what we have is a failure to communicate” and ask if Microsoft is doing enough to help keep us safe.

As an aside this is similar to Fred’s lament that documentation for Windows products is all over the place and not as helpful as it once was.

What do you think? Do you think Microsoft is doing enough or could it do better?

Meet Fred, the empowerer

ISSUE 18.29 • 2021-08-02

PROFILES

By Chris Husted

If a single organization were approaching five decades of experience in educating people about computers and helping them to solve problems they were having with their PCs, it would be called an institution.

Fred Langa, who writes for AskWoody, is just that.

Read the full story in the AskWoody Plus Newsletter 18.29.0 (2021-08-02).
This story also appears in the AskWoody Free Newsletter 18.29.F (2021-08-02).

Reader feedback on driver/software updaters, and more!

LANGALIST

By Fred Langa

CCleaner — the popular system-cleanup tool — recently added automated software and driver updaters to its features. A subscriber set out to see whether they’re any good.

Plus: Another subscriber’s laptop is stuck at 79% battery charge and won’t charge any higher; and a third seeks advice on how to obtain the fastest possible PC-to-smartphone USB tethering.

Read the full story in the AskWoody Plus Newsletter 18.29.0 (2021-08-02).

Revolutionary battery tech changes the way we charge

PUBLIC DEFENDER

By Brian Livingston

The dream of renewable-energy advocates everywhere may finally have been realized. The goal is a battery technology that stores solar and wind energy and releases it for days on end. Now, a new tech allows companies to meet demand at peak times with no need to fire up any spare fossil-fuel generators.

Read the full story in the AskWoody Plus Newsletter 18.29.0 (2021-08-02).

Gold copies — keep them close

ON SECURITY

By Susan Bradley

Recently, I realized that some of the items I needed to download were no longer available from the links I had been using.

The other day, I was working on an older server, attempting to re-create its software on a different server. As I worked through the needed prerequisites, I couldn’t find what I needed.

Read the full story in the AskWoody Plus Newsletter 18.29.0 (2021-08-02).

Opal: I’m building a new PC

HARDWARE DIY

By Will Fastie

Hardware for the future. Windows made me do it.

I wasn’t expecting to need a new computer just yet. My current PC is a bit long in the tooth, but I chose well when I built it and it has lasted six years, still providing the performance and capability I need on a daily basis. I have no urgent need for Windows 11.

Except that I work for this newsletter.

Read the full story in the AskWoody Plus Newsletter 18.29.0 (2021-08-02).

Tasks for the weekend – July 31st – what to do?

(Youtube here)

This week I’m revisiting two discussions that have been going on regarding actions to be taken on two bugs that are not yet patched.

First is the permission bug.

The second is the print spooler bugs.

I will separate my recommendations into two camps: Home and Business.

For Home I honestly don’t think you should take any action at this time because I do not see active attacks against home users for either the Print Spooler bugs or the incorrect permission bug. Both of them are more suited for attackers going after businesses, so once again, I’ll urge you to be aware, don’t click where you shouldn’t, but not to take any actions at this time.

For businesses I see that you need to be evaluating and if you feel that the risk is large enough to then take actions that I discuss in the video.

Take a look at the video.

Plan on the worst

I have a love/hate relationship with Surface devices. They are my favorite for travel as the Surface Go is the lightest one, with the Surface Pro 7+ being right behind. But… and this is starting to be true for more and more technology…. they cannot be easily serviced. Battery needs replaced? You can’t fix it. Monitor stops working on it? Sorry. So if you stupidly do what I did the other day…. like have your Surface in your purse on the passenger seat of your car. Then you opened your car door when you didn’t realize your purse was way too close the edge of the seat…. and well you can see where this is unfortunately going can’t you?

When it then hits the cement pavement just at the exact corner of the screen… you can guess what happened:

Nailed it, right on the edge.

The computer still booted up, it just was a bit…. crunchy in that corner of the screen with little bits of glass in the keyboard. Ugh.

When I purchased this device, I did it as part of an All access for business plan. You can add an accidental coverage plan, which I did just in case I did something … well… stupid like this. “Sigh!”, I said to myself, “well I get to test it out this time”.  So I signed into the Surface business access site and started the process to get it replaced. As part of the “replacement” process you only ship the unit itself. You reset it to factory defaults and erase all of your data because you are NOT getting this unit back.

So in my case, because I tend to use it to remote into other things, I honestly didn’t have to back anything up. I can easily install what I need on the device again. But I did have to remove the AT&T Cellular SIM card that was an extra accessory I got that allows the device to always have Internet connection as long as I’m within range of an AT&T cellular tower.

Microsoft provided a physical address I needed to send it back to and off it went. I had heard from others that I might get a refurbished unit back and not a new unit, but because the unit they were replacing was a Surface Pro 7 plus, chances were good that I would receive a new unit, not a refurb’d. Sure enough, I received back a new unit.

I went to reinstall the AT&T SIM and was surprised to see that cellular didn’t turn back on again. Okay I probably need to call AT&T and tell them the new IMEI or some other information that they need to reenable it. Turns out on the Surface Pro 7 plus it supports both an eSIM and a physical SIM there’s a little arrow key in the cellular networking section that you can pull down and choose eSIM or the physical SIM. Duh. Once I picked the physical SIM, the cellular connected right up without contacting AT&T.

As an aside, remember that Surface devices can get updates for it’s Operating system AND it’s hardware and firmware but they still are not easily repairable. Therefore, plan accordingly.

In July Microsoft released various updates for firmware and hardware on the following Surface devices:

Surface Book – security fixes for firmware

Surface Laptop 3 – various performance issues

Surface Pro 4 – security fixes for firmware

Surface Pro 3 – security fixes for firmware

Surface Studio 2 – security fixes for firmware

The moral of this story is, buy the support plan for accidental coverage for these types of tech devices that cannot be easily serviced. Even though most of the time you won’t use it, there will be that ONE time when the device slides out of your purse onto the concrete pavement as you open your car door. Trust me. It can happen.