Master Patch List as of May 19, 2022 – out of band for server auth issues

Microsoft has released an out of band update for Servers only to fix the authentication issues with certificates introduced in the May updates. I’ve updated the  Master Patch list  as a result.

• Windows Server 2022: KB5015013
• Windows Server, version 20H2: KB5015020
• Windows Server 2019: KB5015018
• Windows Server 2016: KB5015019

• Windows Server 2012 R2: KB5014986
• Windows Server 2012: KB5014991
• Windows Server 2008 R2 SP1: KB5014987
• Windows Server 2008 SP2: KB5014990

Note these are not on Windows update, they are only on the Microsoft Update catalog.  They can be imported into WSUS.

Note this issue does not impact consumers, only domain controllers in networks with an active directory domain.  So if you are a home or small business with a peer to peer network you will not be impacted.

The only other fix discussed is to fix installing updates from the Microsoft store.  If you have been impacted by any other Windows 10/11 issues (.net stuff, black monitor, etc) I personally don’t think this out of band will fix those issues.  You certain can back up your system and try it, but I would be surprised/gobsmacked to hear that it actually fixed anything other than the auth problems on the servers and the Microsoft store install.

The annoyances of the default behavior in Teams

Microsoft Teams. It’s an app I use occasionally. But I don’t want it to auto launch. I want it out of the way and only launched when I want it. But Microsoft clearly doesn’t agree with me. It’s even more annoying when I’m setting up Office and I haven’t logged into Teams to then go into the settings and tell it to go away.

Fortunately there is a way you can disable the auto-launch even if you don’t have the login to Teams.  And while you are there…. check out the other items autolaunching and disable accordingly.

Method 1: Disable from Task Manager

You can disable Microsoft Teams from Task Manager and it will not start up automatically:

1. Press Ctrl + Shift + Esc key to open Task Manager.
2. Go to Startup tab.
3. Click on Microsoft Teams, and click on Disable.

Method 2: Change settings

You can the settings in Microsoft Teams and see if that helps:

1. Launch Microsoft Teams.
2. Click on the Profile icon on the top right corner and click on Settings.
3. Scroll down and clear the checkbox for Auto Start Application.

Method 3: Modifying Registry

You can delete the entry for Microsoft Teams from Registry and check:

Note:  Important this section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

Follow the steps to take backup of registry.

1. Press Windows key + R, to open Run dialog box.
2. Type regedit and click on OK.
3. Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
4. On the right pane, right click on the registry entry for Microsoft Teams and select Delete.

So what annoys you about auto launching programs and which ones do you delete?

Master Patch List of May 16, 2022 – Apple zero days fixed

I’m releasing an update to the Master Patch list – not to give the go ahead for any Windows patches, rather to announce that Apple has released several updates that include fixes for zero days.

While it includes new features for Apple Cash, the Podcast app amongst others, it includes 30 security fixes for iOS 15.5 and macOS 12.4 includes 50 fixes.

Overall tally:

macOS Monterey 12.4 – 73 bugs fixed
macOS Big Sur 11.6.6 – 52 bugs fixed
Security Update 2022-004 Catalina – 37 bugs fixed
iOS and iPadOS 15.5 – 34 bugs fixed
watchOS 8.6 – 21 bugs fixed

1 zero-day in macOS Big Sur 11.6.6
1 zero-day in watchOS 8.6

One zero day involves “A remote attacker may be able to cause unexpected application termination or arbitrary code execution.”

I’ll dig around to see if I can find information on HOW the attacks occur as not all risks are created the same.  Note I recommend that you wait for Apple’s ‘dribble’ patching while they get their telemetry from early updaters.

The twists and turns of Office Fast Account Switching

MICROSOFT 365

By Peter Deegan

Fast Account Switching lets you quickly “change hats” between work, home, and other Microsoft accounts in Microsoft 365, Office 2021 and 2019, and now the browser-based Office.com apps.

Most of us have more than one online life, usually a work account — and a personal account and possibly more for other work or voluntary commitments. For Office users, that means separate Microsoft accounts and switching between those accounts to see recent documents and online storage related to that part of your life. In the past, and still in Office for Mac, changing accounts meant reopening the Office app.

Read the full story in our Plus Newsletter (19.20.0, 2022-05-16).
This story also appears in our public Newsletter.

Will Intel be a dominant chip company going forward?

SILICON

By Brian Livingston

All the headlines seem to be bad for Intel lately — poor yields on bleeding-edge technologies, disappointed customers, lagging performance compared with competitors from around the world, and on and on.

The truth of the matter is a bit more complicated.

Most of the stories you’ve been reading in the mass media about Intel are telling only half the tale — if that.

Read the full story in our Plus Newsletter (19.20.0, 2022-05-16).

WebChangeMonitor — stalk your favorite websites for changes

FREEWARE SPOTLIGHT

By Deanna McElveen

My husband and I get asked a lot about how just two people can keep thousands of computer programs up to date on our website.

Simple: We can’t — but we try real hard. Luckily, we get assistance from software developers’ emails, RSS feeds, open-source project trackers, and good ol’ fashioned complaining.

Another tool we’ve started using lately is WebChangeMonitor, by German software developer Martin Halle. It’s a great little program that allows you to be notified when a change occurs on a webpage. Pretty handy for us when we want to know whether a developer has updated their version of an application, but the program can be helpful to anyone in so many other ways, too.

Read the full story in our Plus Newsletter (19.20.0, 2022-05-16).

May updates fix risks to networks

PATCH WATCH

By Susan Bradley

It’s looking like consumers may have an issue-free month — if they don’t run Windows 11 machines — and businesses will have to decide whether they want to patch sooner versus later.

Once again, we have a vulnerability that has already been used and abused, but the good news for home and consumer users is that the vulnerability under fire is seen only in Active Directory domains.

Read the full story in our Plus Newsletter (19.20.0, 2022-05-16).

Ewaste or usable – week 2

It’s week 2 of my experiment to see if two computers I have are either e-waste or usable.

So this week I have decided that trying to make either laptop into a usable and supported Chromebook is not going to happen. Now that Chromebook has bought out Cloudready they have a much more specified listing of hardware they will support.

Clearly they want me to buy new hardware. So we will be trying next week with a Linux version.

Now if you want to buy a new Chromebook this is where they have the advantage over other platforms, they are much cheaper. You can get a decent Chromebook for under US$250 and some even less than that.

If all you want to do is surf the web and read your email online – the Chromebook is a viable option. It does take a pivot to the cloud as it wants your files up there, and you need to accept the privacy issues and risks of a gmail account log in.  But it will be useable for such tasks as telemedicine.

Now for those of you that need to support people on Chromebooks, this is where it is vastly different than both Windows and Linux platforms. In the case of Windows and Linux you can install remote access tools and be able to remote into it. You can set it up so that you can remote into it even without someone sitting at the laptop and giving you access.

Chromebooks, however, all of the tools I’m able to have access to, the person asking for help has to approve your access. And then with some tools you have only view access and cannot control the mouse. Chromebooks have their own remote tool, but it’s not quite as exact as others I’ve used.

So bottom line these two old laptop will NOT be Chromebooks.  Stay tuned until next week when we see what options we have to install Linux.

Master Patch List as of May 10, 2022

Patches came out yesterday.  The full details will be out in next week’s newsletter but in the meantime I’ve posted up the preliminary recap up on the Master patch listing page. Remember, other than the browsers, I have pause or defer on everything else at this time.

As always, thank you all for supporting the cause! Remember a mere $1 donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

Here come the May updates

First up consumer advice:

Remember this is the time that your main machine should be in deferral mode. So either defer updates for a later date, choose to be on metered connection, use WUshowhide to choose what updates you want ….but not now… today is wait and see what us testers find out.

Business patchers:

• I’m still tracking an issue with Windows Server 2022 and RDgateway brokerage service. I’ll let you know if that’s fixed.  It’s not been fixed. Still occurring.
• Installation issues – as noted on the BornCity blog should be fixed in the May releases. Note I only saw this in corporate networks so to me it appears to be a build/deployment triggered event.

Remember — “Windows 10, version 1909, and Windows 10, version 20H2 have reached end of servicing.  As of May 10, 2022, the Home and Pro editions of Windows 10, version 20H2, and all editions of Windows 10, version 1909 have reached end of servicing. The May 2022 security update, released on May 10, is the last update available for these versions. After that date, devices running these editions will no longer receive monthly security and quality updates containing protections from the latest security threats.”

And now we pop the popcorn and see what today’s releases bring to us:

from Dustin Childs he says…. “Some really interesting bugs in today’s #Microsoft patch release, incl one under active attack. I’ll have my thoughts out soon. #PatchTuesday“

Stay tuned, I’ll be adding links and comments here as well.

Consumer comments:

• Print spooler bugs being patched again, so I’ll be watching for printing bugs
• The one bug in active attack is more corporate targeted (LDAP) not consumer.
• .NET is getting patched (IMHO the whole retirement of the older .net versions is still extremely and frustratingly not clear, while .net updates no longer throw off quite the side effects they did before, the communication regarding the support of older .nets and lack of good informative tools to let you know what you have and what you are vulnerable to is frustrating to me. Look for more articles/guidance on this in the future)
• Windows 11 is having issues with applications that want .NET 3.5.  Looks like Microsoft is handling this with a “known issue rollback”.  If you have 11 look in the comments link for more reports.

Business comments:

• If you still patch on premises Exchange there are updates out this month.
• The “in the wild” vulnerability where we are patching PetitPotam again (CVE-2022-26925) is triggering some side effects with patches.  You may want to keep an eye out for NPS policies side effects

(USA Centric) Want a discount on your Internet?

Heard this on the drive home on the radio.

www.getinternet.gov

or call 877-384-2575

They just announced the Affordable Connectivity Program (ACP), which provides eligible households $30 per month off their internet bills. If you qualify you will receive a discount.  If you are unsure, reach out to your Internet Service Provider and look for their ACP program.  While this is for low income families, seniors on fixed incomes may also qualify as well.

You may want to check out this list as well.

We have another problem in the Central California area – that of decent speed for those that are in the more rural or farming areas. Unwired Broadband is one of the few companies in this area that specialize in rural customer.  There has been many a time that I’ve tried to remote into a computer of someone on rural internet and it feels like dial up.

So what’s your speed and what’s your costs?

The one thing you need to know about the metaverse

LEGAL BRIEF

By Max Stul Oppenheimer, Esq.

Nike is trying to convince a court that the metaverse is a real place, where the rules of the real world (as I think of it) do not apply.

If it succeeds, it will be a revolution in thinking on a par with the introduction of the theory of relativity. Because the one thing you need to know about the metaverse is this — it is not real. The tools that create the metaverse create projections into the real world, but the metaverse itself is no more real than Pandora.

Read the full story in our Plus Newsletter (19.19.0, 2022-05-09).
This story also appears in our public Newsletter.