AskWoody

Did Firefox suddenly forget all of your passwords? Blame Avast. Again

If Firefox suddenly forgot all of your passwords in the past day or so, blame Avast.

It looks like Avast Antivirus and AVG Antivirus are both blocking the file that Firefox uses to store passwords. Your passwords are still there. You just need a new version of Avast or AVG.

Martin Brinkmann has the details on ghacks:

Firefox, just like any other modern browser, supports the saving of authentication information to improve the sign-in process on websites. Instead of having to enter the passwords manually each time they are requested, Firefox would provide the password when needed.

Firefox saves the data in the file logins.json in the Firefox profile folder.

Reports suggest that Avast and AVG security applications cause the issue for Firefox users. It appears that the software programs somehow corrupt the login.json file so that Firefox cannot read it anymore.

Lawrence Abrams on BleepingComputer has the inside story:

In a Mozilla bug post about this issue, Lukáš Rypáček, an engineering director at Avast, explained that the AVG Password Protection program will block a process’ access to saved logins unless the process is signed by a known and valid Firefox certificate. As Mozilla had issued a new certificate on 5/31/2019 and signed Firefox 67.0.2 with it, but AVG had not included it in the AVG Password Protection program, the Firefox processes were being blocked.

Apparently Avast has released updates to fix the problem.

Patch Lady – 1903 breaks connector on Essentials

For those of you still using the Windows Server Essentials 2012 or Windows Server Essentials 2016 platforms in your client base that provides the ability to backup the client workstation as well as provide storage, just a heads up.  Every feature release there is a constant battle with the connector software on the clients.  In the past we’ve been able to tell people to reboot the pc several times and the connector “wakes” back up again.  Peter Perry reports that this time with 1903 you’ll need to totally uninstall the connector and reinstall it to get it to hook back into the console.

It would be nice if Microsoft would support Microsoft, but …. apparently that’s always been asking too much for the Essentials platform.  Note that every feature release the connector software gets stomped on, mangled, or some other nuance that means for those of you running that platform it’s always been a challenge.

<sigh>

Microsoft’s getting better at documenting the most egregious bugs in Windows patches

But there’s still a lot of grist to this month’s mill.

Details in Computerworld Woody on Windows.

June 2019 Patch Tuesday is rolling out

With Bluekeep patching behind us (hopefully), we are waiting for the June 2019 results to come rolling in.

There are (only) 108 new entries in the Windows Update Catalog.

The Security Update Guide lists 2,210new individual patches today.

Martin Brinkman has his usual thorough summary posted on ghacks.

Microsoft released security updates for all supported versions of the Microsoft Windows operating system on the June 11, 2019 Patch Day.

• Microsoft released security updates for all supported versions of the Windows operating system in June 2019.
• All client and server versions have critically rated vulnerabilities patched.
• Microsoft released security updates for other products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure, Microsoft Exchange Server, and Skype

Windows 7: 42 vulnerabilities of which 3 are rated critical and 39 are rated important
Windows 8.1: 35 vulnerabilities of which 3 are rated critical and 32 are rated important
Windows 10 version 1703:  41 vulnerabilities of which 4 is critical and 37 are important
Windows 10 version 1709: 43 vulnerabilities of which 4 is critical and 39 are important
Windows 10 version 1803: 45 vulnerabilities of which 3 are critical and 43 are important
Windows 10 version 1809: 47 vulnerabilities of which 3 are critical and 44 are important
Windows 10 version 1903: 42 vulnerabilities of which 3 are critical and 39 are important

Internet Explorer 11: 7 vulnerability, 5 critical, 2 important
Microsoft Edge: 14 vulnerabilities, 12 critical, 2 important

Dustin Childs has his report of Microsoft released CVEs, 88 of them including an exploit for Windows Task Scheduler, for ZDI.

Earlier today, Microsoft released a patch to address CVE-2019-1069, an escalation of privilege vulnerability in the Windows Task Scheduler. Bugs of this nature have existed since Windows XP, but this most recent version impacts the latest Windows 10 and Windows Server 2019 versions. Information about the vulnerability was publicly available prior to the patch being released…

See the full report on ZDI.

For those of you updating manually, there are new Servicing Stacks for Server 2019, Server 2016,  and Win10 v1809 and v1607.

MS-DEFCON 2: Make sure Windows Update is de-fanged. Patch Tuesday’s tomorrow.

It’s been an interesting month in Patch City. First the WinXP/Vista/Win7 emergency patch (yes, you need to install the latest patches for all of them), and then the release of Win10 version 1903, which only appears to be going out to suckers, er, seekers. There’s one born every minute.

I have a full rundown of what to do and how to do it — with special new instructions for those of you running Win10 1903 — in Computerworld Woody on Windows.

How to work and play in Win10’s new Sandbox

First offered with the Windows 10 May 2019 Update (aka Version 1903), the new Sandbox feature provides users a safe, protected area to install and run untested programs.

Trying out new software is great, but installing and running unknown, untested, or possibly unsafe applications could present a significant risk to your Windows environment.

One of the better safeguards is sandboxing, which isolates apps from the rest of your system.

See the full story in the June 10, 2019, AskWoody Plus Newsletter (Issue 16.21.0)

Test-driving Intel’s Optane in a new PC

Can Optane really deliver on Intel’s claim of “SSD-like responsiveness from a conventional spinning-platter drive?”

A brand-new PC with a factory-installed Optane system presented a great opportunity to find out — and to discover how benchmark tests can vastly differ from real-life use!

See the full story in the June 10, 2019, AskWoody Plus Newsletter (Issue 16.21.0)

Finding your photos in the cloud

Have you ever wanted to bring up a particular photo or two (or eight) on your smartphone?

Maybe you want to revisit your last vacation or your child’s wedding. Or perhaps you want to show off photos of your grandchildren — but not too many … you don’t want to annoy people. Here’s how to find images in OneDrive, Google Photos, and Dropbox.

See the full story in the June 10, 2019, AskWoody Plus Newsletter (Issue 16.21.0)