MS-DEFCON 4: A well-behaved September

By Susan Bradley

September updates have few side effects.

It’s always nice when the monthly update process is calm, with no storms. But due to a few snags, the best I can do is lower the MS-DEFCON level to 4.

These side effects are limited to issues seen in businesses; we ordinary, consumer mortals are not much affected.

Anyone can read the full MS-DEFCON Alert (19.39.1, 2022-09-27).

Windows 11 2H22 released, mostly

MICROSOFT NEWS

By Will Fastie

Well, it wasn’t really 2H22. It was 2022.

The entire news cycle about Windows 11, starting with its announcement over 18 months ago, has been different. Maybe weird is a better descriptor.

The announcement wasn’t an event; nothing was live. There wasn’t even a video from Panos Panay, who was simply noted as the author of a blog post. The surprise twist in all this, especially from the perspective of someone in the press, was that the announcement was not accompanied by a press release in Microsoft’s usual location. Instead, it was given its own microsite. The release was not mentioned on Microsoft’s home page and was noted only on the Windows page with an eyebrow link at the very top.

Read the full story in our Plus Newsletter (19.39.0, 2022-09-26).
This story also appears in our public Newsletter.

Should you get a free credit report for any data breach?

PUBLIC DEFENDER

By Brian Livingston

Samsung Electronics — the giant multinational that sells 28% of all the smartphones in the world, as well as many other consumer devices — has sent notices to some of its users that their personal information in Samsung’s database has been hacked.

In a statement, the company says the hackers didn’t obtain users’ credit-card or debit-card numbers. But the intrusion did reveal some customers’ names, addresses, birthdates, and the Samsung products they’d registered. As a result, the corporation’s notices recommend that affected users obtain a copy of their credit report from major reporting agencies.

Read the full story in our Plus Newsletter (19.39.0, 2022-09-26).

Space flight is impossible

LEGAL BRIEF

By Max Stul Oppenheimer, Esq.

I read it in the New York Times.

Two cases currently making their way through the federal court system may determine what you will or will not be able to post and see on the Internet.

The states of Missouri and Louisiana have sued President Biden, his former press secretary Psaki, Surgeon General Murthy, HHS Secretary Becerra, National Institute of Allergy and Infectious Diseases (and Chief Medical Advisor to the President) Fauci, Homeland Security Secretary Mayorkas, Director of the Cybersecurity and Infrastructure Security Agency Easterly, and Director Jankowicz of the so-called “Disinformation Governance Board” of the Department of Homeland Security.

The suit is, as would be expected, highly political. Putting aside the specific allegations of the case, it does raise important issues for the control of social media.

Read the full story in our Plus Newsletter (19.39.0, 2022-09-26).

Keeping out the bad applications

ON SECURITY

By Susan Bradley

Both Microsoft and Apple are trying to tackle an ongoing problem that plagues us — keeping our systems secure and protected.

But the vendors are not tackling the problem in the same ways.

Apple has a huge user base of small devices, especially the iPhone, which provide the user with instantaneous access to real-time human interaction. Microsoft, on the other hand, has a huge user base of “traditional devices” (e.g., PCs) that certainly connect to the Internet but don’t involve phone calls, text messages, or anything else — such as FaceTime, the built-in visual medium.

Although the companies share the overall security challenge, their approaches are different.

Read the full story in our Plus Newsletter (19.39.0, 2022-09-26).

The “Intel Processor”

INTEL NEWS

By Will Fastie

For two decades, it’s been confusing to figure out what the name of an Intel processor or an Intel processor family meant.

Now, Intel has thrown a real wrench into the works by announcing the “Intel Processor.”

Funny — I thought that phrase referred to all Intel processors, not a family or a segment. I thought I could just write, “That PC has an Intel processor inside” and then wait for the inevitable question: “Which one?”

No longer, apparently.

Read the full story in our Plus Newsletter (19.39.0, 2022-09-26).

Can you install 22H2 without a Microsoft account?

Can you install Windows 11 22H2 without a Microsoft account?

In a word yes.

There is a new way you have to do it. In the past the way you got around the Microsoft account mandate on a Home computer was to disable the internet connection right before it asked you to set up a Microsoft account. Now there is a new way to get around the mandate.

First off, you can no longer get around turning off the Internet on Windows 11 22H2 home – or at least not in my testing. But don’t worry when it gets to that screen where it asks you for your Microsoft account, don’t say that you need to set up one, rather use a bogus email address. Or rather it’s an email address that really exists but is locked.

Type in no@thankyou.com with ANY password. The system will indicate “that didn’t work” and then let you set up a local account.

Video here showcasing how it’s done

The trick here is that the email address of no@thankyou.com is an account that has been locked and can no longer be logged into.

For Windows 11 22H2 professional, it too allows you to set up a user without a Microsoft account.

In addition, Rufus has been updated to version 3.19 which includes the ability to bypass Windows 11 22H2 Microsoft account mandate during the setup progress. It is a new feature in Rufus 3.19 and later.

Microsoft Endpoint Configuration Manager out of band

What is it? There is an out of band security update for Microsoft Endpoint Configuration Manager. This is a business only tool used to manage computers.

What’s the risk? An attacker could exploit this vulnerability to obtain sensitive information. It’s a spoofing vulnerability.

Does it impact consumers or home users?  No.

Does it impact businesses who only use WSUS or only Intune or even those who have standalone Windows 10 or 11 computers?  No. This is only for those customers running Config manager a separate standalone management tool.

How can you get the patch?  “The update – KB 15498768 – will be listed in the Updates and Servicing node of the Configuration Manager console for customers running Microsoft Endpoint Configuration Manager, versions 2103 – 2207.

Environments using versions of Configuration Manager current branch prior to 2103 are encouraged to update to a later supported version. Administrators can also disable use of automatic and manual client push installation methods to remove the risk of exposure to this issue. Refer to Support for Configuration Manager current branch versions.

Source: CISA alert

MSRC alert

I’ll update the master patch list later tonight, but be aware this out of band is for a narrow band of Microsoft customers.

22H2 for Windows 11 is out

Well it’s official, 22H2 for Windows 11 is out for those who go to “check for updates”.

I’m not sure if 22H2 is out for Windows 10 as well?

What’s new for IT pros link

Reduced package size link

“With this update we’re also taking steps to improve the Windows Update experience. Windows Update is now carbon aware, making it easier for your devices to reduce carbon emissions. When devices are plugged in, turned on, connected to the Internet and regional carbon intensity data is available, Windows Update will schedule installations at specific times of the day when doing so may result in lower carbon emissions because a higher proportion of electricity is coming from lower-carbon sources on the electric grid. We’ve also made some changes to the default power setting for Sleep and Screen off to help reduce carbon emissions when PCs are idle.”

Say what?  How about just making sure that they are bug free will ya?

Stick A Note — It’s life-changing! No, really … life-changing

FREEWARE SPOTLIGHT

By Deanna McElveen

Is this freeware maven seriously going to shove another sticky-note program down our throats? Yes. Yes, I am.

I am, because this is quite different. This will change the way you live! It’s on a par with the printing press! The cotton gin! This telephone! Okay, fine, it’s at least equal to the invention of fried pies!

Anand Gupta, a wonderful, professional developer from West Bengal, India, has created a freeware program called Stick A Note that is considerably different from any sticky-note program you have ever used. Stick A Note does not put virtual sticky notes onto your desktop. It puts them on the windows of individual programs.

Read the full story in our Plus Newsletter (19.38.0, 2022-09-19).
This story also appears in our public Newsletter.

What to do when OneNote won’t sync

ONENOTE

By Mary Branscombe

The Windows desktop OneNote app has tools to help you understand and troubleshoot sync issues, but don’t rush into anything.

The beauty of OneNote is that when you drop information into it, you have it at your fingertips on every device you use without the effort of copying files back and forth. That’s great until the sync system that makes that happen hits a snag and your notes stop showing up everywhere.

There are some common problems that you may run into with OneNote and fixing them is often simpler than the cryptic error messages would suggest, especially once you understand how sync works.

Read the full story in our Plus Newsletter (19.38.0, 2022-09-19).

Randy’s remedies: Juice, heat, glass, social, grid, and malware

SUPPORT

By Randy McElveen

Let’s finish up that list of remedies from Randy’s top 10 customer-support issues: Identified!

In this article, we’ll tackle #6 all the way up to #1. If you remember, we’re going to get you some free malware-removal tools for #1, so find that flash drive!

Read the full story in our Plus Newsletter (19.38.0, 2022-09-19).