News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

Monthly Archives: October 2018

  • 31 days of Paranoia – day 31

    Posted on October 31st, 2018 at 20:48 Comment on the AskWoody Lounge

    First off a bit of Halloween humor seen on a twitter post… someone was saying they were dressing up as “Outlook”.  Their costume was to wrap themselves up in a translucent shower curtain with a sign that said “Not Responding!”.

    I think we all can relate to that.

    So as I’m here at the front door (dressed up like Supreme Court Justice Ruth Bader Ginsburg I might add) waiting for the trick-or-treaters let’s end our 31 days of paranoia with one more post of resources:

    Places to go to get help – especially for Windows issues.

    First off – and above all – this site.  Specifically the Forums on this site.  There is nothing that helps better than someone else saying “gee I don’t see that here”… or “yes, I’ve had that EXACT same issue and here’s how I fixed it!”.  When you have no other machine to compare to, you tend to get a bit paranoid thinking that attackers are making your machine freak out when it might just be… well… patching or anti virus scanning or something third party making it freak out.

    Next I’d recommend something that makes me shiver… and not just because it’s Halloween and I’m listening to the Amazon Halloween playlist (It’s playing Michael Jackson’s thriller right now).  Twitter.  Yup Twitter.  I am lately finding that you can get one on one help when you direct it to a corporate or official twitter account.  There is a list (it might be a bit outdated) of official twitter aliases, and their official support alias for Microsoft is https://twitter.com/microsofthelps

    You can direct message them and get communication back.  The reason it makes me shiver is I find that twitter is too narrow of a channel and the knowledge or solution doesn’t often get exposed like it does in a forum venue.

    If you are an IT pro kind of person, I’m finding that Microsoft employees respond pretty good on the Techcommunity venue.

    Also make sure you have at least SOMETHING that can get to google.  The best way to fix a Windows machine is a working computer or device and a search engine.  There are so many times I’ve fixed something scrolling around a page on my iPhone.

    Now just so you don’t think I’m going to end the 31 days of paranoia in a happy spot here are some parting trends to worry about:

    Crypto mining attacks are trending.  The bad guys get on your machine and use the excess CPU to coin bitcoin.  So they don’t want to steal your credit card data, they want to use your computer to make their own money.

    Smaller more targeted phishing is on the rise.

    Attackers that set up Office 365 relay rules and then hide the fact that they’ve taken over your email box.

    And with that we close this month of paranoia.  Going forward I’ll still throw in a paranoid post or two…. just not as often as one a day.

  • My vote for the next Windows version name: Win10 Effluvium

    Posted on October 31st, 2018 at 15:57 Comment on the AskWoody Lounge

    Looks like Microsoft’s going to continue with “19H1” as the codename for the next version of windows. Mary Jo Foley reports — and a screenshot from Tero Alhonen confirms – that the next versions are due to be codenamed:

    Win10 Vanadium

    Win10 Vibranium

    Win10 Manganese

    I’d like to offer an alternative:

    Win10 Effluvium

    Has a certain… ring to it.

  • Fred Langa’s real world advice: How to remove a bad hard disk sector

    Posted on October 31st, 2018 at 07:10 Comment on the AskWoody Lounge

    Another school of hard knocks lesson from the master.

  • Patch Lady – 31 days of Paranoia – Day 30

    Posted on October 31st, 2018 at 00:12 Comment on the AskWoody Lounge

    Today’s topic on paranoia is about resources to keep yourself aware and secure.  Besides this site (obviously) here are some other resources I recommend:

    Krebs on security

    Threatpost.com

    Schneier on Security

    Naked Security

    Internet Storm Center

    Zero day initiative blog

    FSecure blog

    Dark Reading blog

    Information for businesses:

    Cost of a breach study

    Symantec security report

    NIST guidance

    So what do you follow that keeps you aware and secure?

    Edit:  I am gobsmacked.  I indeed should have included the following:

    Ghacks

    Bleeping computer

    BornCity

     

     

     

  • Deanna’s Freeware Spotlight: Safe Startup by PrivacyRoot

    Posted on October 30th, 2018 at 21:27 Comment on the AskWoody Lounge

    Welcome to the inaugural Deanna’s Freeware Spotlight, a once-a-week-or-so missive from Randy and Deanna at OlderGeeks.com. They’re passionate about good freeware, and they maintain a download site “without ads, fake download buttons and crapware.”

    There are a gazillion startup editing programs out there. You know, the programs that let you disable programs from running when you turn on your computer. But Safe Startup by PrivacyRoot, S.R.O. is different. It runs in your system tray and notifies you when a program gets added to startup so you can kill it dead immediately. Go grab a copy, it’s free!

  • Microsoft fixes the Zip file mess-up in the (beta version of) Win10 1809

    Posted on October 30th, 2018 at 13:58 Comment on the AskWoody Lounge

    Microsoft just released KB 4464455 to the Windows Insider Slow and Release Preview rings. That KB brings the beta-test version of Win10 1809 up to build 17763.107.

    Apparently it shouldn’t be confused with KB 4464455, released on October 16 to the Slow and Release Preview rings, which brings Win10 1809 up to build 17763.104.

    The ChangeWindows timeline shows that 17763.104 was out and about on Oct. 16, and 17763.107 first appeared today. Lucky for us they don’t track KB numbers.

    According to deskmodder.de (in Google translation):

    In addition to the issues already fixed in the first version of the KB, these two bugs have been fixed:

    • Fixed an issue where extracting files from a.zip file in File Explorer to a read-only location does not prompt “Do you want to replace these files?” And the background copy action fails.
    • We’ve fixed an issue where roaming profiles are not working properly.

    … Note: This update is not just for the insiders. If you are on the road with the normal Windows 10 1809, you can also install it.

    I’ve seen no confirmation — not even a hint — from any other site that last statement is true.

    I wouldn’t be surprised if the Windows 10 October 2018 Update shipped tomorrow, on the last day of October. That’s exactly what happened with the Windows 10 April 2018 Update, version 1803 — it shipped on the last day of April.

    But, man, shipping your final build a day before you go live… I mean, what could possibly go wrong?

    Thx @teroalhonen

  • What happened to KB 4462923, the October Win7 Monthly Rollup?

    Posted on October 30th, 2018 at 10:21 Comment on the AskWoody Lounge

    @PKCano has been on a mission to find what it takes to get Windows Update to offer this month’s Win7 Monthly Rollup. It ain’t easy.

    Details in Computerworld. Woody on Windows.

  • Patch Lady – 31 days of Paranoia – Day 29

    Posted on October 29th, 2018 at 22:56 Comment on the AskWoody Lounge

    Today’s topic of paranoia is one that I’m already paranoid over.  While 2017 had the largest number of public data breaches, there is a bigger risk that I’m concerned about.  That of the data breaches that we aren’t aware of.  Just about every day I hear on the radio or TV an ad for identity theft monitoring services that tout the ability to search the “dark web” for sensitive information.  I chuckle a bit a that because for something to be truly found on the dark web, then it’s no longer “on” the dark web but exposed as a known breach.  I don’t buy for one minute that these identity theft companies have the ability to see into the dark web before the bad guys find ways to obfuscate it again.

    I’m paranoid that we’re always going to be one step behind the bad guys, with our financial institutions (who already have proven that they can’t be trusted) making security decisions that are good enough.  Good enough for their bottom line, but not good enough for our data.  I’m paranoid that our legislature won’t understand the cyber issues well enough to ensure we have laws in place to disclose breaches and protect our data.

    So?  Are you as paranoid as I am?  Do you think we’re doing enough to protect our financial data?  What do you think they should do to make it better?

  • IBM will buy Red Hat – and look at the price!

    Posted on October 29th, 2018 at 12:50 Comment on the AskWoody Lounge

    I’ll confess I didn’t see this one coming.

    Good analysis from Sean Gallagher at Ars Technica:

    For IBM, the acquisition is about growing IBM’s business in the cloud—private, public, and hybrid—based on the position of the company as the open source and open standards player versus the “proprietary” models of Microsoft, Amazon, and other major cloud players. For Red Hat, the deal is about scaling up the company’s reach. “We can scale at greater speed,” said Cormier, “not just from a Kubernetes perspective, but even with the RHEL base. We can only reach a certain number of customers right now.”

    The offer, $34 billion, is $190 per share, which is 63% more than Red Hat shares were trading for on Friday. IBM’s shares are way down.

  • Patch Lady – 31 days of Paranoia – Day 28

    Posted on October 29th, 2018 at 00:17 Comment on the AskWoody Lounge

    Today’s paranoia topic is about hardening Windows… and specifically if Windows  7 is really more or less secure than Windows 10.

    For all that people do not like about Windows 10 privacy (or lack of) settings and telemetry, Windows 10 does have much more hardware based security that can be enabled than Windows 7 has.

    But therein lies the problem, many of this security goodness only kicks in if you have the right hardware, and the right operating system and the right knowledge to set it up right.  Take credential guard for example… it’s only in Enterprise sku.  Others like attack surface reduction rules only kick in as well with the Enterprise version.  1809 was supposed to get block suspicious behaviors but it was pulled at the last minute.

    So whenever you hear that Windows 10 is the most secure version of Windows ever… it is.  But…. depending on the version you have, you may not get all the features.

    One thing you can do is to “harden” the operating system by uninstalling any software added by the vendor during the OEM process you don’t use, or better yet, reinstalling the operating system from scratch before you use it.  Then you can use various tools to “de bloat” the games and other items from the operating system as well as possibly disable services.

    But I don’t recommend following that guidance without making a solid backup of your system before you start tweaking and making changes.

    So is Windows 10 the most secure operating system ever?  Sure.  But like most things in security, it takes work and nothing right out of the box is as secure as it can be.

  • Patch Lady – 31 days of Paranoia – Day 27

    Posted on October 28th, 2018 at 02:00 Comment on the AskWoody Lounge

    I apologize in advance if I’m a bit controversial tonight.  In the last several days we’ve had horrific things occur in the United States and I think some of this bad stuff going on… or perhaps all of this… is enhanced by social media.  I have posted in and on online forums for many years and remember the days of nntp and newsgroups.  There were always good places to hang out and not so good places to hang out.  The anonymous nature of technology tended to encourage some folks to be a bit too brutal, a bit too honest, and a bit… well.. just too much.

    Fast forward twenty years to where twitter, facebook, Instagram and other platforms are deemed “mainstream” and I think the same issues we saw twenty years ago in the newsgroups – that where communication is broken down – is now in our daily lives.  And now what used to be a small small group of folks that you could easily ignore is now a much larger problem in society.

    In 2016, this page indicates that 87% of kids have witnessed cyberbullying.  Wow.  I wonder what that statistic is now.

    So I challenge all of us.. .including me, to do something tomorrow. Instead of using technology tomorrow, glance up at another human being and say Hi to them.  Keep your phone in your pocket and technology away from your fingertips and your head up tomorrow.

    Consider this an online hug from me, and here’s hoping something can be done.

     

  • Newly discovered data access breach in Win10 UWP (Metro, “Store”) apps

    Posted on October 27th, 2018 at 14:29 Comment on the AskWoody Lounge

    There’s a bug in the UWP API that lets appropriately programmed apps look at all of your data. Günter Born says:

    (The malicious UWP) app is not limited to access to files and folders via a file picker or LocalStorage. Microsoft has described the permitted file system accesses in this document (broadFileSystemAccess API). The documentation also states: “On first use, the system prompts the user to allow access”. Microsoft (theoretically) provides security measures for access that intercept unauthorized access attempts. Without user access, a UWP app cannot access files without the user’s consent – at least theoretically …

    Unfortunately, there’s a bug that prevents the security prompt from appearing. Microsoft apparently tried to fix the bug in Win10 1809, but the guy who discovered the bug, Sébastien Lachance, says that trying to run the API-calling code crashed the app.

    (No details offered about which version of 1809 he tried.)

    In the meantime, it appears as if 1803 and earlier are still subject to the bug.