News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – think rootkits days are over?

    Posted on February 22nd, 2019 at 20:30 Susan Bradley Comment on the AskWoody Lounge

    Think again.

    I was surprised to see that rootkits on Windows 10 are coming back.

    Check out my article at CSOOnline about them.

    (and hopefully this isn’t one that you don’t have to register for, but seriously I recommend that you do sign up for the site and not just because I have articles there.  There is lots of great information)

  • Patch Lady – How to update Win10 to fix Spectre, Meltdown and other side channel vulnerabilities

    Posted on February 22nd, 2019 at 17:05 woody Comment on the AskWoody Lounge

    Patch Lady Susan Bradley’s latest column in CSOOnline:

    In January 2018, security news media was abuzz over a new class of vulnerability called side channel vulnerabilities. Spectre, Meltdown and Foreshadow are some of the best known. They exploit weaknesses in speculative execution in microprocessors to leak unauthorized information. Side channel vulnerabilities allow attackers to bypass account permissions, virtualization boundaries and protected memory regions.

    Patching these vulnerabilities is not easy. They are mitigated by a combination of patches from both the chipset vendor and the operating system provider. Worse, there is often a noticeable performance hit after installing these updates…

    Windows servers in particular need specific guidance as most of the protections are not enabled by default.

    If you’re running a server that’s potentially at risk, it would behoove you to read this article.

  • New 7-Zip version 19.00

    Posted on February 22nd, 2019 at 08:02 woody Comment on the AskWoody Lounge

    Igor Pavlov just released a new version of 7-Zip. He’s bumped the version number up from 18.06 to 19.00.

    Details coming from OlderGeeks.com.

  • Getting to know the Windows Update History KB articles

    Posted on February 22nd, 2019 at 07:49 woody Comment on the AskWoody Lounge

    It’s easy to be snarky about Microsoft’s documentation — I do it all the time, when it’s warranted — but this strikes me as a genuine attempt to both extend and explain the documentation.

    Christine Ahonen on the Windows IT Pro blog talks about the Windows Update History pages, particularly the ones with update histories for Win10, Win8.1, and Win7. I visit them several times a day — and lambaste them at least a few times a month.

    Ahonen talks about the structure of the pages, tosses in a bit of marketing jargon, but then she gets to the heart of the matter, without addressing it directly.

    Somehow, in the past year or so, the Update History pages have become much more useful. Where they used to hide descriptions of bugs or coddle them in language that required substantial parsing, they’re considerably more forthright these days. Not perfect, mind you, but much better.

    We’re seeing more frank discussion of bugs, and the acknowledgments are appearing a day or two (or three or four) days after discovery, instead of seeing them buried in various forums, including this one, and languishing for weeks.

    We’re also seeing (recently, with Win10 1809) notes about version change hangups that Microsoft’s customers can identify with — “we blocked 1809 rollout on such-and-such because of so-and-so, and it’ll get fixed sooner-or-later.”

    That kind of openness — call it “transparency” if you must — goes a long way toward making me feel better about the inevitable mayhem of supporting 8 or 10 versions of Windows simultaneously and sending out hundreds of separate patches every month.

    I just wish MS would acknowledge less-common bugs, give us more details about changes in the patches, and… turned out better patches in general, eh?