News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: October 19, 2019

  • Patch Lady – okay Microsoft, how about you help?

    Posted on October 19th, 2019 at 19:22 Susan Bradley Comment on the AskWoody Lounge

    So the other day the only place I could find solid actionable information about the risk of attacks from the IE zero day was on a Microsoft 365 ATP E5 console called the Threat analytics dashboard.  It was the only place that gave me information that assured me that we could wait until the issues with the patches were dealt with and we didn’t need to rush to patch.  Today I went to the console and saw there was a new alert.  At the bottom of the alert is brand new wording:

    © Microsoft 2019. All rights reserved. Reproduction or distribution of the content of this site, or any part thereof, without written permission of Microsoft is prohibited

    Sigh.  So there goes another resource that Microsoft is limiting access to just certain paying customers.  Once upon a time Microsoft gave actionable information that helped administrators of all sizes to make smarter decisions about security and the risks they face.  They told everyone ahead of time on the Thursday before the second Tuesday the types of patches to expect.  They had webcasts open to all customers to help all of us understand how to deploy updates better.

    Now we have a MSRC blog that just tells us to turn on automatic updates and provides no overall discussion about risks.  Thanks guys, but I rushed out that out of band update and spent several HOURS fitzing with printers, updating drivers,  removing the update – and in one case had to roll the entire workstation back to the week before to get printing working again.  Customers with premier support contracts are the only folks that still get security guidance webcasts.  Customers with premier support contracts still get the security patch heads up email on the Thursday before Patch Tuesday.

    We’re told by Microsoft that Patching is a social responsibility.  Well yes, Microsoft it is.  And you have a social responsibility to all of your customers large and small to treat their IT assets with respect.  You need to do the right thing and release better patches that don’t break printing (as a recent sample of impact) and you need to release better information to all customers to help us understand the risks of not patching as well as patching.  You have a responsibility to all of your customers, and not just those with premier support contracts.