Daily Archives: April 1, 2020
-
Patch Lady – updated the Woody’s Windows Health release dashboard
Posted on April 1st, 2020 at 23:00 Comment on the AskWoody LoungeI’ve updated the Woody’s Windows Health Release Dashboard to reflect a still not quite resolved issue.
The one we’re still tracking is the issue with VPN and using proxy servers. We had a couple of reports on the patchmanagement.org list that the workaround KB of KB4554364 didn’t work. If you are still impacted reach out to me at sb@askwoody.com and I’ll make sure you get in touch with Microsoft support.
-
Patch Lady – should we be concerned about Zoom?
Posted on April 1st, 2020 at 22:49 Comment on the AskWoody LoungeI’ve seen several comments on various venues about the risk of Zoom meetings. Some of them are valid, others are….. hang on … who in their RIGHT MINDS posts the URL to a non password protected zoom meeting on a social location?
I was listening to a presentation today and the gentlemen presenting was talking about how in times like these one has to balance risk with making sure the business survived.
Here’s another person I respect … Dave Kennedy on the topic of Zoom and security: https://threadreaderapp.com/thread/1245536000819986432.html
First off as Lawrence Abrams writes … make sure you put a password on the Zoom meeting. Next Zoom is working on the issue whereby NTLM hash values can be exposed, and Lawrence gives the workaround in the blog, but I have a better workaround. Be EXTREMELY careful of clicking on ANYTHING right now. I am seeing a huge uptick of COVID related emails and scams. I’m seeing these kinds of scams come into my inbox (well, the notifications that they are being cleaned out of my inbox anyway)
Subject: MUST READ-TRUTH ABOUT COVID-19
Sender: valeria.flores@ambiente.gob.ecTime received: 4/1/2020 11:41:20 PM
Message ID:<1870826593.23469281.1585784413797.JavaMail.zimbra@ambiente.gob.ec>
Detections found:
Virologyfiles.doc RTF/CVE-2017-11882.C.gen!CamelotSo… be careful and remember right now this is about balancing the needs of the business and the users. Absolute security doesn’t exist.
-
Worldometer: US confirmed COVID-19 cases just went over 200,000
Posted on April 1st, 2020 at 11:48 Comment on the AskWoody Lounge -
MS-DEFCON 3: Get the March 2020 patches installed
Posted on April 1st, 2020 at 09:32 Comment on the AskWoody LoungeIt’s been a strange patching month, with a Patch Tuesday, a Patch Thursday, the usual buggy “optional, non-security C/D Week” patch, a bonus fix for a bug introduced in late February’s patch, and a warning (with no patch) about yet another bad-font fallibility.
There are several known bugs, but they all have reasonably well-known workarounds.
Anyway, now’s a good time to make sure you have the March patches installed. Full instructions in Computerworld Woody on Windows.