Monthly Archives: December 2021

  • More subscriber experiences with Windows 11

    LANGALIST

    Fred Langa

    By Fred Langa

    AskWoody readers are dipping their toes into Win11’s chilly (but warming!) waters, and that means there are more and more real-world cases we can all learn from!

    In today’s column, you’ll read the Win11 experiences of four different subscribers, learn of some corrections and amendments to previous information, and see where Win11 stands as of today.

    Read the full story in the AskWoody Plus Newsletter 18.49.0 (2021-12-20).

  • Microsoft’s calling confusion: Teams, Meet Now, or Skype?

    MICROSOFT 365

    Peter Deegan

    By Peter Deegan

    Microsoft has a split personality when it comes to video and audio calling. There’s Skype, Skype for Business, Teams calling/meetings, and “Meet Now” in Windows 11.

    All three can do the same basic thing — computer-to-computer video/audio calls and meetings. What’s the difference, which one to use, and what’s the future of all these overlapping Microsoft options?

    Read the full story in the AskWoody Plus Newsletter 18.49.0 (2021-12-20).

  • End of the road for 2004

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    This is the very, very last patching month for Windows 10 release 2004.

    If you are still on 2004, even if you are using the Education or Enterprise editions, you will receive no updates in January or thereafter. Updates for Windows 10 1909 for Education or Enterprise editions expire on May 10, 2022.

    Read the full story in the AskWoody Plus Newsletter 18.49.0 (2021-12-20).

  • Tips for the week – what about the AppX vulnerability?

    (Note, we’re not ready to give the all clear for installing this is just a post clarifying a particularly confusing update. More about the December updates will be in tomorrow’s newsletter)

    Youtube video here

    This is a special post about a VERY confusing patch that came out on December 14.
    Referred to the Windows AppX installer vulnerability, it’s been used in actual targeted attacks.

    What’s confusing about this update and it’s “patch documentation” is that it’s not really a separate patch, rather it gets updated through the cumulative update. You only need to install this “patch” if you are in a business or corporation and have blocked updating your machines, then you need to manually install this update. Otherwise, it’s already patched and you don’t have to worry about it.

    Now mind you the way the update is documented, it’s not clear, but in testing I can tell that it’s already been fixed.

    Now keep in mind that many of these “in the wild” exploits come in through attachments, so always be wary of attachments to emails. Think… don’t click! I call this “patching the human”. If you patch yourself first – make sure you don’t click on attachments that you weren’t expecting – this goes a long way to keeping yourself safe.

    Edit 12-19-2021:  clearly this is even more confusing. It gets updated through the Microsoft store. Note that I recommend that you leave the Microsoft store to automatically update software for this very reason. Just like browsers, this is something that too often we forget needs updating as well. Bottom line if you’ve not disabled updates for the MS store, you will already be up to date and will not need to take any action.

  • December 2021 Patch Tuesday arrives – say goodbye to 2004

    It’s that day of the month again when we turn and look (northward in my case, your location may vary) to Redmond and see what Holiday helpings they are serving this time. For those of you in businesses, you are probably not wanting to see any more patch notifications right now after dealing with all of the Log4shell patching you’ve been having to do lately. What got found in an online gaming platform is now causing patching headaches for many businesses because they all used this code in their logging software.

    Even if you are a gamer, YOU aren’t the patcher in the Log4shell patching situation, it’s the cloud and application vendors. This code is not native to Windows operating systems. You may see a lot of headlines about businesses impacted by coin-mining attacks or ransomware. Reportedly Kronos a payroll company was hit with a Log4shell attack.

    For the windows updates this does have the printing fixes now rolled up in them and here’s hoping no new printer side effects will be introduced.

    https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec

    6 Zero days
    21 Elevation of Privilege Vulnerabilities
    26 Remote Code Execution Vulnerabilities
    10 Information Disclosure Vulnerabilities
    3 Denial of Service Vulnerabilities
    7 Spoofing Vulnerabilities

    And a partridge in a pear tree

    The updates have just started rolling out, again, as per normal rules of Askwoody patching engagement, you the home user want to hold back and wait to see what side effects occur. We’ll keep an eye out for you.

     

  • Patching guidance for Apple devices – December 13, 2021

    https://support.apple.com/en-us/HT201222

    As you can see by the release notes there are a LOT of security fixes in these releases

    iOS 15.2 security content addresses 38 vulns.

    8: out-of-bounds access
    7: buffer overflow
    5: input validation
    4: race condition
    4: logic issues
    3: memory corruption
    3: state machine
    2: use after free
    1: type confusion
    1: misc permission issue

    Same sort of Askwoody patching rules apply:  Home user, you can wait a bit to ensure there are no side effects.

    Business user – especially someone who might be targeted (work for defense, big business etc) you’ll want this sooner not later

  • AskWoody subscribers test Windows 11

    AskWoody Plus Newsletter Logo
    ISSUE 18.48 • 2021-12-13

    LANGALIST

    Fred Langa

    By Fred Langa

    AskWoody members are experimenting with Windows 11 … and getting mixed results.

    Today’s examples: One reader got good (albeit confusing) results with Microsoft’s free Win11 Virtual PC, but another suffered a much less happy outcome with a for-real installation.

    This column provides additional detail regarding the free Win11 VPC and the likely causes (and remedies!) for the second PC’s problems.

    Read the full story in the AskWoody Plus Newsletter 18.48.0 (2021-12-13).
    This story also appears in the AskWoody Free Newsletter 18.48.F (2021-12-13).

  • Mad at costly Grinch bots? Get yourself a free one.

    PUBLIC DEFENDER

    Brian Livingston

    By Brian Livingston

    This year’s global supply-chain crunch is making numerous electronic items go in and out of stock at retailers, and the problem has been made worse by “Grinch bots,” automated tools that some operators use to snap up whatever hot tech and toys may momentarily become available.

    Some worried tech buyers — and a few desperate parents of kids who “need” this year’s must-have toy — have tried to subscribe to their own Grinch bot (formally known as a shopping bot). But the services can cost $99 per month plus initiation fees, and they offer no guarantee you’ll actually score the items you want.

    Read the full story in the AskWoody Plus Newsletter 18.48.0 (2021-12-13).

  • Two solid replacements for the kludgy Windows 11 Start menu

    WINDOWS 11

    Lance Whitney

    By Lance Whitney

    Don’t like the Windows 11 Start menu? Both Start 11 and StartAllBack will bring the menu back to more traditional and usable style and functionality.

    In its fervor to push out Windows 11, Microsoft made some key changes to the new OS — some good and some bad. On the bad side of the fence is the new Start menu. Dispensing with the familiar list and tile layout in Windows 10, Microsoft pared down the menu into a single box that shows only your pinned and recommended apps.

    Read the full story in the AskWoody Plus Newsletter 18.48.0 (2021-12-13).

  • Click-to-run dribbles out changes

    ON SECURITY

    Susan Bradley

    By Susan Bradley

    Office patches are handled differently than Windows patches, and they can be very disruptive as a result.

    Microsoft always releases security patches for Windows on the second Tuesday of the month, no matter what the actual date. It’s the reason that this month’s updates haven’t yet arrived — today is December 13, and Patch Tuesday is December 14. We won’t receive security patches until tomorrow!

    Read the full story in the AskWoody Plus Newsletter 18.48.0 (2021-12-13).

  • Tips for the weekend – why are you still on 2004?

    Video here

    For all of you askwoody readers that are still on 2004, after I give the go ahead for patching later on in the month, I’ll want you to do not only the updates for the month, but figure out why you are still stuck on 2004.  When I make the decision to upgrade to whatever version, my preferred way to upgrade is to go to the ISO download page and start the install from there by clicking on upgrade now, then launch the exe file that downloads and run the upgrade. It should install and then ask for a reboot.

    I’ve seen a few folks have issues with vpn software and with the update not occuring at all. Often the two drivers most impacted by feature releases are network card drivers and video card drivers. Go to the vendor’s site and see if you can find newer drivers.  If you’ve had issues getting 21H2 installed and regularly use VPN software, I’d honestly recommend uninstalling vpn software and reinstalling it afterwards. I’ve seen issues in past feature release installation processes triggered by installed

    Bottom line, use this post to let me/us know that you are still stuck on Windows 10 2004.  By now the majority of home users should have been offered a later version. So if you are STILL on 2004, please post here in the comments. I want to figure out why you are still stuck!

    Resources:

    Topic: 6000003 Registry keys and group policy settings to select specific feature

    Topic: Comments on AKB 2000016: Guide for Windows Update Settings for Windows 10

  • Critical vulnerability in something?

    For home users this is one of those vulnerabilities you might read in our CodeRed forum and in the news in the coming days. It may impact services you use, espeially if you are a gamer you may have seen some notifications, but there’s not much you can do personally.  Your vendors have to patch for this. This is not native to the windows platform or the Apple computer you personally use.

    So why do I bring it up? Because your vendors may be scrambling to patch for this over the weekend. Log4j vulnerability is rated as a 10. There is no higher threat than this “A remote code execution zero-day vulnerability in Log4j 2, called Log4Shell (CVE-2021-44228), surfaced on December 9, 2021. Affected services include Cloudflare, iCloud, Minecraft: Java Edition, Steam, Tencent QQ, and Twitter. The feature causing this vulnerability can be disabled with a configuration setting, which has been disabled by default in version 2.15.0, officially released a few days prior. The Apache Software Foundation has assigned the maximum CVSS severity rating of 10 to Log4Shell”

    What is it?  A vulnerability in a Java based logging package that’s used in a LOT of vendor applications. This is especially concerning around the holiday season when security teams start taking vacation time.

    Who’s Impacted? (info courtesy of the Huntress folks)
    • Millions of applications and manufacturers use log4j for logging. This includes…

    • Apple

    • Twitter

    • Steam

    • Tesla

    • Apache applications (e.g. Apache Struts, Solr and Druid)

    • Redis

    • ElasticSearch

    • Video games (e.g. Minecraft)

    For those that are consultants that use tools to monitor computers, this may be in some of your tools.

    I would keep an eye on the Huntress blog for more information.

    Critical RCE Vulnerability: log4j – CVE-2021-44228 (huntress.com)

    Critical RCE Vulnerability Is Affecting Java : sysadmin (reddit.com)

    Bottom line, us home users aren’t impacted, but some of our application vendors may be pulling an all night patching session.

    Edit 12/11/2021 – Microsoft has released a blog post showcasing the actions they are taking.