Monthly Archives: April 2022

  • Things that annoy me – Windows 11 edition

    You can tell that Microsoft is starting to react to some of the feedback on Windows 11, well at least their Enterprise customers.  In the Insider release comes new group policies:

    What’s new in Build 22610
    Additional new MDM and group policies for IT administrators
    We are introducing new policies so that IT administrators can simplify their Windows 11 experience across Start, taskbar, and the system tray. The following policies are available today:

    Disable Quick Settings flyout
    Disable Notification Center and calendar flyouts
    Disable all taskbar settings
    Disable search (across Start & taskbar)
    Hide Task View from taskbar
    Block customization of ‘Pinned’ in Start
    Hide ‘Recommended’ in Start
    Disable Start context menus
    Hide ‘All apps’ in Start
    To configure these new group policies locally, open the group policy editor and navigate to User Configuration > Administrative Templates > Start Menu and Taskbar. You can also deploy these policies via Microsoft Endpoint Manager as well.

    Let me know if you want any of these options in registry keys?  As typically if you can do it via group policy, you can also do it via a registry key in Home versions.

    You know what slows me down in Windows 11 the most?  The Cut and paste function in the File explorer.  It’s now hidden in the “show more options” section of the right mouse click

    Once you click on “show more options” then you see copy and paste.  Now yes, I can do control C and Control V, but that typically means I have to move my fingers off my mouse and over to the keyboard.

  • Today’s edition of things that annoy me

    Today’s edition of things that annoy me in Microsoftland:

    1. Whom did you get your feedback from?

    Peter Deegan writes on Microsoft’s latest huh move. In a recent post to their alerts, they indicate that they are going to move people from the semi-annual enterprise channel to the monthly channel because people in the monthly channel “Customers on a monthly feature update cadence, such as those on Monthly Enterprise Channel, have reported higher satisfaction than those receiving semi-annual feature updates.”  I don’t know about you but I hardly ever click on Office smiley face feedback so exactly whom did you speak to?  Note this does not impact consumer 365 subscribers, just business subscribers.

    2. The dribble changes

    Microsoft announces changes in their platform but then doesn’t push things out right away. So weeks go by and suddenly things change for some – but not all – of your computers and you have to figure out what change occurred. If you suddenly see your search results change, remember I wrote about this a bit back.

    Right-click the Windows taskbar, select Search from the popup menu, and then click Show search highlights.

    I prefer the second option, setting a Registry key because options set like this in the Registry tend to stick — further updates to this “feature” should not turn them back on. To block the external content, add the key Windows Search, add another dword key called EnableDynamicContentInWSB, and set it to 0. This is represented by the following:

    • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search\EnableDynamicContentInWSB=0

    To make it easier for you, I’ve coded up an easily installable registry key to place the block in your system. To install the block, merely click here and then click on Open file in your browser’s download dialog. Click to run the program, and then click yes to install the registry key.

    Bottom line, every day there’s something new to be aware of.  We try to keep you informed!

  • MS-DEFCON 4: Protect yourself with patches

    alert banner

    ISSUE 19.17.1 • 2022-04-26


    By Susan Bradley

    I’ve been holding my breath.

    For the past few weeks, I’ve been watching for attacks that researchers indicated would be coming due to a vulnerability in all versions of Windows. All I’m seeing so far are theoretical attacks, not actual attacks.

    CVE-2022-26809, the headline vulnerability of the April updates that impacts Windows 7 through Windows 10 — as well as Windows Server versions — sounded like it had the potential of being a worm inside a network. Microsoft complicated the matter when it first indicated that this vulnerability was triggered by SMB file sharing. Then it clarified that the original researcher had provided a proof of concept that used SMB file sharing, but that additional methodologies could be used in attacks.

    Anyone can read the full MS-DEFCON Alert (19.17.1, 2022-04-26).

  • Removing MFA

    newsletter banner

    ISSUE 19.17 • 2022-04-25
    Look for our special issue on Monday, May 2!


    Will Fastie

    By Will Fastie

    How many times have articles in this newsletter told you that multifactor authentication (MFA) was a good idea and suggested that you turn it on?

    A lot. It’s good advice.

    Just the other day, I turned on Microsoft 365 MFA for one of my clients. It’s too embarrassing for me to describe the mistake I made. Suffice it to say that it was an accident, because I didn’t intend to turn it on.

    Read the full story in our Plus Newsletter (19.17.0, 2022-04-25).
    This story also appears in our public Newsletter.

  • Apple’s M1 processors are shaking up how you compute


    Brian Livingston

    By Brian Livingston

    After defining the smartphone market with its iPhone for years, Apple Inc. has shaken up the tech territory by designing its own M1 silicon to revive the Mac product line.

    With the original M1 appearing in MacBook Air shipments as of November 2020, the latest shipment in March 2022 of the so-called M1 Ultra — with performance rivaling that of some longtime powerhouse leaders — has created an entirely new class of personal computers.

    Read the full story in our Plus Newsletter (19.17.0, 2022-04-25).

  • Get more OneDrive with these tips


    Peter Deegan

    By Peter Deegan

    There are a few tricky ways to beat the 365 plan quota, to get more than one terabyte of OneDrive space for nothing and save local disk space by pushing files to OneDrive.

    Most Microsoft 365 plans, including Family, Personal, and most Business plans, include one terabyte of OneDrive storage. That’s 1,000 GB, more than enough for most people. But if you need more, there are cheaper – or even free – options available that are legitimate, inside the bounds of Microsoft’s rules.

    Read the full story in our Plus Newsletter (19.17.0, 2022-04-25).

  • Gearing up for cyberwar


    Susan Bradley

    By Susan Bradley

    Once upon a time, I used to publish maps showing the location of each water pump in the city where I live.

    Fresno residents rely on the underground water supply and pump much of the drinking water from various wells throughout the city. And then Fresno — like every other city — realized that publishing information about critically important infrastructure items, such as drinking water, probably wasn’t wise. That was especially driven home after 9/11; governments realized that they were handing over helpful data to those who might use it to attack us.

    Read the full story in our Plus Newsletter (19.17.0, 2022-04-25).

  • Are you prepared?

    It’s Saturday night or Sunday morning where you are and I’d like to challenge you to test that you can restore a file that has been damaged, deleted or removed or worse yet, you got hit by ransomware.

    So first step is to move a file to a different location on your computer. Next launch your backup software. Launch the recovery window and see if you can restore that file.

    Ransomware is now being used by commercial attackers and they are using zero days to gain access into systems.

    One-third of all hacking groups exploiting zero-days in 2021 were financially motivated criminals as opposed to government-backed cyberespionage groups, according to Mandiant’s research. During the last decade, only a very small fraction of zero-days were deployed by cybercriminals. Experts believe the rapid change has to do with the illicit, multibillion-dollar ransomware industry.

    For businesses, they are going after VPN software, Exchange on premises software among other vulnerabilities.

    So I challenge you tonight/tomorrow to test a backup and restoration process.

  • From remote? From local?

    Alex posted earlier about UEFI vulnerabilities in certain models of consumer Lenovo laptops.

    The official notice is here at the Lenovo site.

    I try to weed out the hype and get to “how will I be attacked”?

    If the attack has to occur locally I discount the attack.

    According to Lenovo there are three vulnerabilities:

    One local access the other two described as “attacker with elevated privileges”

    CVE-2021-3970: A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.

    CVE-2021-3971: A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable.

    CVE-2021-3972: A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

    I can’t figure out from reading the details from the ESET site if the attacker modifying the boot settings would manifest itself into some other side effect that you and I would then take action to reinstall the operating system? Or some other drastic action?

    What the realistic risk here?

  • Making connections between computers and monitors

    newsletter banner

    ISSUE 19.16 • 2022-04-18


    Ben Myers

    By Ben Myers

    With four different standards for video ports and cables, as well as some “mini” ports, it can be downright confusing to come up with the right cables to connect your computer to a monitor.

    In the best of all possible worlds, we would all want to buy a computer and a monitor at the same time, ensuring that they connect to one another and work well together with the right cabling. In our real world, a computer meets an untimely demise and an upscale monitor is still exactly what we need. Or maybe the monitor fails to light up, it becomes too dim, you punch out the screen in anger, or it is simply time for a larger monitor. Possibly you want to attach a monitor to your laptop, duplicating the laptop screen on a larger viewing area or using dual screens to see more information.

    Read the full story in our Plus Newsletter (19.16.0, 2022-04-18).
    This story also appears in our public Newsletter.

  • Protect yourself from iPhone and Android spying


    Brian Livingston

    By Brian Livingston

    As technology marches forward, there are more and more things for us to watch out for. One thing you might not be aware of is how easy it is for someone to listen to everything you say through a smartphone, such as an iPhone — even if the device is turned off.

    That’s right. That innocent-looking glass slab on the next table could be picking up everything you say and transmitting it 100 meters or so to an Apple AirPod earpiece, in the case of an iPhone, or to any wireless headphones, by using an app for Android phones.

    Read the full story in our Plus Newsletter (19.16.0, 2022-04-18).

  • Lance Whitney: Taking center stage


    Chris Husted

    By Chris Husted

    When a person with 25 years’ experience as a technology writer has some wisdom to impart, it pays to listen.

    Lance Whitney has been a full-time freelance tech journalist for “only” the past 12 years, but that comes after decades of working in IT first as a technician, then as a consultant, and today as a writer of tech articles scripted especially for IT professionals and for the everyday user, as AskWoody readers already know.

    Read the full story in our Plus Newsletter (19.16.0, 2022-04-18).