Newsletter Archives
-
Is online banking secure?
ON SECURITY
By Susan Bradley
Over the past few years, banks have been increasing their online footprint.
From mobile banking with cell phones to remote depositing with check scanners, banking has drastically changed. Some of the changes are forced on us due to the changing hours of operation at our local banks, but some of the changes enhance our ability to get our funds where we want them to be.
Read the full story in our Plus Newsletter (20.22.0, 2023-05-29).
-
Are you ready for AI?
The Microsoft BUILD conference is over and they will be adding AI to well…. everything. As usual while Microsoft will be … well Microsoft. We’ll be ensuring that we can tame and make the technology what you want it to be.
If you don’t want AI in Edge now, you can start with the basics such as blocking the request to change the default browser to Edge and the default search engine to Bing. This setting as noted in Edge policies can be set via group policy or Intune. Additional settings include to block the Bing Chat AI from the Windows 11 search. To disable Bing Chat AI from the Search field on the taskbar press the Windows key and open Settings, or use the Windows key + I shortcut to open it directly. Now click Privacy & security from the left panel scroll down to the Windows permissions section and click on Search permissions from the list. Scroll down to the More settings section and toggle off the Show search highlights option. The Bing Chat AI icon will no longer appear in the search field.
For those that use group policy there is a new Group Policy setting to disable the bing chat icon, and this setting was added with Windows 11 21H2 administrative templates. You must download the ADMX Templates for Windows 11 October 2021 Update [21H2] from the Official Microsoft Download Center. You’ll want to copy the files from from C:\Windows\PolicyDefinitions on a Windows 11 computer to your central policy store. Navigate to Computer Configuration\Administrative Templates\Windows Component\Chat. Find “Configures the Chat icon on the taskbar“.
Bottom line, don’t worry, we’ll keep you aware of all the tips and tricks to tame your operating system so it won’t go “I’m sorry, Dave. I’m afraid I can’t do that.” Stay tuned. we’re have more in the newsletter as Microsoft showcases the changes. Previews will be coming in June.
I’d also like to wish everyone in the United States a great Memorial Day holiday. To everyone who has served, thank you.
-
MS-DEFCON 4: Skip those Secure Boot scripts
ISSUE 20.21.1 • 2023-05-23 By Susan Bradley
Deploy May updates — and nothing but the updates.
I’m lowering the MS-DEFCON level to 4 to encourage you to install the May updates now.
However, I do not recommend taking the optional steps recommended by Microsoft to revoke the vulnerable bootloader files, as I discussed in yesterday’s On Security column. I do not think these manual steps provide full protection for this vulnerability — or potential future ones.
Anyone can read the full MS-DEFCON Alert (20.21.1, 2023-05-23).
-
Is Secure Boot important for security?
ON SECURITY
By Susan Bradley
During the last few months, some chinks have appeared in Secure Boot’s armor as the result of various attacks and vulnerabilities.
Let’s go back in history and understand how we got here.
When a computer boots up, and before the operating system is launched, other code runs. For many years, that was the Basic Input/Output System (BIOS) pioneered by IBM in the original IBM PC. Unfortunately, inventive attackers found ways to permanently install malicious code as part of this launch sequence.
Read the full story in our Plus Newsletter (20.21.0, 2023-05-22).
-
What is your favorite home consumer tech thing?
What’s your favorite technology thing that you use at home? I’ll start with mine. A kindle. But only for books, not for gardening magazines. One can get a book sized kindle which can also hook into your email so you can send email from it. I typically purchase two at a time so that I can be charging one while I’m reading the other.
So what is YOUR favorite technology thing that you use strictly for personal use and not for business?
-
Apple security updates for May
Apple security updates out…
💻 macOS Ventura 13.4 – 51 bugs fixed
📱 iOS and iPadOS 16.5 – 39 bugs fixed
⌚ watchOS 9.5 – 32 bugs fixed
💻 macOS Monterey 12.6.6 – 29 bugs fixed
📺 tvOS 16.5 – 28 bugs fixed
💻 macOS Big Sur 11.7.7 – 25 bugs fixed
📱 iOS and iPadOS 15.7.6 – 17 bugs fixed
🌐 Safari 16.5 – 5 bugs fixedThree zero days fixed in this batch
-
May’s messy updates
PATCH WATCH
By Susan Bradley
Although the May releases for both Windows and Apple have not introduced side effects or hiccups so far, they haven’t been as problem-free as they should have been.
Apple released the first of its “rapid response” updates, announced last June and supposedly allowing the company to deploy important security-only software updates without demanding a reboot.
Read the full story in our Plus Newsletter (20.20.0, 2023-05-15).
-
Do you touch your screen?
When I have my Kindle, I use touch on the screen. On my iphone or on an iPad, once again, touch is the preferred method. Obviously because all of those devices are designed for touch and were intended for touch.
But on a Windows computer? Even though I may have several computers that support touch screens about the only thing I use touch screen for is to swipe up and log into the computer and then use the keyboard. The advantage of buying a computer – even a laptop – WITHOUT touch is that it’s always cheaper.
So when Windows 11 comes out with new touch enhancements I tend to go, “that’s nice” and go back to my keyboard. But slowly you can tell that Microsoft is responding to feedback. Case in point this week is that you can enable seconds in the time view on Windows 11. Reportedly it was removed because refreshing the screen caused performance issues.
But what about you? Do you use touch with Windows?
-
Master Patch List as of May 9, 2023
I’ve updated the Master Patch list for the May releases.
Remember to always review the known issues we are tracking on the Master Patch List. I will keep the latest info there.
So far trending issues are:
Business patchers – In order to fully patch systems for potential UEFI/Secure Boot there are a series of manual steps. I am NOT convinced that this is needed for anyone other than targeted nation state organizations. I’ll have exact instructions and a video should you want more information.
I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.
- Windows 11 22H2: Not recommended
- Windows 11 21H2: If you have a Windows 11 PC, recommended
- Windows 10 22H2: Recommended
- Windows 10 21H2: Recommended (if a vendor won’t support 22H2)
- Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.
As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level
-
It’s May updating time!
It’s that time of the month that I’ll urge you to pause your updates on your Windows platforms, but review any pending updates on your Apple platforms. Recently Apple’s “Rapid response” patches weren’t quite as “rapid” as we would all like. In fact on my iPhone iOS 16.4.1 is still pending even though I have auto updates enabled.
I’ll be discussing what SHOULD have occurred in Sunday’s newsletter. In the meantime, let’s keep an eye out for this month’s Windows releases:
49 vulnerabilities if the count here is correct
Windows 11 22H2 has a new toggle button
- New! This update adds a new toggle control on the Settings > Windows Update page. When you turn it on, we will prioritize your device to get the latest non-security updates and enhancements when they are available for your device. For managed devices, the toggle is disabled by default. For more information, see Get Windows updates as soon as they’re available for your device.
As well as fixing issues in both Windows 11 22H2 and 21H2 as well as Windows 10 in the newly released Windows Local Administrator Password Solution
- This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.
Remember if you aren’t on Windows 10 22H2 at this time, I’ll want you to move to 22H2 as June 13, 2023 is the last time Windows 10 home and Pro 21H2 get updates. Windows 10 Enterprise and Education, Windows 10 IoT Enterprise, and Windows 10 Enterprise multi-session will still be serviced (apologies had that backwards). 20H2 is now fully out of support.
Ugh. There is a secure boot vulnerability that is being “fixed” with code in the May updates, but not fully implemented. Because you need PHYSICAL access or administrative rights to install code, this is yet another of those updates that will need to be “risk” rated for additional action. I’ll go into this more in the newsletter.
-
Planning for the final digital divide
ON SECURITY
By Susan Bradley
In a letter to Jean-Baptiste Le Roy in 1789, Benjamin Franklin wrote a phrase that has often been repeated ever since.
Most of us don’t realize that his comment started with a mention of the recently signed U.S. Constitution, but instead remember only the final part of his saying.
Read the full story in our Plus Newsletter (20.19.0, 2023-05-08).
-
MS-DEFCON 2: Settling down for a stable Windows 10
ISSUE 20.18.1 • 2023-05-04 By Susan Bradley
The order of the day is Windows 10 22H2.
With Patch Tuesday just around the corner, it’s time to defer updates. Therefore, I’m raising the MS-DEFCON level to 2.
However, there is one exception. If you are running Windows 10, update to release 22H2 as soon as possible. If you can’t get to it by Tuesday, defer — but be sure to get it done before the end of May.
Anyone can read the full MS-DEFCON Alert (20.18.1, 2023-05-04).