Newsletter Archives

  • Passwords don’t work — until they do

    ON SECURITY

    Susan Bradley

    By Susan Bradley

    Let’s get real. We all would love it if every website requiring credentials would just launch to our desired page without our having to enter in a password or do any sort of authentication.

    The process of entering a password or passphrase that is unique to every website is essential for security, but untenable. We usually counter our inability to remember more than a few passwords by using a Password Manager program (hopefully your display is not surrounded by Post-It™ notes). Password managers work great, until they are no longer safe.

    Read the full story in our Plus Newsletter (20.05.0, 2023-01-30).

  • Printers can drive you insane

    After months of print spooler patches hardening the print spooler so that attackers can’t use printers to gain a toe-hold into the network and then launch ransomware, printer vendors are having to go back and redo printer drivers/or you are having to install more modern drivers to deal with these issues.

    Show me a Patch Tuesday and probably SOMEONE, SOMEWHERE has hit a printing issue.

    I’ve had to reinstall/touch every printer in the office or home during the course of a year.  Yesterday I was fighting with an HP printer getting it to work reliably doing remote printing. But at first I couldn’t even get the Color Laserjet to recognize that it WAS a color printer in the first place.

    I showcase in this video the spot I found to get the device to “update now” and recognize it was a color printer.

    Now I’m trying “basic” printer drivers. I have to wait until tomorrow when the person is there to test if remote printing will now behave.

  • Microsoft you have made this confusing

    Just bought a new workstation. HP small form factor (with the largest power brick ever) with a Windows 11 Pro downgraded to Windows 10 Pro so I KNOW it supports Windows 11. Joined it to the domain. Started to install Win11 as the first business rollout of 11.  I’ll use Fences program and corral icons so the user won’t be annoyed, and it will be like his Windows 10.

    So for grins I go and run the WhynotWin11 just to test.

    And it says the 12th generation i7-12700 is not supported.

    Huh?

    But it is clearly listed on this page as being supported.

    AND it states in the web sites it’s licensed for Windows 11. But as Microsoft still hasn’t fixed their “official” application to work in a domain I can’t use their official tool while the workstation is on a domain.

    Note that while Microsoft is now pushing 22H2 to “unmanaged” pcs (that means you, the huddled masses), I don’t consider it still quite ready for prime time.  The fix for the remote desktop not working (which impacts some but not all Windows 11) is in the PREVIEW release of KB5022360.  (This update addresses an issue that affects mstsc.exe. It stops responding while connecting to a RemoteApp and Desktop Connection.) So until that rolls into next month’s security update, 22H2 still isn’t ready for letting home users remote into their workstations.

    Microsoft when you start selling Windows 12 make this process easier of determining which ones are and are not supported?

    As a kind reminder – don’t forget to use either group policy, registry keys or incontrol to select the version you are on.

  • MS-DEFCON 4: Patching weather is clearing

    alert banner

    ISSUE 20.04.1 • 2023-01-24
    MS-DEFCON 2

    By Susan Bradley

    In general, the January updates have been well behaved.

    So far, I’m not seeing any trending issues with them; accordingly, I’m lowering the MS-DEFCON level to 4. But that’s not to say we haven’t seen some other issues related to other types of updates. In addition to describing those, I’ll discuss a vulnerability in a part of your computer you may never think about.

    Two issues recently impacted Start menus and shortcuts but were unrelated to one another.

    Anyone can read the full MS-DEFCON Alert (20.04.1, 2023-01-24).

  • When is the right time to buy a Windows 11 computer?

    HARDWARE

    Susan Bradley

    By Susan Bradley

    The other day, I retired the last Windows 7 computer in our office, the one that had been used by our office manager.

    She didn’t like change and rarely went online. She used the computer only for some key business applications. (She carried a flip phone.) In other words, this is a case in which I wanted to make the transition as smooth as possible.

    So I took an older Windows 10 computer that wasn’t eligible for Windows 11, put the Start10 application on it, installed the Office classic menu, and ported her preferred background image to the “new” PC. I put the icons on the desktop in exactly the same place. I did everything possible to make the new computer look and behave as much like the old one as I could. And I didn’t tell her the computer had changed.

    Read the full story in our Plus Newsletter (20.04.0, 2023-01-23).

  • Group policy is cool but….

    Stumbled across this video tonight from Linus Tech Tips (not Linux but Linus). The video is about enabling Group policy editor. BUT on a Home PC even enabling Group policy editor  on Home doesn’t necessarily make Group policies work on Home skus. Some settings will work, some will not.

    The video is a bit hard to follow but the command(*) to enable group policy editor can enable group policy editor on Windows 10/11 Home skus but that doesn’t mean that if you enable a setting that it actually WORKS on a Home sku.

    Also be aware that you will need to have a computer that can support virtualization in order to run Linux on Windows (WSL).

    There is a Github group policy editor tool but I honestly haven’t tested to see if it works.

    Okay I’m a critic tonight because he’s glossing over a lot of the system requirements and details in this video. That said, it is showcasing that under the hood of Microsoft they aren’t just doing “Windows” but actively putting cross platform features into Windows 11.

    What key tip or trick would you recommend others should know and probably don’t?

    (*) Commands below:

    FOR %F IN (“%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientTools-Package~*.mum”) DO (DISM /Online /NoRestart /Add-Package:”%F”)

    FOR %F IN (“%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientExtensions-Package~*.mum”) DO (DISM /Online /NoRestart /Add-Package:”%F”)

  • January’s patching cyclone

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    We’re a bit soggy and wet at the AskWoody Tech LLC Global Headquarters here in central California.

    We’ve had nearly a week of rain, and more is coming. I shouldn’t complain — severe drought has brought our state’s water supply down to historically low levels, so the water is needed and much appreciated. But when Microsoft rains down upon us at the same time, the total deluge is a bit much.

    For January, Microsoft fixed 98 security vulnerabilities, said goodbye (for the final time) to the much-beloved Windows 7, also said goodbye to the less used (but popular among its buffs) Windows 8.1, and actually released updates to Microsoft’s on-premises mail server, Exchange.

    Read the full story in our Plus Newsletter (20.03.0, 2023-01-16).

  • Thinking of moving to Apple?

    Now that Windows 7 is at it’s end of life, if you are thinking about moving to a different platform remember that if your data is filled full of basic stuff like Word documents, Excel files, music files, photos and what not all of this will be able to be viewed and opened on platforms like Apple or even Linux. But if you use the native apps in these platforms, remember to export or save as PDF or back to a Microsoft centric file format if you plan to share with others.

    Often the built in applications in these other platforms save in a file format that isn’t able to be natively opened on a Windows machine. So that person will need to find a converter or ask you to export it to a Microsoft format. Fortunately, this is pretty easy to do.

    I’ve done a video showcasing the Apple versions of Word and Excel as well as the native applications that can save in the .doc and .xls format.

  • Attack surface reduction rule triggers a mess on Friday the 13

    #Fridaythethirteenthmess

    Microsoft 365 Status on Twitter: “The revert is in progress and may take several hours to complete. We recommend placing the offending ASR rule into Audit Mode to prevent further impact until the deployment has completed. For more details and instructions, please follow the SI MO497128 in your admin center.” / Twitter

    If you set up the Attack surface reduction rule to check Office macros, you have woken up to missing shortcuts. It appears to have been triggered after a defender update. Note this will only occur IF you have attack surface reduction rule enabled. On machines where this is not set, no issues will be seen using Defender.  It is just those with ASR rules enabled.

    The specific rule causing this is

    Block Win32 API calls from Office macros

    Rule-ID 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b

    In Intune or group policy set the rule to audit if Microsoft hasn’t done it for you already.  Now how to deal with the missing shortcuts?

    Emin reports that “If you’ve volume shadow copy enabled, you can find these shorcuts in a VSS snapshot. I still use nowadays this code whenever I’ve to mount/dismount VSS snapshots. https://p0w3rsh3ll.wordpress.com/2014/06/21/mount-and-dismount-volume-shadow-copies/

    Alternatively you can get the shortcuts from Onedrive if the Desktop synchronization was enabled.

    Microsoft’s guidance here:

    I’ll also note this on the Master Patch list – but it’s NOT exactly patch related side effect.

  • Master Patch list updated as of January 10, 2023

    #PatchTuesday #DeadBodyWedneday #KeepaneyeoutforissuesThursday

    Consumers:  Defer updates at this time.

    I’ve updated the Master Patch List for Tuesday’s releases.

    It’s too soon at this time for consumers to be making recommendations, I’m still watching for issues.

    For businesses, the impact to look out for and keep an eye on are any Exchange on premises server you are still patching.

    As a reminder

    • Windows 11 22H2: Not recommended
    • Windows 11 21H2: If you have a Windows 11 PC, recommended
    • Windows 10 22H2: Recommended
    • Windows 10 21H2: Recommended (if a vendor won’t support 22H2)
    • Apple Ventura – tentative. Check with the applications you rely on if they recommend this release.

    As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

  • Batten down the hatches for January updates

    #PatchTuesday

    As the wind blows in California where I live, we’re trying to batten down the hatches (as the trite saying goes).  So batten down the hatches on your computer as here comes the January Windows patches

    98 updates.

    1 publicly disclosed.

    11 critical

    Stay tuned and remember to defer at this time and I’ll be reporting on any side effects and issues.

    Remember it’s the end of the road for Windows 8.1 and the last of the updates for Windows 7 ESU.

    I’ll be discussing options you can take for these two platforms (yes once again 0patch is coming to the rescue)

    Don’t forget the OTHER needed updates:  Chrome, Firefox (14 critical), Citrix, Foxit, VMware.  As always don’t forget to check your browser updates.

    Edit of 1-12-2023.  I’m not sure if this is a coincidence or not but I’ve had to run the QB tool hub tool to fix printers on two of the three test machines at the office. All other printing was fine, it was just printing a report from INSIDE of QuickBooks that wouldn’t print. Ran the printer fix up tool and all was well.

  • Welcome to our twentieth year

    newsletter banner

    ISSUE 20.02 • 2023-01-09

    FROM THE PUBLISHER

    Susan Bradley

    By Susan Bradley

    Time flies.

    It seems like only yesterday. Out of the blue, I got an email from Brian Livingston, asking to meet with him while I was in Seattle attending a Microsoft event. Over dinner, he explained that he wanted me to write a column in the Windows Secrets Newsletter that would track issues with Microsoft patches and analyze their impact on PCs and their users.

    It was the dawn of “The Patch Lady.”

    Read the full story in our Plus Newsletter (20.02.0, 2023-01-09).
    This story also appears in our public Newsletter.