|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
Ready to patch your car?
ON SECURITY
By Susan Bradley
Recently, I lamented having to get rid of an older automobile that had very little in the way of technology.
As I mentioned in that post, the technology (if you can call it that) consisted of a CD-ROM player, an ordinary radio, a cigarette lighter, and an auxiliary port. It certainly didn’t have the newfangled automobile technology available in almost every vehicle today. The newer the car, the more likely it is to have a technology-infused dashboard as well as out-of-sight processing power under the hood.
Read the full story in our Plus Newsletter (19.35.0, 2022-08-29).
-
The Ransomware Task Force’s advice needs work
ON SECURITY
By Susan Bradley
A few weeks ago, the Ransomware Task Force (RTF) released the Blueprint for Ransomware Defense.
The RTF was created by the Institute for Security and Technology (IST) in April 2021 in response to the emerging national and economic security risk posed by ransomware.
Unfortunately, I find the advice and information contained in the Blueprint centered too much on large enterprises and not enough on the broader audience it was supposedly targeting. Unquestionably, outages and stolen data for large enterprises can have a huge effect on large groups of people, but the Small Business Administration points out that there are 32 million small businesses — and we all can agree they have fewer resources to fend off attacks.
From my perspective, something very big is missing: detection.
Read the full story in our Plus Newsletter (19.34.0, 2022-08-22).
-
Can you trust technology?
ON SECURITY
By Susan Bradley
The other day, a reader asked why I use a Lenovo laptop, expressing concern that it was built overseas and contained sensitive technology.
He noted that the US Department of Defense had recommended that its divisions stop buying technology that included components suspected of containing (or known to contain) spying capabilities.
Read the full story in our Plus Newsletter (19.32.0, 2022-08-08).
-
Do we really want (or need) Windows 12?
PATCH WATCH
By Susan Bradley
The famous old idiom “moving the deckchairs around on the Titanic” is sometimes applied to technology.
Even though the saying usually implies the futility of a particular action, it often conjures up to me a technology company doing something — anything — to encourage us to purchase more of their product — or at least the latest, so-called greatest version. In my experience, it’s not what we really want but what the vendor thinks we need.
Case in point? Rumors are flying that Windows 12 is just around the corner.
Read the full story in our Plus Newsletter (19.30.0, 2022-07-25).
-
It’s the end of the road for Windows 8.1
ON SECURITY
By Susan Bradley
You need to start planning now.
Although Windows 8.1 may seem lost in the cobwebs of time, its small user base loved it and stuck with it. Many users, especially in business, were turned off by the tablet-first approach of Windows 8.0 and then, instead of moving to 8.1, stuck with Windows 7 and later migrated to Windows 10.
Now, however, the Microsoft axe is falling.
Read the full story in our Plus Newsletter (19.28.0, 2022-07-11).
-
The ASR GUI tool is safe
ON SECURITY
By Susan Bradley
Most antivirus programs flag ASR GUI as infected. Those results are false positives.
In my most recent AskWoody MS-DEFCON Alert, I recommended a tool to help you set preventive attack rules, otherwise known as ASR (Attack Surface Reduction) rules. I’ve recommended ASR GUI tool for years because Microsoft doesn’t provide an easy GUI to set rules for standalone computers.
Read the full story in our Plus Newsletter (19.24.0, 2022-06-13).
This story also appears in our public Newsletter. -
What should you consider sensitive?
ON SECURITY
By Susan Bradley
What information is sensitive? What information should you never give to anyone?
The answer is, it depends. Sometimes it depends on what you are doing, sometimes it depends on the jurisdiction (i.e., country or state) you live in. But often it comes down to what you feel comfortable giving to someone else. And the answer is usually different for different people.
Read the full story in our Plus Newsletter (19.24.0, 2022-06-13).
-
Dealing with MFA
ON SECURITY
By Susan Bradley
In my excitement about the three-day weekend for Memorial Day, I left my phone at the office.
In years past, I would merely confirm that the phone was safe and sound at the office by using a finder app such as Find My Phone or Life360. Then I’d just get the phone the next time I was at the office. Yes, I used to be able to live without the phone for a day or so.
Read the full story in our Plus Newsletter (19.23.0, 2022-06-06).
-
Why is email authentication changing?
ON SECURITY
By Susan Bradley
Throughout the lifetime of Internet-based email, we’ve been told over and over that it was dying, or soon to be dead.
Then why are we still on a dead platform? Why aren’t we using some new, whiz-bang thing that was touted as so much better than email? There have been some proposed ideas, but they died off.
I have a rather simple theory: Email comes to you — you don’t have to go find it. And it’s ubiquitous, too. No matter what device you’re using, what vendor it comes from, or what operating system it runs, email works.
Read the full story in our Plus Newsletter (19.22.0, 2022-05-30).
-
Is firmware patching important?
ON SECURITY
By Susan Bradley
Firmware patching has always been fraught with concern.
Until very recently, applying firmware updates often meant launching the update process from a DOS prompt. You often received warnings that if your computer lost power during the process, your machine might be bricked. This is such a daunting thought that, for servers, I would often update the firmware when I initially installed the server and never touch it again.
But firmware is nothing more than software, and — like every other kind of software these days — attackers find vulnerabilities in firmware. Recently, researchers found security issues in Lenovo consumer notebook firmware.
Read the full story in our Plus Newsletter (19.19.0, 2022-05-09).
-
Gearing up for cyberwar
ON SECURITY
By Susan Bradley
Once upon a time, I used to publish maps showing the location of each water pump in the city where I live.
Fresno residents rely on the underground water supply and pump much of the drinking water from various wells throughout the city. And then Fresno — like every other city — realized that publishing information about critically important infrastructure items, such as drinking water, probably wasn’t wise. That was especially driven home after 9/11; governments realized that they were handing over helpful data to those who might use it to attack us.
Read the full story in our Plus Newsletter (19.17.0, 2022-04-25).
-
Is this the end of the road for Windows 7?
ON SECURITY
By Susan Bradley
Vendors start to draw the line.
Ahh, Windows 7. I remember when you first came out. I remember when people hated — truly hated — your User Account Control (UAC) system that required administrator approval any time they wanted to do something that had been perfectly normal in Windows XP. I remember that UAC was so annoying that Apple lampooned it (more like harpooned it) in several of its famous Mac-versus-PC TV ads.
I went so far as having a cartoon made, urging people to “zip up” their UAC setting rather than disabling it, because I saw both users and administrators removing the UAC prompt entirely. But that represented a lowering of security for Windows 7. I thus urged people not to disable it, despite the annoyance. I told them to zip the slider all the way to the top. Remember the slider?
Read the full story in our Plus Newsletter (19.15.0, 2022-04-11).
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
KB4023057: Update for Windows Update Service components
by 18 minutes ago
-
win 12 as BORG?
by 1 hour, 12 minutes ago
-
Windows 11 — should I stay on Windows 10?
by 2 hours, 51 minutes ago
-
Did I really install PaintShop Pro?
by 1 hour, 23 minutes ago
-
You’re fired if you don’t know how to use GPT-4
by 4 hours, 31 minutes ago
-
Microsoft 365 Copilot announced
by 7 hours, 41 minutes ago
-
What’s wrong with OneNote — and what you can fix
by 8 hours, 46 minutes ago
-
Temp_Cleaner GUI — Just what I was looking for
by 44 minutes ago
-
Who controls our tech?
by 30 minutes ago
-
Missing drives
by 9 hours, 15 minutes ago
-
Can I boot into Win7 from Win10 laptop
by 7 hours, 6 minutes ago
-
How to Force HP Pavilion Laptop to Boot from USB Stick
by 17 hours, 49 minutes ago
-
The Internet Archive lost in court vs publishers
by 1 day, 1 hour ago
-
why is free space shrinking
by 15 hours, 24 minutes ago
-
Celebrating Spring
by 4 hours, 12 minutes ago
-
TicTock is child’s play compared to Flowtime devices (From TheGuardian.Com)
by 1 day, 22 hours ago
-
iOS/iPadOS 16.4 : Dim Epilepsy-Inducing Flashing Lights In Videos
by 1 day, 23 hours ago
-
windows networking issues
by 23 hours, 13 minutes ago
-
Gordon Moore died at the age of 94
by 2 days, 6 hours ago
-
New CISA tool detects hacking activity in Microsoft cloud services
by 2 days, 22 hours ago
-
Laptop update from Mate 19.2 to 21.1
by 4 hours, 3 minutes ago
-
Microsoft setting the ball for Windows 12 as it begins adding Cloud PC
by 2 hours, 55 minutes ago
-
March KB5023696 patch removed but now I have a what’s next question
by 2 days, 19 hours ago
-
CCleaner’s Driver Updater – does it work?
by 4 hours, 15 minutes ago
-
Issue 2439: CentOS Stream 9: missing kernel security fixes
by 3 days, 20 hours ago
-
Microsoft to throttle emails to online email if you are running old stuff
by 3 days, 13 hours ago
-
fre-ac updates
by 3 days, 20 hours ago
-
Windows 10 lost start up password
by 3 days, 20 hours ago
-
Windows 11 Insider Preview Build 22621.1470 and 22623.1470 released to BETA
by 3 days, 21 hours ago
-
Windows 11 Insider Preview build 25324 released to Canary
by 2 days, 23 hours ago
