Newsletter Archives

  • May updates fix risks to networks

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    It’s looking like consumers may have an issue-free month — if they don’t run Windows 11 machines — and businesses will have to decide whether they want to patch sooner versus later.

    Once again, we have a vulnerability that has already been used and abused, but the good news for home and consumer users is that the vulnerability under fire is seen only in Active Directory domains.

    Read the full story in our Plus Newsletter (19.20.0, 2022-05-16).

  • Drenched in patches

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    As is typical for this time of year, Microsoft is releasing a deluge of security patches for our Windows machines.

    One threat has already been used in the wild. CVE-2022-24521 is a vulnerability in the Windows Common Log File System Driver and can lead to elevation of privileges on a system. Troubling to me is CVE-2022-26809, which is a potentially wormable remote code vulnerability that could be especially damaging if the attacker gets inside your firewall or network.

    Read the full story in our Plus Newsletter (19.16.0, 2022-04-18).

  • Why can’t search just search?

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    Microsoft introduces “search highlights,” another feature we probably don’t want and didn’t ask for.

    In the April cumulative updates for Windows 10 and Windows 11, Microsoft will be bringing some changes to Windows’ desktop search. Unfortunately, it won’t fix what we really want fixed. Instead, it will be adding another feature we don’t want. The feature, called “search highlights,” began to roll out on March 22 to Windows 10 users who had installed the March 2022 preview update (KB5011543).

    Read the full story in our Plus Newsletter (19.14.0, 2022-04-04).

  • How Windows feature releases have changed

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    There’s a reason why you don’t see “service pack” updates any longer.

    I am often asked why I recommend 21H2 when there are other releases of Windows still under support. The concern stems from the not unreasonable sense that a feature update is massively disruptive and from the reasonable desire to put off that pain as long as possible.

    But after so many years of updates that represented total swaps of Windows for a new version (remember service packs?), Windows 10 has brought welcome changes.

    Read the full story in our Plus Newsletter (19.13.0, 2022-03-28).

  • The madness of releases

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    This month’s security updates for Windows 11 include some major changes. Alas, they don’t include one major wish item that everyone wants back: thumbnail views on folder contents.

    Microsoft does appear to have heard that feedback; starting with Windows 11 Build 22557, Microsoft is testing folder thumbnails again. But even in the March release of Build 22000.556, it is already moving items around.

    Read the full story in the AskWoody Plus Newsletter 19.11.0 (2022-03-14).

  • Understanding the zero days

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    What do attackers go after?

    If you take a look at the known, exploited vulnerability listing as put out by the Cybersecurity & Infrastructure Security Agency, you’ll find that the list is long and confusing. Even if you cut it down to just Microsoft and Apple, it’s still a bit overwhelming, to say the least.

    I’m going to focus on two bugs, to showcase differences in how the attacks occur on Windows and Apple and what the attackers are going after.

    Read the full story in the AskWoody Plus Newsletter 19.10.0 (2022-03-07).

  • A sweetheart of a patching month

    newsletter banner

    ISSUE 19.07 • 2022-02-14

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    Is Microsoft trying to win back our love?

    Microsoft may be giving us a Valentine’s Day patching reprieve: this month, we have no critical bugs being patched. Everyone, from home users to small-business users to large enterprises, can take a bit of a breather.

    The Windows Update releases this month include 70 vulnerabilities, none of which has any known exploits. For businesses, there are no Exchange patches to worry about. I therefore consider this a bit of a “cleanup” month, especially for anyone who skipped the January updates that caused so many side effects and concerns.

    Updates to .NET include security updates for 5.0.211, 5.0.405, and 6.0.102 — but not for older releases such as 4.8 and other earlier versions. However, you may still see these versions offered to your systems.

    Read the full story in the AskWoody Plus Newsletter 19.07.0 (2022-02-14).
    This story also appears in the AskWoody Newsletter 19.07.F (2022-02-14).

  • Keeping an eye on Apple updates

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    In 2022, we will start to pay a bit more attention to security and update issues related to Apple devices and possibly other environments, such as Android.

    Don’t worry — our focus will continue to be on our core mission, which is providing guidance for the huge installed base of Windows PCs and servers. What we’ve learned over the past year is that many in our audience use something other than a Windows PC as a secondary device, and that almost everyone carries a smartphone. Apple’s device lineup is an obvious choice for second devices. And it appears Apple’s efforts with its own silicon, especially the M1 chip, are increasing interest in Macintosh PCs and high-end iPads.

    Read the full story in the AskWoody Plus Newsletter 19.06.0 (2022-02-07).

  • A bumpy road for January

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    I’m always conservative, but this month you must delay applying updates to avoid side effects. Business patchers — you face tough choices.

    We are seeing reports of various issues with this month’s updates, some of which are so extreme that patching administrators in businesses have had to remove or roll back updates. Even for consumer and home users, I suggest holding off; it’s way too soon for me to feel comfortable recommending updates.

    Read the full story in the AskWoody Plus Newsletter 19.03.0 (2022-01-17).

  • A change to Alerts!

    Alert Logo

    Our MS-DEFCON system has proven extremely popular. It’s the reason the banner on our home page is so prominent.

    Early in 2021, we decided to post an abbreviated version of MS-DEFCON alert newsletters in our blog, reserving the full alert for Plus edition members. We’ve been pleased that this change met with general acceptance, but a review of our alerts for 2021 has shown that the difference between our blog post and the full alert is minimal. Therefore, I’ve decided to make a change.

    We publish two kinds of alerts, one for a changed MS-DEFCON level and one for other types of information. Henceforth, all MS-DEFCON alerts will be available to anyone visiting the site. Other alerts will continue as an exclusive benefit of Plus membership, as will emailed alerts and text message alerts.

    I’m happy to bring the MS-DEFCON coverage to a wider audience. It’s my contribution to promoting safe and sensible patching strategies.

  • MS-DEFCON 4: Closing out the year of patching

    AskWoody Plus Alert Logo
    ISSUE 18.50.1 • 2021-12-28

    MS-DEFCON 4

    By Susan Bradley

    The end of 2021 brings the final updates for Windows 10 2004. Meanwhile, most of us are planning not to install the new Windows 11.

    The December patching month has been relatively uneventful for Windows Home Edition users. The only major patching side effect I’ve seen came when an Office update prevented multiple users of Access from opening a database on the network. As noted in a Microsoft support page, the Microsoft 365 click-to-run versions listed below have been fixed. If you use Access, close and reopen Office to trigger it to download a new version. The fixed versions are:

    If you have Office 2016, the fix is in KB4484211. You must manually download the patch and install it. We’re still waiting on the fix for Office 2013.

    Consumer and home users

    Now is the time to upgrade Windows 10 2004 to 21H2. If you have not already been offered 21H2, I recommend a visit to the Windows 10 ISO page; click on the Update now button. Of course, be sure you have a backup of your computer first. Also, uninstall any VPN software you use — it’s a bit of overkill, but I have seen cases of VPN software interfering with the update process. Reinstall it after the upgrade is complete.

    If you have any side effects, please visit the forums so we can follow up on any lingering issues. The good news for Windows 10 is that it’s moving to a once-a-year feature-release cadence. Given that Microsoft will be focusing on Windows 11, I anticipate that Windows 10 updates will turn into a nice, boring release process for most of us.

    Business users

    Unless you are running Enterprise versions, I also recommend that businesses move to Windows 10 21H2. The version has been stable in my office. I always make sure that I have all workstations on the same version of Windows 10, to make my life easier.

    Many of us are still trying to chase down the patching we need to do for the Log4j2 vulnerability. It may take time to follow up with all the vendors in your clients’ networks, so be prepared to get updates from vendors as they discover what is and is not vulnerable. For example, I’ve found that my Ricoh printers are not vulnerable in my own network. Going through this listing takes time, and you’ll probably need to work together with each client. Don’t expect to know immediately what is vulnerable.

    Read the full story in the AskWoody Plus Alert 18.50.1 (2021-12-28).

  • Staying safe this holiday season

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    This is the season of bright lights and holiday scams. Not a day goes by when I don’t receive notice that a credit card has an alert, a FedEx package has been delayed, or my bank account is overdrawn.

    I’ve seen bogus links to websites that want my credentials, that want to inject malware into my machine, that basically want to steal money from me. While most of the time these scams are very obvious, there are times when they make me stop and do additional checking — just to make sure that I’ve not been scammed. As we close the year, it’s a good time to remind ourselves of various tips and best practices to keep ourselves protected.

    Read the full story in the AskWoody Plus Newsletter 18.50.0 (2021-12-27).