|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
Tip for the weekend – scanning for Log4j vulnerabilities
I wrote about this the other day in the newsletter to check your computer for the Log4j2 vulnerability. So far the good news is that I’ve not seen active attacks in consumer computers, but I have seen vendors taking action to patch their software in business software. Now comes word that the Federal Trade Commission is reaching out to warn vendors to step up and ensure that their software is patched.
While I don’t see this as an issue for consumers, it’s still a concern for those of us in small businesses, as we don’t have the power to demand stuff from our vendors. For us, it is what it is.
I’ve found a tool that does a better job of identifying if your system has vulnerable code. It’s from Qualys and can be downloaded here.
You download the zip file, extract it. Now open up a command window, right mouse click to run as admin and leave it open. (watch the video for a demonstration)
Get yourself to where you downloaded the file (this is often the tricky part) and then run the command log4jscanner.exe
Now wait for it to scan your drives. This may take some time. On my laptop it found nothing on the drive. On my machine that I am typing this up from, it found some old files on my spare E drive. I can remove them with no issues. But on my office computers, it found files on some line of business vendor software that I use.
So now what? It’s active software so I can’t uninstall it. But keep in mind that the attacker has to get on to your system first, unlike the cloud vendors I don’t have the vulnerable software exposed directly to the web. So they have to get on my system first. And that means to me that they can nail me lots of OTHER ways first. So while I am going to reach out to my vendor, I’m not panicking. But it is interesting to see how the FTC is getting into the act of pushing our vendors to get better.
So if you are a small business tech person like me? Check your computers to see what vendors you need to push.
-
The annoyances of printers
We are supposedly in a paperless business world. Yea… right. Meanwhile every month we keep hitting printer issues (for some printers, not all) triggered by Microsoft updates. So we get told to buy a new printer to make our lives easier and then the printer manufacturers get downright … well how can we say this nicely…. overbearing, and nearly evil in their ways to hook us into their ink and cartridge programs.
Once upon a time I had an HP laserjet 4 printer that would run and run and run. The next version of that printer for home users, the HP Laserjet 4L would just run and run and run. (You can still buy one on ebay). I finally had to get rid of it when plastic parts would break off but I must have had that printer for 15 years or more?
So then the printer manufacturers realized two things – thing one selling printer cartridges was a good business to be in and thing two – if they made a printer that was indestructible we’d never buy another printer again.
In the small business industry there are certain models of printers that work nicer with working from home and remote printing. A plain laser jet printer of the Lexmark or Brother variety tends to not give you grief when remote printing unlike a USB connected all in one. I also try to not connect home printers via USB when I’m sharing them, rather I look to see if they have a network jack and connect them via a rj45 cable to my home router. Then I go into “add printer” and add a network printer and they find the printer on the network.
Bottom line it’s 2021. We’re not paperless. We still have issues printing. Each time you install an update (and a reminder, we’re not ready yet to give the all clear to install updates) you need to test that you can print as your first post reboot activity.
Printing is still such a mess.
So what printer do you use and what annoys you about your printer?
-
QuickBooks Desktop moves to subscription model
(USA small business accounting centric post)
Just got this email from QuickBooks – this notice is for QuickBooks Pro Advisors but you can already see that they are selling QuickBooks 2021 and 2022 in subscription model in stores and online.
If you want to have a ‘fixed price’ for a few years grab the QuickBooks Desktop 2021. It will support payroll for several years and then you’ll have to decide your transition strategy then.
Bottom line QuickBooks Desktop is not dead… but it’s definitely a subscription model these days. You have until December 10th to grab on to a one time purchase version of QuickBooks before we’re all on a subscription model.
* * * * *
A message from Ted Callahan
You are our valued partner, and we are reaching out to provide advance notice of QuickBooks Desktop 2022 product subscriptions and availability, ProAdvisor pricing and support changes.
For our 2022 Desktop products, we are making 4 changes that we describe in detail below:
Transitioning to subscription model for our Desktop lineup with the 2022 release.
Introducing QuickBooks Desktop Mac Plus subscription.
Extending availability of 2021 Desktop one-time purchase products until December 10, 2021 for accountants.
Improving support for ProAdvisors.
Product release expected September 28, 2021QuickBooks ProAdvisors will have access to the new QuickBooks Accountant Desktop Plus, Desktop Enterprise Accountant, and Desktop Mac Plus subscriptions around September 28, 2021. These subscriptions will be available through the ProAdvisor Membership portal within QuickBooks Online Accountant.
The new QuickBooks Desktop Plus and Enterprise subscriptions are scheduled to be released to businesses on October 12, 2021. QuickBooks Desktop subscriptions provide customers with the same locally-installed user interface, with added features and functionality that provides the best value and best-in-class product experience.
Pro Plus and Premier Plus subscriptions
QuickBooks Desktop for Windows is updating its product lineup. With our 2022 launch, we will now only be selling our Pro and Premier products as Pro Plus and Premier Plus subscriptions in place of one-time purchase licenses. In making this transition to subscription only, we commit to focusing our investment to deliver greater value and more impactful features for you and your clients. This transition will also encourage your clients to be on the most recent versions for easier collaboration with you. To facilitate this transition, sales of QuickBooks Desktop 2021, one-time purchase versions, will be extended until December 10, 2021.
The 2022 subscription versions will offer you and your clients additional benefits, including:
Access to the latest version, with the most up-to-date features, security patches, and support for 3rd party operating system changes.
Up to 38% faster, more reliable QuickBooks computing power (64-bit).
Unlimited customer support and data recovery at no additional charge.
Premium time saving and money management features. Increased productivity with the QuickBooks Desktop mobile app.
Please note that clients on older 32-bit computers will not be able to use the 2022 version, which requires a 64-bit compatible Windows operating system. Check here for more information on how to check for compatibility for your Plus and Enterprise customers.New: Mac Plus subscription
For 2022, we are introducing QuickBooks Desktop Mac Plus, an annual subscription-based license for small businesses. We will now be selling our Mac product subscription in place of one-time purchase licenses.1 QuickBooks Desktop Mac Plus will be available to accounting professionals as part of the ProAdvisor Enterprise Software Bundle.The 2022 subscription version will offer you and your clients additional benefits, including:
Access to the latest version, with the most up-to-date features, security patches, and support for 3rd party operating system changes
Unlimited customer support and data recovery at no additional charge
Premium subscription features, like automatically creating and categorizing receipt expense transactions.
Distribution for QuickBooks Desktop
Our transition to a subscription-forward lineup will occur at the time of our 2022 product release – scheduled for October 12, 2021.We will offer a limited time exception for the purchase of our Desktop Pro, Premier and Mac 2021 one-time purchase licenses (supported through May 2024) to avoid disruption to you and your clients. These products will be available via QuickBooks Solutions Providers (QSPs) and Intuit sales agents until December 10, 2021.
-
Kaseya VSA has been hit with a ransomware attack
https://www.reddit.com/r/msp/comments/ocggbv/crticial_ransomware_incident_in_progress/
“We are monitoring a REvil ‘supply chain’ attack outbreak, which seems to stem from a malicious Kaseya update. REvil binary C:\Windows\mpsvc.dll is side-loaded into a legit Microsoft Defender copy, copied into C:\Windows\MsMpEng.exe to run the encryption from a legit process.”
This not good for those who rely on consultants who then use common tools. Kaseya is the name of a company that provides various tools for consultants to remotely access and manage networks for their customers.
Consumer/Home user impact: You don’t use Kasaya VSA so you are safe.
Small business impact/Consultant impact: So far it looks like it’s only 4 MSPs that Huntresslabs are tracking, but you may want to check your networks to be safe.
-
Win7 ESU License purchasing now open
For the second year Harbor Computer Services has agreed to make the Win7 ESU licenses available for small quantity purchasers. What do you know? Microsoft and the distributors both got their act together this year and opened up Windows 7 – Year 2 Extended Servicing Updates license for sale on time. That means it’s available now! The cost of year two licensing is $142.
To prepare for your license purchase you will need:
- Your tenant information from last year. Find that email from Ted. It’s in there and you were instructed to keep it in a safe place.
- Credit card
- Number of licenses needed
- email address
If you have any Windows 7 computers that do not have year 1 applied, then you will also need to purchase year 1 for that computer. There’s a note section to let Ted know that you need one of those too. After you submit the form, Ted will process the information, make the purchase and the send you an email response with the license and instructions for installation. Just like last year. Please be a bit patient as we get ramped up to process these.
-
A new way to manage Exchange’s auto-forwarding rules
SMALL-BUSINESS COMPUTING
By Amy Babinchak
Here’s one never-changing rule for IT pros: Microsoft will always change the way that things get done.
For example, in September, the company rolled out a new version of the Exchange admin center (EAC). This change and others mean that we’re forever working to keep our system/service settings and configurations up to date.
A security staple for IT staff is preventing email from auto-forwarding off domains. Recently the transport rule that powered this function stopped working for two of my clients. It’s continued to work for others, but it’s probably just a matter of time before they run into this issue, too. So, my staff is off making changes — proactively.
Read the full story in AskWoody Plus Newsletter 17.48.0 (2020-12-07).
-
Business cyber insurance: A sea change
SMALL-BUSINESS COMPUTING
By Amy Babinchak
For IT businesses — and by extension, their clients — adapting to a rapidly shifting technology environment has been a challenge.
Not the least of those changes is insuring for data-related privacy and security losses.
Not that long ago, insuring my business was relatively simple. We were covered primarily for liability and errors/omissions. Today, the array of events covered by my policy is mind-boggling — much of it focused on data security and privacy.
Read the full story in AskWoody Plus Newsletter 17.45.0 (2020-11-16).
-
Online presence: Currency, continuity, and commitment
Small-Business Websites
By Will Fastie
So your website is now up and open for business? That doesn’t mean you can just walk away.
In previous installments of this series on small-business websites, I stressed the important basics of ensuring your site can be easily found. For example, in the September 21 article, “Web presence: Working with search engines,” I discussed understanding the Google search engine. What I didn’t mention was that search engines take into account a site’s age.
In short, if your site isn’t considered current, its perceived value will drop, and it’ll fall lower in search-result lists.
Read the full story in AskWoody Plus Newsletter 17.42.0 (2020-10-26).
-
HP Issues Sure Click Enterprise 4.2 Patch 1 to fix Initialization Failures caused by Windows Updates (October 2020)
Posted on October 15, 2020, HP announced the release of HP Sure Click Enterprise 4.4 Patch 1 and Bromium Secure Platform 4.1 Update 8 (Patch 5) to fix Initialization failures caused by October 2020 Windows Updates.
Issue Description
After installing any of the referenced Windows Update KBs below, HP Sure Click Enterprise and Bromium Secure Platform will be unable to successfully initialize. New initialization attempts will fail with error UPDATEGUEST_NETWORK_SETUP_FAIL. Your devices will continue to work until a new initialization is needed, giving you additional time to rollback the Microsoft KBs. New initialization requests would generally be caused by:
-
Upgrading supported applications to a new major version, such as Chrome, Microsoft Office or Adobe Reader.
-
Manually requesting a new initialization from the Desktop Console
-
Installing a new version of HP Sure Click Enterprise
This is a list of the Windows Updates affected
- KB4579311 – Windows 10 Version 2004 x64
- KB4577671 – Windows 10 Version 1903 x64
- KB4577671 – Windows 10 Version 1909 x64
- KB4577668 – Windows 10 Version 1809 x64
- KB4580330 – Windows 10 Version 1803 x64
- KB4580328 – Windows 10 Version 1709 x64
- KB4580346 – Windows 10 Version 1607 x64
- KB4580327 – Windows 10 RTM x6
HP Sure Click Enterprise 4.2 Patch 1 Released.
According to Windows Central
There’s HP Sure Click Enterprise. HP calls this the “world’s most secure endpoint application isolation and containment solution.” Supported on Windows 8 and Windows 10, Sure Click Enterprise brings enhanced run-time protection with non-persistent virtual machines. It can also protect user credentials from phishing attacks and supports large-scale deployments.
Gunter Born has more details on Born’s Tech and Windows World.
-
-
What is Microsoft saying to SMBs?
SMALL-BUSINESS COMPUTING
By Amy Babinchak
Microsoft’s 2020 Inspire and Ignite conferences are now literally history; as with most other major tech meetings this year, they were, for the first time, both entirely virtual.
Inspire is focused on Microsoft-partner marketing, while Ignite is more about technology. Both events showcase the company’s vision of future business computing. But sometimes you have to read between the lines, too. Here’s what I think Microsoft is saying to small-to-medium businesses (SMBs) and IT professionals.
Read the full story in AskWoody Plus Newsletter 17.40.0 (2020-10-12).
-
Web presence: Business social networking
SMALL-BUSINESS WEBSITES
By Will Fastie
The major-league social networks such as Facebook and Twitter can be a big help in establishing your company’s persona on the Web — but often at a cost.
I have an instructive tale about Facebook. The story is a bit dated, and hopefully the world’s mightiest social network has improved somewhat, but it will give you a small perspective into the intricacies of social networking — and the sorts of trouble they can pose.
Read the full story in AskWoody Plus Newsletter 17.38.0 (2020-09-28).
-
Microsoft 365 privacy tools
SMALL-BUSINESS COMPUTING
By Amy Babinchak
I’ll assume that most AskWoody readers take their personal privacy seriously.
But how many of you extend your privacy concerns and actions to your work? Linked tightly with security, protecting business privacy extends to coworkers, clients, and all stored data.
In the past, Office has been both a critical business tool and a significant security risk. Fortunately, today’s Microsoft 365 for business has an excellent collection of robust security features.
Read the full story in AskWoody Plus Newsletter 17.35.0 (2020-09-07).
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Windows 11, Surface, and Windows Copilot
by 2 hours, 13 minutes ago
-
Why File Explorer keeps me on Windows
by 1 hour, 25 minutes ago
-
Uninstalr — “World’s best cup of coffee”
by 1 hour, 4 minutes ago
-
Locked out of your refurbished computer?
by 1 hour, 7 minutes ago
-
Thunderbird 115: Changing font size in the Message Panel
by 11 hours, 36 minutes ago
-
Lenovo ThinkPad not updating to Windows 11 22H2
by 3 hours, 5 minutes ago
-
Android Security
by 17 hours, 49 minutes ago
-
What happened to the manual?
by 7 hours, 58 minutes ago
-
Waters of March, at the onset of Fall
by 1 day, 9 hours ago
-
OK to Restore Files From a Possibly Hacked Computer?
by 8 hours, 34 minutes ago
-
Startup loop after adding new user and installing File Explore Patch
by 1 day, 10 hours ago
-
RoboCops comes to NYPD. You have the right to remain cyborg
by 1 day, 15 hours ago
-
iOS 17 : New Safari Privat Search Engines
by 1 day, 16 hours ago
-
Photos App running in background
by 12 hours, 44 minutes ago
-
IPV6 Issue Win10 22H2 August Update
by 1 day, 14 hours ago
-
Windows 11 Insider Preview build 23550 released to DEV
by 2 days, 14 hours ago
-
Windows 11 Build 22621.2361 (22H2) released to Release Preview
by 2 days, 14 hours ago
-
Lately I’ve been getting qr code spam attacks
by 2 days, 18 hours ago
-
ghacks Wants Edge – FF Browser Update to View – hack/redirect
by 1 day, 16 hours ago
-
iOS 17 : If your new iPhone gets stuck on the Apple logo when you transfer…
by 3 days, 2 hours ago
-
Apple zero days out – September 2023
by 2 days, 20 hours ago
-
No shortcuts to files on Taskbar in Win11
by 2 days, 17 hours ago
-
“New” Google Sites vs Network Solutions: domain resolution
by 2 days, 4 hours ago
-
Topic: Privacy Report on Modern Cars
by 3 days, 6 hours ago
-
Microsoft’s massive Windows 11 update, featuring Copilot AI, begins rolling out
by 3 days, 3 hours ago
-
MailStore Home updates
by 4 days, 4 hours ago
-
T-Mobile users say they see other people’s account information
by 4 days, 15 hours ago
-
Retirement of Exchange Web Services in Exchange Online
by 5 days, 3 hours ago
-
What Remote Desktop credentials do I use to access a MS Account computer
by 3 days, 16 hours ago
-
Office 2003 Compatibility with One Drive in Windows 11
by 5 days, 14 hours ago
