News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

Newsletter Archives

  • It’s time for my very unscientific poll

    Posted on August 16th, 2021 at 12:36 Comment on the AskWoody Lounge

    Over on Computerworld I’ve linked to my VERY unscientific poll of what you think about Windows 10 and Windows 11.

    I’ll report back in a few weeks as to what your thoughts and comments are.

  • DEFCON 2 – August updates include Print Spooler fixes

    Posted on August 10th, 2021 at 12:12 Comment on the AskWoody Lounge

    And they are out…..

    August updates include fixes for the Print spooler bug that wasn’t quite fixed last month so if you disabled the print spooler as a precaution you can re-enable it.  (1) For businesses, I’d recommend that you leave it off on your domain controllers and only turn it on machines and servers where you absolutely need it.

    I’ll be researching and reading and testing and as always more details will be in the newsletter this weekend.

    Until then:

    1. Ensure that your backup software is functional and you have a good solid backup. If you have any questions, remember to visit our forums.
    2. For those of you with spare machines, use this time to test the impact. Given that we know it’s fixing issues with the print spooler software – remember specifically to test printing and scanning.

    Resources to read:

    https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-print-spooler-printnightmare-vulnerability/

    https://msrc.microsoft.com/update-guide/releaseNote/2021-Aug

    https://www.zerodayinitiative.com/blog/2021/8/10/the-august-2021-security-update-review

    Point and print driver change

    edit 8/12/2021 (1) Leave it disabled or keep your extra paranoid surfing level enabled , it’s still not fixed.

  • What would you have done?

    Posted on August 9th, 2021 at 11:55 Comment on the AskWoody Lounge

    The other day I was working on a laptop and ended up rebuilding it. I discuss what I did over on Computerworld.com.

    I am reminded of this old and really good article about what to do when you’ve been “hacked” – or in this case, hit by a drive by malware installer and dubious browser. You can no longer trust the machine and MUST reinstall.

    What would you have done? What tools did I miss trying?

  • Tasks for the weekend – August 7, 2021 – plan on taking ownership

    Posted on August 8th, 2021 at 00:13 Comment on the AskWoody Lounge

    (Youtube here)

    This post isn’t about a task I want you to do NOW, rather it’s a task you may need to do. Today I was fixing up an HP envy laptop and swapping out a misbehaving hard drive and replacing it with a SSD drive. While doing so, I placed the old hard drive into an external usb drive enclosure so should I forget any files, I could get them back. As part of the process I often have to take ownership of the files in order to copy the “my documents” folder back to the computer I’m working on. I’m a fan of adding “take ownership” to the right mouse click menu system so I can easily take ownership of something when I need to. You can manually add this, or use a registry key to add it to your right mouse click. Once you do that, you can easily take ownership of any external hard drive that you are wanting to get data from. Without this, you’ll get a prompt that you don’t have rights to user folders.

    When you are moving computers, I tend to do so a bit manually and not use any migration software. Ideally you should plan ahead and export out the bookmarks, but if you’ve forgotten, never fear, you can find the bookmark backup file on the old hard drive.

    As an aside, finding where they hide all of the screws was fun. The good news is that I didn’t have any spare parts once I was done.

     

  • My Acer 32 gig is now on 21H1

    Posted on August 3rd, 2021 at 23:29 Comment on the AskWoody Lounge

    What is that and why is this significant?

    This is my ancient Acer 32 gig hard drive – never should have been sold with Windows 10 in the first place – laptop that I hadn’t paid attention to in ages. I woke it up from sleep tonight because I was straightening up the room where it is and when I went into the windows update section …  I just about fell out of my chair. 21H1 was there pending and ready to reboot.

    This is the FIRST time EVER it has installed a feature release without having help.  Now granted .. now that I think about it this just showcases that everything since feature release 2004 was and is a minor update. But prior to this I had to always help it over every feature release not just the big ones.

    Needless to say 21H1 is now stable and if you aren’t on it, the best way to do it is to go to the Windows 10 download page and click on update now.  Clicking there will download a small file, you click on it and it starts the process of installing the feature release. When it’s done it will prompt you to reboot. Of course, remember to have a backup ahead of time!

  • Windows 10 more vulnerable – revisited

    Posted on July 20th, 2021 at 23:05 Comment on the AskWoody Lounge

    I asked the other day if Windows 10 was more vulnerable. Turns out we have another problem with Windows 10 – and Windows 11 for that matter.

    CVE-2021-36934 has been released to track an issue that a researcher has stumbled on … and it’s honestly been around for a while. Starting with Windows 10 1809 and later, the default permissions on the “Security accounts manager database” (also known as SAM database)  aren’t set right and if you are a non administrator user where you shouldn’t have the ability to access that file, in Windows 10 1809 and later you DO have rights to that file.

    While on consumer and home computers this isn’t a huge issue, in businesses where keeping ransomware at bay is near impossible these days, it’s not a good thing at all.

    Bleeping computer explains the situation…. “With these low file permissions, a threat actor with limited privileges on a device can extract the NTLM hashed passwords for all accounts on a device and use those hashes in pass-the-hash attacks to gain elevated privileges.”

    The SANS site tells how specifically this vulnerability takes place….“The only issue here is how do we read those files: when Windows are running, the access to the files is locked and even though we have read permission, we won’t be able to read them.  As two great researchers found (@jonasLyk and @gentilkiwi), we can actually abuse Volume Shadow Copy to read the files. VSS will allow us to bypass the file being locked, and since we have legitimate read access, there’s nothing preventing us from reading the file. VSS is a feature that is enabled automatically on Windows and that allows us to restore previous copies in case something got messed up during installation of a new application or patch, for example. If your system disk is greater than 128 GB, it will be enabled automatically!”

    Action items to take as a consumer:  Nothing.  The potential mitigation “apart from disabling/removing VSS copies. Keep in mind that the permission on the hives will still be wrong, but at least a non-privileged user will not be able to easily fetch these files due to them being locked by Windows as the system is running.” to me is not viable and puts your system at risk for not being able to use previous versions tab, backups and other goodness. I’d rather not change any permissions because given that this has been in place since 1809, software may be expecting these permissions. I’ll let you know when a patch or fix comes out, or a mitigation that I consider safe.

    Actions to take as an IT Pro or MSP: Also nothing at this time. Again, I consider VSS copies too important to disable.

    Bottom line, stay tuned.

    Edit 7/23/2021 For IT Pros and MSPs, I’d recommend that you inventory your servers and clients to see if they are impacted.  See VU#506989 – Microsoft Windows gives unprivileged user access to system32\config files (cert.org)

     

  • Window 10 Home vs. Pro: A real-life test drive

    Posted on July 19th, 2021 at 02:42 Comment on the AskWoody Lounge

    LANGALIST

    Fred Langa

    By Fred Langa

    An upgrade from Home to Pro edition costs around US$100, but is it really worth it?

    What does Pro edition offer that Home lacks? What does a Pro edition user give up in switching to Home? And, besides price and somewhat differing features, do the dissimilarities really matter in normal day-to-day Windows operation?

    Read the full story in the AskWoody Plus Newsletter 18.27.0 (2021-07-19).

  • Tasks for the weekend – July 10, 2021 – selective patches

    Posted on July 10th, 2021 at 23:54 Comment on the AskWoody Lounge

    (Youtube video here)

    So you want to install just SOME updates but not all?  You want to continue to defer updates but the clock is running out?

    If you want to defer updates MORE than what they already are, disable the internet, Unpause the patches (resume), it will start to try to scan for updates but can’t because it’s offline, now reenable the pause and finally, reeenable the Internet.

    Now you want to install SOME updates but not others? Use WUmgr tool. You can then selectively install just some updates and not all of them.

    (kudos to Geekdom for posting that detailed post about how to download and use the tool)

  • Tasks for the weekend – June 26 – dealing with the Store

    Posted on June 26th, 2021 at 23:19 Comment on the AskWoody Lounge

    Youtube here

    So yesterday and earlier today I had to deal with two computers that spontaneously had an Xbox gaming widget on the system that greyed out the screen. (you can see it in action here)

    Once I rebooted the systems the widget went away and I proactively put a registry key to ensure it didn’t come back. I think, based on reviewing the event logs on both systems, that a Microsoft Store update that got installed yesterday on my home pc and early this morning at the office.

    EventData
    updateTitle 9WZDNCRFJBD8-Microsoft.XboxApp
    updateGuid {69e8be91-65f1-4436-96b8-9025450413d7}

    Remember that there is more that gets updated behind the scenes than just the Windows updates that you visually see. Office 365 click to run silently updates in the background unless you overtly stop the Office updating process. The Microsoft store is another behind the scenes updating process as well.

    If you want to stop/block the Microsoft store, there are ways to do it as well as following PK’s excellent tutorial. Now mind you this is advanced stuff and not for all.  Many a system has been rendered unbootable if removing the apps weren’t done correctly. So I recommend this only for advanced users.

    Bottom line when your computer does weird things, sometimes it’s not you. It’s REALLY not you.

  • What’s your feedback for Windows 11?

    Posted on June 22nd, 2021 at 08:13 Comment on the AskWoody Lounge

    In Computerworld this week I started my list of feedback for Windows 11.  Before we get to the next version of Windows, I have a list of things that need to be fixed on Windows 10.

    So what’s your feedback to Microsoft?

  • News and Interests are a bit blurry

    Posted on June 15th, 2021 at 11:14 Comment on the AskWoody Lounge

    https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-20h2#1629msgdesc

    “After installing KB5001391 or later updates, the news and interests button in the Windows taskbar might have blurry text on certain display configurations.

    Affected platforms:
    • Client: Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 2004; Windows 10, version 1909
    Next steps: We are working on a resolution and will provide an update in an upcoming release.”
    So far if turning it off doesn’t work, try icons only.
    And next time Microsoft?  Don’t push out “feature release stuff” in a security patch.  Signed… your beta testers.
    UPDATE: They’ve released https://support.microsoft.com/help/5003690 to fix the blurry text and system tray issues. (Thanks EP)
  • June updates bring news

    Posted on June 9th, 2021 at 01:05 Comment on the AskWoody Lounge

    It’s been a little bit funny seeing some of the reactions online to the News and Interests feature that is included in the June updates. As Askwoody readers know, this first started to trickle out in May but in the June security updates they are included in everyone’s Windows 10 including Enterprises.

    Just a reminder, you can right mouse click on the weather info, go up to news and interests, and either adjust the options (as it does take up a bit of real estate) or turn it off completely.

    Optionally you can use this registry key to do so. To use it, simply click on the download in the upper right, click to run the file, it will warn you it’s not digitally signed, click through that, next click through the UAC prompt and you’ll get to this page warning you about adding it to your registry.

    Click yes and it will turn off the News feature. You’ll need to reboot (I had to) to get it to turn it off.

    I’m keeping an eye on the early beta testers in the forums, so far I’m not seeing anything trending.  As always full details of the updates will be in the Newsletter, in the meantime if anyone needs assistance or help, you know where we are.

    In other patching news, keep an eye out for Apple 14.6 for your iphone/ipad and remember that Apple 15 will be offered up to even iphone 6 models. Androids, keep an eye out for your updates as well.