Newsletter Archives

  • Do you want a bit more In private browsing?

    Do you use private mode or incognito mode in Firefox, Edge or Chrome?

    Do you know you can set it up so that the browser launches automatically in this mode. In the case of Chrome you can right mouse click on the icon on the desktop and go into the properties line at the top and adjust the application setting by putting -incognito at the end of the application line. Click okay, approve the change and now when you launch Chrome it will be in private or incognito mode all the time

    “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” -incognito

    Firefox does it a little differently.

    Three-lined menu
    Options
    Privacy & Security
    Scroll down to History
    In the Firefox will drop-down menu choose Use custom settings for history

    Choose the button to have Firefox always use Private mode.

    Mind you when you do it like this, the browser will not have the visual dark background, it will just always be in that mode.

    If you want to see what I’m talking about, watch this video here. I showcase how to get to these private modes in Edge, Chrome, Firefox on 10 as well as 11.

    Why do you want to use private mode? Often websites give you different prices (travel sites in particular) when they don’t see cookies left behind from other searching. Bottom line there are lots of normal reasons why being a bit more private in your browsing is a good thing.

  • Should we panic?

    Gordon Kelly is out with a headline regarding to Quit Windows. Once again he has overblown the problem and overestimated the impact.

    First regarding side effects regarding DNS or domain name services, first off it only impacts Server 2019 and then only servers running the DNS server role.  We’re talking a narrow amount of impacted servers here, not BILLIONS.  I am running a Windows 2019 server with the DNS server role and not noting any issues, I use DNS forwarders and I have not seen anyone complain about this widely.  Microsoft has acknowledged the issue and Gordon is using Microsoft’s own transparency about an issue seen by a small subset to beat them up.

    Next the concerns over the local privilege escalation bug.  Unless how this is able to be attacked has changed,  CVE-2021-34484, isn’t easily exploited.  Per an October write up of the bug

    “While this is a critical vulnerability, exploitation would require threat actors to know the username and password of two different users, making an attack very difficult in the wild.”

    Excuse me?

    “Subsequently, vulnerability analysis specialist Will Dormann tested the flaw and found that the attack could not always be successfully completed.”

    Do we need to overinflate patching issues?  Absolutely not.

    Do we need to beat them up over quality of updates, yes.  But that’s true for all vendors including Apple.

    Edit:  As Carl points out in the comments you want to update your Browser today. THAT’S what you should be really worried about. Chrome is fixing a zero day that was under attack, Edge does not (as far as I can tell) have the fix yet.

    Edit 2:  Edge/Brave have the fix for the Chrome zero day as of 3/26/2022.  Make sure you update your browser.

  • Why do we change time?

    Next week in the USA comes my “bleary eye week”.  It’s the week that the time changes and I lose an hour of sleep during a time of year that I’m already working long hours. Everyone in my office really HATES next week and really wish that this whole concept of moving the clock would stop. While all of our computers automatically change, they need help too.  While you may think that we don’t change this process, it’s honestly amazing how many patches we get to change date and time zones.

    In businesses, if you still have an on premises domain controller, it’s wise to sync the server to an external time clock and then have your workstations look to the domain controller.

    On a standalone computer, most of the time you can let the computer do it’s thing. On rare occasion you may see that it’s off in it’s time. Typically this is when the CMOS battery on the motherboard needs to be replaced.  You can also decide if you want a different time server.

    Bottom line, get extra sleep this week as you’ll be losing an hour next week.

  • Windows 11: When no doesn’t mean no

    WINDOWS

    Susan Bradley

    By Susan Bradley

    It all started when I saw reports of users who hadn’t approved the installation of Windows 11 but rebooted their computers to find them doing exactly that.

    These users assured me that they hadn’t approved the install. Worse, some had specifically declined the update, only to see it being offered again. I have a serious issue with Microsoft about this, because the company is not providing good information about what to expect if your PC qualifies for the Windows 11 upgrade. It’s guesswork so far; trying to determine what to expect has not been easy.

    Read the full story in the AskWoody Plus Newsletter 19.02.0 (2022-01-10).

  • Tasks for the weekend – Nov 20, 2021 – It’s the annual geek clean up

    (Youtube here)

    This week’s Tasks for the weekend is brought to you by MuscularPortfolios.com.  Brian Livingston brings his tech mind to the Investing world. Sign up for his free newsletter to learn more.

    It’s that time of the year that we start planning to visit with family and it’s also the time of year that I recommend reviewing the computer systems of your loved ones and make sure their browsers are not riddled with extensions they don’t use, notifications they don’t want. See if they want to try out the Brave Browser or the Duckduckgo search engine.

    Review for new programs you don’t recognize added to the Programs and features section. Make sure their antivirus is up to date and if they use a third party program, that the subscription is current. (I’m still a fan of defender. Even now Windows is fighting with third party antivirus vendors like Kaspersky). Check what feature release they are on and make sure they are not on Windows 10 2004 soon to be out of support.

    See if they are being offered Windows 11 and if you want to use the targetreleaseversion to block it or use the gui opt out. It will look like the image below in the Windows update panel.

    You can click on that “stay on Windows 10 for now”.

    So when you visit loved ones, do you end up fixing their computers?  What are your tasks that you do?

     

     

     

  • Tips for the weekend – November 13 – geek shopping tips

    (Youtube here)

    I was out at my local Home Improvement store this weekend and clearly Christmas is here. The tree decorations, lighting displays, poinsettias and all sorts of Christmas decorations were all over the store. There is a local street in town that decorates each tree down the road with Christmas lights and the infamous house that does an electronic Christmas display to die for had their entire front yard stacked with boxes as they were unloading the Christmas lights for the year. My thought was… oh my… and I thought my search for burned out light bulbs was bad!

    It got me to thinking about the Christmas season and of course geek gifting. Here’s some of my suggestions for good geek gifts:

    I’m a fan of reading and love a small sized Kindle. I get one that is about the size of a small paperback. If you have someone in your family that is a reader and they don’t already have a Kindle, I’d highly recommend it.  The color versions that are small in size means you can take it anywhere and with various apps, you can even use them to read and respond to email.

    Next up is an expensive gift, an iPad. I bought one for my Dad a few years ago and because I want to make it so he can use it anywhere, I bought him the cellular model. I added it to my phone plan as an additional line and have just paid for it over time. With an iPad there are two sizes that depending on your needs, you may want to opt for the smaller mini one, or the larger version with the keyboard. If you want to save money and purchase one on a marketplace site, make sure you research if the iPad is still supported and will be able to get security updates. I’ve seen folks purchase some online from marketplaces and not realize that they were several years old and no longer updateable.

    Last but not least, I’m honestly recommending that you don’t buy loved ones (or yourself for that matter) a new computer for Christmas. I’d recommend you’d wait at least six months before buying a computer with Windows 11.  If you must buy a computer at this time because the computer died and someone needs a new one, I’d recommend looking for models that still have Windows 10 and that can be upgraded to Windows 11. Or you may consider a cheaper refurbished model to use for the next several years. Remember Windows 10 will be fully supported until October of 2025.

    During this time of inflation and need, a kind reminder that there are businesses that specifically refurbish computers to sell to folks with limited income. (This is a US based business I’ve linked to but there may be others in your area). Whenever you get rid of your old technology see if you can electronically recycle it by resetting it back to factory defaults (at a minimum for ipads and kindles) and consider options for ensuring hard drives are fully wiped or the operating system is reinstalled for computers. Always retire your old hardware safely, securely and with the idea that it may be able to go on to some other deserving person.

    So what are some of your geek buying tips for the holiday season?

  • It’s time for my very unscientific poll

    Over on Computerworld I’ve linked to my VERY unscientific poll of what you think about Windows 10 and Windows 11.

    I’ll report back in a few weeks as to what your thoughts and comments are.

  • DEFCON 2 – August updates include Print Spooler fixes

    And they are out…..

    August updates include fixes for the Print spooler bug that wasn’t quite fixed last month so if you disabled the print spooler as a precaution you can re-enable it.  (1) For businesses, I’d recommend that you leave it off on your domain controllers and only turn it on machines and servers where you absolutely need it.

    I’ll be researching and reading and testing and as always more details will be in the newsletter this weekend.

    Until then:

    1. Ensure that your backup software is functional and you have a good solid backup. If you have any questions, remember to visit our forums.
    2. For those of you with spare machines, use this time to test the impact. Given that we know it’s fixing issues with the print spooler software – remember specifically to test printing and scanning.

    Resources to read:

    https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-print-spooler-printnightmare-vulnerability/

    https://msrc.microsoft.com/update-guide/releaseNote/2021-Aug

    https://www.zerodayinitiative.com/blog/2021/8/10/the-august-2021-security-update-review

    Point and print driver change

    edit 8/12/2021 (1) Leave it disabled or keep your extra paranoid surfing level enabled , it’s still not fixed.

  • What would you have done?

    The other day I was working on a laptop and ended up rebuilding it. I discuss what I did over on Computerworld.com.

    I am reminded of this old and really good article about what to do when you’ve been “hacked” – or in this case, hit by a drive by malware installer and dubious browser. You can no longer trust the machine and MUST reinstall.

    What would you have done? What tools did I miss trying?

  • Tasks for the weekend – August 7, 2021 – plan on taking ownership

    (Youtube here)

    This post isn’t about a task I want you to do NOW, rather it’s a task you may need to do. Today I was fixing up an HP envy laptop and swapping out a misbehaving hard drive and replacing it with a SSD drive. While doing so, I placed the old hard drive into an external usb drive enclosure so should I forget any files, I could get them back. As part of the process I often have to take ownership of the files in order to copy the “my documents” folder back to the computer I’m working on. I’m a fan of adding “take ownership” to the right mouse click menu system so I can easily take ownership of something when I need to. You can manually add this, or use a registry key to add it to your right mouse click. Once you do that, you can easily take ownership of any external hard drive that you are wanting to get data from. Without this, you’ll get a prompt that you don’t have rights to user folders.

    When you are moving computers, I tend to do so a bit manually and not use any migration software. Ideally you should plan ahead and export out the bookmarks, but if you’ve forgotten, never fear, you can find the bookmark backup file on the old hard drive.

    As an aside, finding where they hide all of the screws was fun. The good news is that I didn’t have any spare parts once I was done.

     

  • My Acer 32 gig is now on 21H1

    What is that and why is this significant?

    This is my ancient Acer 32 gig hard drive – never should have been sold with Windows 10 in the first place – laptop that I hadn’t paid attention to in ages. I woke it up from sleep tonight because I was straightening up the room where it is and when I went into the windows update section …  I just about fell out of my chair. 21H1 was there pending and ready to reboot.

    This is the FIRST time EVER it has installed a feature release without having help.  Now granted .. now that I think about it this just showcases that everything since feature release 2004 was and is a minor update. But prior to this I had to always help it over every feature release not just the big ones.

    Needless to say 21H1 is now stable and if you aren’t on it, the best way to do it is to go to the Windows 10 download page and click on update now.  Clicking there will download a small file, you click on it and it starts the process of installing the feature release. When it’s done it will prompt you to reboot. Of course, remember to have a backup ahead of time!

  • Windows 10 more vulnerable – revisited

    I asked the other day if Windows 10 was more vulnerable. Turns out we have another problem with Windows 10 – and Windows 11 for that matter.

    CVE-2021-36934 has been released to track an issue that a researcher has stumbled on … and it’s honestly been around for a while. Starting with Windows 10 1809 and later, the default permissions on the “Security accounts manager database” (also known as SAM database)  aren’t set right and if you are a non administrator user where you shouldn’t have the ability to access that file, in Windows 10 1809 and later you DO have rights to that file.

    While on consumer and home computers this isn’t a huge issue, in businesses where keeping ransomware at bay is near impossible these days, it’s not a good thing at all.

    Bleeping computer explains the situation…. “With these low file permissions, a threat actor with limited privileges on a device can extract the NTLM hashed passwords for all accounts on a device and use those hashes in pass-the-hash attacks to gain elevated privileges.”

    The SANS site tells how specifically this vulnerability takes place….“The only issue here is how do we read those files: when Windows are running, the access to the files is locked and even though we have read permission, we won’t be able to read them.  As two great researchers found (@jonasLyk and @gentilkiwi), we can actually abuse Volume Shadow Copy to read the files. VSS will allow us to bypass the file being locked, and since we have legitimate read access, there’s nothing preventing us from reading the file. VSS is a feature that is enabled automatically on Windows and that allows us to restore previous copies in case something got messed up during installation of a new application or patch, for example. If your system disk is greater than 128 GB, it will be enabled automatically!”

    Action items to take as a consumer:  Nothing.  The potential mitigation “apart from disabling/removing VSS copies. Keep in mind that the permission on the hives will still be wrong, but at least a non-privileged user will not be able to easily fetch these files due to them being locked by Windows as the system is running.” to me is not viable and puts your system at risk for not being able to use previous versions tab, backups and other goodness. I’d rather not change any permissions because given that this has been in place since 1809, software may be expecting these permissions. I’ll let you know when a patch or fix comes out, or a mitigation that I consider safe.

    Actions to take as an IT Pro or MSP: Also nothing at this time. Again, I consider VSS copies too important to disable.

    Bottom line, stay tuned.

    Edit 7/23/2021 For IT Pros and MSPs, I’d recommend that you inventory your servers and clients to see if they are impacted.  See VU#506989 – Microsoft Windows gives unprivileged user access to system32\config files (cert.org)