News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • Win10 version 2004 systemwide password “amnesia”

    Posted on September 18th, 2020 at 08:13 woody Comment on the AskWoody Lounge

    This from WarningU2:

    I’ve made two attempts to update to 2004 without success.  2004 applies fine but I keep getting prompted for passwords to sign into applications, google, facebook, outlook, and others.   It seems the credential manager is not remembering passwords with a local admin account.  It will for a while but the password is getting wiped out.

    If you use a Microsoft account log in, it does remember.  Is this a strategy for MS to force us to use their login method?

    I’ve tried all the suggestions at https://answers.microsoft.com/en-us/windows/forum/all/systemwide-password-amnesia-v2004-build-19041173/232381f8-e2c6-4e8a-b01c-712fceb0e39e to no avail.   I’ve reverted back to 1909.

    From the topic above on the Microsoft community forum that many are having this issue.   Has anyone from the distinguished experts here on this forum experienced the same and found a solution other than removing a local admin account?

    There’s more than 100 replies on that Answers thread.

    Anybody out there have an idea? It seems to be a version 2004-specific problem.

  • Patch Lady – Defender not having a good week

    Posted on August 13th, 2020 at 22:19 Susan Bradley Comment on the AskWoody Lounge

    So the other day we had folks reporting issues with Defender and Western Digital drivers.

    Today Citrix Broker service was flagged as malicious and well.. a whole bunch of work from home remote workers weren’t working anymore.

    Bottomline the best antivirus is silent and does it’s job.  And when it doesn’t…. it often is very painful.  It’s a tight tap dance around our operating systems to determine what is malicious and what is not. And when the attackers try EXTREMELY hard to LOOK like a normal application doing it’s job.  Bottom line we depend so much on antivirus and curse at them when they don’t work.

  • Patch Lady – be careful they are out to get us

    Posted on April 19th, 2020 at 23:35 Susan Bradley Comment on the AskWoody Lounge

    Just the other day this email came into my inbox.  The attackers are using COVID-19 related themes to wiggle into our inboxes.

    I talk about it in this video,  Be extra careful because they are out to get us right now.

  • Patch Lady – are you safe online?

    Posted on April 5th, 2020 at 12:13 Susan Bradley Comment on the AskWoody Lounge

    Just spotted this…

    It’s a series of 30 minute webinars next week put on by a company that normally does security assessments for companies.  Their https://s2me.io site walks you through a series of questions to review your personal computer risk.

    Some of the questions…… I never log into websites from links in emails. True or False? …. I never open a file attachment in an email unless I am specifically expecting one. True or False?

    So how secure are you?

    (edit:  I received a score of 812 – it was lowered because I have too many Windows devices (well duh), and I don’t encrypt all devices.  To be fair some of them are laptops I use for streaming needs and thus I don’t use them for sensitive tasks nor keep sensitive info on them)

  • Patch Lady – Office 365 pushes off disabling Basic Auth

    Posted on April 3rd, 2020 at 21:32 Susan Bradley Comment on the AskWoody Lounge

    https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-april-2020-update/ba-p/1275508

    While I totally understand why Microsoft is pushing off the due date for disabling basic authentication in their Office 365 platform/Exchange online I would recommend anyone using any sort of email platform these days (or online banking or anything online these days) to add multi factor authentication to anything you use online.  The attackers go after the weak links, weak passwords, reused passwords and you need to be aware of the attacks out there.

    Clearly COVID-19 is having a big impact.

  • Patch Lady – should we be concerned about Zoom?

    Posted on April 1st, 2020 at 22:49 Susan Bradley Comment on the AskWoody Lounge

    I’ve seen several comments on various venues about the risk of Zoom meetings.  Some of them are valid, others are….. hang on … who in their RIGHT MINDS posts the URL to a non password protected zoom meeting on a social location?

    I was listening to a presentation today and the gentlemen presenting was talking about how in times like these one has to balance risk with making sure the business survived.

    Here’s another person I respect … Dave Kennedy on the topic of Zoom and security:  https://threadreaderapp.com/thread/1245536000819986432.html

    First off as Lawrence Abrams writes … make sure you put a password on the Zoom meeting.    Next Zoom is working on the issue whereby NTLM hash values can be exposed, and Lawrence gives the workaround in the blog, but I have a better workaround.  Be EXTREMELY careful of clicking on ANYTHING right now.  I am seeing a huge uptick of COVID related emails and scams.  I’m seeing these kinds of scams come into my inbox (well, the notifications that they are being cleaned out of my inbox anyway)

    Subject: MUST READ-TRUTH ABOUT COVID-19
    Sender: valeria.flores@ambiente.gob.ec

    Time received: 4/1/2020 11:41:20 PM
    Message ID:<1870826593.23469281.1585784413797.JavaMail.zimbra@ambiente.gob.ec>
    Detections found:
    Virologyfiles.doc RTF/CVE-2017-11882.C.gen!Camelot

    So… be careful and remember right now this is about balancing the needs of the business and the users.  Absolute security doesn’t exist.

  • Patch Lady – Office 365 ATP this shouldn’t be missed

    Posted on March 25th, 2020 at 11:07 Susan Bradley Comment on the AskWoody Lounge

    Dear Office 365 Advanced Threat Protection.  You aren’t being that advanced today.

    1. that’s not my email address
    2. Short message and email attachment screams malware

    When I run it through virustotal.com and reverse.it sure enough

    Come on Microsoft (and all the other vendors who are missing this) we don’t need stupid stuff like this missed.  Not now.  Only Fortinet flags it right now 9:09 pacific time)

    https://www.hybrid-analysis.com/sample/ce7f61824f9b99ce1e96615b790f8e53e29d9e920cf1acb97956dfabf7031482?environmentId=100

  • Patch Lady – remoting into a desktop without VPN

    Posted on March 21st, 2020 at 22:41 Susan Bradley Comment on the AskWoody Lounge

    If you are a small or medium business – or an IT consultant who helps small or medium businesses here’s a thought of a way to temporarily allow folks to remote into their desktops at the office without introducing more risk.  Many IT consultants are setting up Virtual Private Network connections from potentially insecure home pcs that are not secure to the firm network and may introduce more risk.  Especially if you have an unpatched Windows 7, this could introduce MORE risk to the network.

    Here’s an alternative:

    First off you’ll need either a spare server or spare room in a HyperV server.  You’ll need a domain with workstations joined to that domain.   Next download a trial version of either Windows Server 2016 or 2019.  Download an ISO to that hyperV Server.  Then follow these instructions (*)to set up a RDServer on that trial version.  That trial version – and the Remote desktop cals – will work for 180 days.

    Now from a home pc – even a Mac computer – launch the remote desktop connection program.  In the computer name section put in the name of the computer you want to remote into.  Click on show options.  Click on the advanced tab.  Click on the connect from anywhere settings box.  Click on use these RDgateway settings and put in the url of the server name you’ve created from the instructions above.

    Now click on “Use my RDGateway credentials for the remote computer.  Click on the experience tab and change the performance setting to modem (this will thin down the remote connection so that you get the best experience).

    Back on the first tab

    Back on the first tab you put in the actual workstation/computer name you want to get to and for the user name you put in DOMAINNAME\user name.  The remote user can now get to his or her exact workstation and remotely print.

    Note to anyone using SBS 2011, SBS 2008, Essentials Server 2012, Essential Server 2016 those servers all have RDgateway set up by default and you can use the same process above to bypass the RWA portal and go directly to the workstations.  Note this also works for Mac workstations as long as you download the new RDP client

    PC name would be the PC you’ll want to remote into.  In the Gateway setting, you’ll click on that blue icon on the right and put in the rdgateway url just like you do for the Windows machines.

    Again, this will work to let workers remote straight into the exact desktop they use, so it’s best for office workers and those have have a single computer assigned to them.

    Note if you have excess server computing power on that HyperV you can also use this to set up RDweb apps.  Put the date on your calendar as this will only work for 180 days or be prepared to license it before then.  But bottom line – this temporary solution can give your smaller clients a secure way to remote back into their offices with the Work from Home orders.

    Also remember if you are like me where you are suddenly putting an ancient Windows 7 back into remote service, you can still buy ESUs from Amy.

    (*) Huge thanks to Richard Kokoski for allowing me to post his step by step instructions.

    Note that this only works with “normal” GUI server 2019 not Essentials 2019.  Microsoft removed the RDgateway bits from Essentials 2019 so do not attempt to do this with that version.

    If you need a good VPN solution check out using OPENVPN.