News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • NetDef

    Forum Replies Created

    Viewing 15 posts - 1 through 15 (of 631 total)
    • Author
      Posts
    • NetDef
      AskWoody_MVP

      Looks like Amy posted a similar update on her blog!  Except she explains it far better than I.

      What Microsoft’s new auditing initiative means for partners

       

      ~ Group "Weekend" ~

      2 users thanked author for this post.
      NetDef
      AskWoody_MVP

      Well, we rolled the dice and followed your recommendation to shut down the VM’s, and set them to NOT restart automatically, installed the update, rebooted twice with about a 20 minute pause between the reboots to let the TrustedInstaller stop it’s background stuff.

      Reset the VM’s back to autostart, and started them . . .  and everything is good.

      Note that because we run our DC’s in VM’s, we made sure we had a local admin account with console login privileges for the host server. (In theory it should have been okay – but juuust in case.)

      Thanks for the heads up!

      ~ Group "Weekend" ~

      in reply to: Four GB of RAM vanishes … but then reappears #2335985
      NetDef
      AskWoody_MVP

      I concur, this is the safest and most effective method.

      ~ Group "Weekend" ~

      NetDef
      AskWoody_MVP

      We’ve wandered a little off topic, but I have to say I agree with this.

      The biggest frustrating failure of Windows 10 is the Feedback Hub in my opinion. Microsoft staff are under the misapprehension that it works quite effectively, but it’s clear most of them never use it.

      ~ Group "Weekend" ~

      1 user thanked author for this post.
      b
      NetDef
      AskWoody_MVP

      I have been informed that the v-vendors were “in some cases” overreaching . . . and that this is being corrected.

      However:  in other cases their intent is to reach out directly to SMB’s whom they may suspect are not provisioning enough Microsoft 365 seats for the number of actual staff using the software.  In essence this may be a new audit process with a lighter touch than the Open License audits that would trigger all sorts of excitement.

      To wit: if they sense that a single M365 account is being used to install and activate Office software on multiple computers (I believe up to five for the same user is still okay) but being used on a regular basis by more than one person, that business may (eventually) get these bypass solicitations.

      If you are a SMB consultant, and whether or not you are a MS Partner, it might pay to make sure you have helped your clients provision the correct number of licenses.

      I am in NO way saying this might be the case for anyone on this forum.

      ~ Group "Weekend" ~

      NetDef
      AskWoody_MVP

      Susan, does your VM host machine (that took KB4535680) have Bitlocker enabled and used for any of the partitions where the VM images are stored?

      Did that machine use UEFI Secure Boot or legacy boot mode?

       

      ~ Group "Weekend" ~

      1 user thanked author for this post.
      NetDef
      AskWoody_MVP

      Two of my clients (so far) have received these emails.  Both are from a v-(alias) @ microsoft.com.  That v- designation means they are vendors for MSFT, not direct employees.

      I will also note that their use of language makes these look like phishing – although it turns out the emails are “legit.”

      My hope is that a new vendor with an incorrect mission assignment has begun marketing for Microsoft. I’ve reached out to some contacts to find out.

      If that turns out not to be the case, then it does indeed appear that MS might be trying to woo my clients away from me.  I doubt very much they would be able to provide the depth and scope of the many services I and my company provide to our customers.

      ~ Group "Weekend" ~

      2 users thanked author for this post.
      in reply to: Are you a MSP or use a MSP? #2319331
      NetDef
      AskWoody_MVP

      From SolarWinds tonight:

      An additional hotfix release, 2020.2.1 HF 2 is anticipated to be made available Tuesday, December 15, 2020. We recommend that all customers update to release 2020.2.1 HF 2 once it is available, as the 2020.2.1 HF 2 release both replaces the compromised component and provides several additional security enhancements.

       

      https://www.solarwinds.com/securityadvisory

      ~ Group "Weekend" ~

      in reply to: So which one am I? #2318981
      NetDef
      AskWoody_MVP

      Valisystem’s linked blog post is an excellent guide, explainer and step by step instruction set on pretty much everything related to identifying which MS accounts you might have contain licenses, what to do about them, and how to safely change the email address for the personal account.

      Highly recommended!  Like so many things, DO read the entire set of instructions before you attempt to make the change.  You do not want to make a mistake here.

      1: https://www.bruceb.com/2020/10/understanding-microsoft-business-and-personal-accounts/

      2: https://www.bruceb.com/2020/10/how-to-change-the-login-for-your-microsoft-personal-account/

      ~ Group "Weekend" ~

      2 users thanked author for this post.
      in reply to: Easiest way to make it easy for attackers #2312892
      NetDef
      AskWoody_MVP

      Via https://xkcd.com/936/

      password_strength

      ~ Group "Weekend" ~

      1 user thanked author for this post.
      in reply to: Repeated Modem & Router Failures #2312549
      NetDef
      AskWoody_MVP

      When the network stack dies like this, it’s almost always a return ground loop through the ethernet cables.

      Some other piece of equipment is improperly or weakly grounded, using the network cable as an easier ground return back into the router.  I’ve seen this so many times.

      The part that will fool you is the self diagnostic light on your surge protectors is likely showing that you’re fine . . .

      Another cause is a split ground in the building wiring . . .

      ~ Group "Weekend" ~

      2 users thanked author for this post.
      in reply to: Why does Windows still generate registry junk? #2312174
      NetDef
      AskWoody_MVP

      netdefsscore11152020

      I am . . . disappointed.  That — or they are wrong on the correct answer for one question.

      Leaning towards the latter.

      ~ Group "Weekend" ~

      in reply to: A changing of the guard at AskWoody.com #2310418
      NetDef
      AskWoody_MVP

      So . . .  you’re coming to visit in Colorado post pandemic where the drinks are on me?

       

      (Seriously!)

      ~ Group "Weekend" ~

      3 users thanked author for this post.
      in reply to: The September 2020 Microsoft patches #2294986
      NetDef
      AskWoody_MVP

      Two articles about a month apart are — to me — revealing a serious (and so far un-announced) vuln in WSUS that’s being mitigated quietly.

       

      From August we got this post:

      ( Microsoft recommends using HTTPS with Windows Server Update Services (WSUS).)

      https://techcommunity.microsoft.com/t5/windows-it-pro-blog/security-best-practices-for-windows-server-update-services-wsus/ba-p/1587536

      It’s interesting because HTTPS internally has long been considered a best practice, but not enforced in any way should the sysadmins choose to use HTTP between the server and client machines.

      Now today we see:

      https://techcommunity.microsoft.com/t5/windows-it-pro-blog/changes-to-improve-security-for-windows-devices-scanning-wsus/ba-p/1645547

      Referring to this line:  “To ensure that your devices remain inherently secure, we are no longer allowing HTTP-based intranet servers to leverage user proxy by default to detect updates”

      My suspicion is high here.  This only makes sense on an internal environment where a bad actor could spoof updates via a software proxy.  And malware proxies are nothing new, but this indicates that perhaps the cert check on updates packages is not as secure as we’ve assumed.

       

      ~ Group "Weekend" ~

      1 user thanked author for this post.
      in reply to: Does an Ethernet connection need to be Surge Protected? #2292577
      NetDef
      AskWoody_MVP

      If the equipment connected via the Ethernet cables are all grounded to a single common ground (which – if your building is up to code they should already be this way) then no. *

      • But this could change in future revisions of the NFPA code and standards.

      If there is an Ethernet cable that runs outdoors, then that cable should be using a grounded port system back to the buildings common ground – and all devices connected via that cable must also be grounded to that same ground. Example:  we install outdoor Wi-Fi AP’s and they MUST be grounded.

      If you have two buildings with Ethernet running between them, with two separate grounding systems – then yes.  Or better yet use a fiber link to prevent cross talk between the electrical systems on that shared connection.

      Of higher concern than traditional surge protection for low voltage wiring is static discharge arrest and mitigation.

      Plain english version: no static sparks please!

      ~ Group "Weekend" ~

    Viewing 15 posts - 1 through 15 (of 631 total)