Zero days in browser

Whether or not you’ve installed the October updates, make sure your Chrome – and even Edge – browser is up to date.

Two in-the-wild 0-days patched by Chrome: CVE-2021-38000 and CVE-2021-38003.

Regardless of how you patch the underlying operating system, you want to make sure your browser is fully patched.

Another operating system zero day was announced but I’m not as concerned about it. Given that “the exploit requires a threat actor to know another user’s user name and password to trigger the vulnerability, so it will likely not be widely abused in attacks“… this is one of those they need to get into your system or harvest information first. Thus it’s more of a business/enterprise risk for when the attacker is already in the network and has harvested credentials in the network per my read.

Edit on 10-29-2021 – Edge’s Chromium update is now out.

MS-DEFCON 3: Ready or not, it’s time to update

ISSUE 18.41.1 • 2021-10-26 By Susan Bradley It’s not exactly an all-clear. Normally, this is the time in the update cycle when I give an all-clear. It’s when most, if not all, of the side effects of patches have been identified. This month, unfortunately, there are still issues. However, that doesn’t mean I don’t want you to install updates. Even though there are documented problems with network printing after the October updates, they are not widespread. Many system administrators report that printing problems most often occur when the operating system of the server hosting the print server is older — and possibly unpatched — while the workstations are newer platforms that are patched. Therefore, after installing the updates in your peer-to-peer network, Make testing printing your first step. If you can print, leave the updates installed and pat yourself on the back — you survived October. If you are impacted by the October updates and do have printing issues, consider your situation carefully before you uninstall and block updates. There are several vulnerabilities included in the October updates, one of which, CVE-2021-40449, has been used in targeted malware attacks to elevate privileges on a system. My ongoing philosophy is that when the risk of being unpatched is higher than the risk of applying a patch, it’s time to install updates. I also don’t want to go a month without installing an update unless the reasons for doing so are very clear. I’ve installed the October updates at my home and office, including a collection of Ricoh network printers as well as stand-alone Brother, HP, Lexmark, and Canon printers (black-and-white as well as color printers). I’ve had no issues printing after installing the October updates, whether at home or office. I have mixtures of server operating systems including Server 2019, Server 2016, and Server 2012 R2 as well as Windows 10, plus a Windows 7 system under extended security patches. In short, just because you read in the headlines that we’re seeing printing issues doesn’t mean that you will have issues. Consumer and home users For those of you in a home setting, install updates now and immediately test for printing issues. My best guess is that you’ll be fine, with no problems. As mentioned above, everything is good at my house. Business users I’m sorry to say that business users must not be so sanguine — you are more likely to experience problems. If you do, there are several options. The first (which I’d rather you not do) is to uninstall the updates and block them (pause updates) until next month. The second is to install one of the preview updates that Microsoft will be releasing soon, especially if you are having issues deploying printers using Internet Printing Protocol. Microsoft has already released KB5006744 for Windows 10 1809, which includes a fix for: Addresses a known issue that might prevent the successful installation of printers using the Internet Printing Protocol (IPP). This month, there’s no clear resolution. You may have no issues at all with the October updates. You may have issues printing. If you are required to patch, and you end up having issues printing, I’d urge you to install the preview updates that I’ll be listing in the Master Patch List. If that doesn’t work, ensure that you understand the risks involved in not being patched this month. *Edit 10/26/2021 – Microsoft released KB5006738 for 21H1, 20H2 and 2004. It includes printing fixes that may help the issue. If you are impacted, install it and see if it helps. Bottom line: install the updates, see whether you can print. If you can, pat yourself on the back. If you can’t, prepare yourself for a bit of testing and hassle. References AskWoody Master Patch List Read the full story in the AskWoody Plus Alert 18.41.1 (2021-10-26).

Big Sur and Monterey are out for Apple

The unofficial Apple security twitter account posted that there are updates for Big Sur 11.6.1 (if you want to stay on Big Sur) or macOS Monterey 12.0.1.

When you go to software updates, you may see “Upgrade now” and Monterey offered up to you. Alternatively is you want to stick with Big Sur, click on the More Info in the middle there

And you can opt to install that.

Should you install Monterey at this time?  Eh, it’s like Windows 10 and their feature releases. Unless you have a backup and an alternative computer, day one is not a good time to install new operating systems. So I recommend you stay on Big Sur at this time. I’ll let you know when it feels right to be upgrading to Monterey.

P.S. While this is a valuable account to follow if you are into twitter – I don’t believe the https://twitter.com/ApplSec twitter account is “officially” Apple. It’s still a valuable account to follow as it’s extremely up to date on it’s information, but just be aware it’s not an official communication from Apple.

What’s a NAS, and do I need one?

ISSUE 18.41 • 2021-10-25

HARDWARE

By Richard Hay

If I were writing this to a group of aviators in the United States Navy, they would immediately respond by saying a NAS is a Naval Air Station. However, this article is not about a location where planes and helicopters take off and land.

For this article, NAS stands for network-attached storage.

Read the full story in the AskWoody Plus Newsletter 18.41.0 (2021-10-25).
This story also appears in the AskWoody Free Newsletter 18.41.F (2021-10-25).

The case of the missing Win10 antivirus scan results

LANGALIST

By Fred Langa

Windows 10’s dialogs are sometimes laid out in funky ways and can lack headings and other visual cues to help you quickly locate what you’re looking for.

That, coupled with Windows’ inconsistent and variable naming and labeling conventions, can be an annoyance to most of us — but can actually enrage some users, as you’ll see in today’s first item!

Plus: An easy solution to a conflict between MS Office and LibreOffice. And: Finding a safe substitute for a laptop AC adapter.

Read the full story in the AskWoody Plus Newsletter 18.41.0 (2021-10-25).

Opal: Physical assembly – the case

HARDWARE DIY

By Will Fastie

Obviously, everything ends up going into the case.

Last week, I discussed the assembly steps necessary to prepare Opal’s new motherboard. That process included installing the processor, the cooler’s mount, the RAM, and the SSD. Now it’s time to talk about getting the motherboard into the case, along with all the other components that make up the system.

Read the full story in the AskWoody Plus Newsletter 18.41.0 (2021-10-25).

Printing is a nightmare, once again

PATCH WATCH

By Susan Bradley

The October updates are again triggering issues with some — but not all — printers.

This month, printing problems are rearing their heads with older platforms hosting the print server. After reviewing many postings describing this situation, I find the operating systems on the older platforms are no longer being updated and thus not getting the PrintNightmare fixes. Then, when client workstations that have been updated try to print, printing fails.

Read the full story in the AskWoody Plus Newsletter 18.41.0 (2021-10-25).

Tasks for the weekend – October 23, 2021 – what should an Apple user do?

Youtube here

If you are an Apple Mac or phone user, what are some of the basic computer steps you should do?

First off, just like with Microsoft platforms, you too need to be on your guard. Attackers are more and more going after the Apple platform. Recently Apple has patched several zero day attacks that were used in targeted attacks. Just like with Microsoft, you need to ensure your machine is on a platform that obtains updates and is not out of date. Next you need to make sure you are aware of Apple updates when they come out. I’d recommend that you sign up for the Apple security update notification service if you own either a Mac computer or an iPhone (especially if you manage iPhones in a business setting).

Next review apps on your systems and make sure that they are currently supported as well. If you are bored some day, take your iphone and remove all of those out of date apps that the vendors are no longer supporting.

Next review the literature out there on how to maintain your systems. If you are moving to Macs in business, make sure you pay attention to the guidance released for managing and maintaining Macs in business. NIST has included guidance as well.

Bottom line, don’t think that you don’t have to be careful on any platform (hint, next week I’ll give tips on Chromebooks)

(edit, sorry messed up the Apple mail notification link – Security-announce Info Page (apple.com)

Just in time for Thanksgiving

It’s kinda, sorta official now. Over on the Windows insider blog Brandon LeBlanc is announcing that Windows 10 21H2 will be out in November of 2021. Just in time for American Thanksgiving.

This also means it’s REALLY squirrel away time for the Windows 10 ISO based on 21H1. Remember the process here, I strongly recommend keeping a copy of 21H1 for a rainy day and the easiest way to do this is by downloading it now from the Microsoft ISO page. Click to download the “Download tool now” and then run the EXE and run through the prompts to download an ISO either on a flash drive or somewhere on your computer.

Viva Microsoft!

One day in what seems the distant past, Microsoft Cortana starting sending me email messages. I didn’t ask for them; they just started showing up. For the most part, I found them useless. I think there were some “mental health” messages. My wife thinks I’m crazy; I don’t need some server in Redmond telling me that.

One day in what I’m sure is the recent past, the new Microsoft Viva took over that responsibility. This time, however, the focus appears to be on actionable items. Cortana/Viva is watching me, picking out what it thinks are to do items, and reminding me about them. I’ve been a happy camper for years because while it was apparent that Google was reading my Gmail, Microsoft wasn’t. Now it clearly is.

But, okay, reminders. I handle a lot of email in my editorial duties; some assistance might be helpful. So, I’ve been experimenting.

More often than not, clicking one of the action buttons in the email results in the teeny, tiny error message shown at the top.

Can’t Microsoft code any longer?

The annoyances of printers

We are supposedly in a paperless business world. Yea… right.  Meanwhile every month we keep hitting printer issues (for some printers, not all) triggered by Microsoft updates. So we get told to buy a new printer to make our lives easier and then the printer manufacturers get downright … well how can we say this nicely…. overbearing, and nearly evil in their ways to hook us into their ink and cartridge programs.

Once upon a time I had an HP laserjet 4 printer that would run and run and run. The next version of that printer for home users, the HP Laserjet 4L would just run and run and run. (You can still buy one on ebay). I finally had to get rid of it when plastic parts would break off but I must have had that printer for 15 years or more?

So then the printer manufacturers realized two things – thing one selling printer cartridges was a good business to be in and thing two – if they made a printer that was indestructible we’d never buy another printer again.

In the small business industry there are certain models of printers that work nicer with working from home and remote printing. A plain laser jet printer of the Lexmark or Brother variety tends to not give you grief when remote printing unlike a USB connected all in one. I also try to not connect home printers via USB when I’m sharing them, rather I look to see if they have a network jack and connect them via a rj45 cable to my home router. Then I go into “add printer” and add a network printer and they find the printer on the network.

Bottom line it’s 2021. We’re not paperless. We still have issues printing. Each time you install an update (and a reminder, we’re not ready yet to give the all clear to install updates) you need to test that you can print as your first post reboot activity.

Printing is still such a mess.

So what printer do you use and what annoys you about your printer?

A single Registry line enables Windows 11 without TPM 2.0

ISSUE 18.40 • 2021-10-18

PUBLIC DEFENDER

By Brian Livingston

Microsoft has published a new support document revealing a one-line entry anyone can add to the Registry allowing Windows 11 to install on devices that do not have the so-called TPM 2.0 chip installed on the motherboard.

The Trusted Platform Module, as I explained in the September 6 AskWoody Newsletter, is a small hardware component that generates and stores cryptographic keys, among other things. Until the release of the recent support document, Microsoft had repeatedly stated that the 2.0 version of TPM would be a requirement before Windows 11 would install. In addition, Win11 has CPU and other hardware requirements above those of Win10, as set forth in Microsoft’s Win11 specifications.

Read the full story in the AskWoody Plus Newsletter 18.40.0 (2021-10-18).
This story also appears in the AskWoody Free Newsletter 18.40.F (2021-10-18).