Special note for Samsung users (or Pixel users too!)

If you have any of the following read on….

Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series;
Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series;
The Pixel 6 and Pixel 7 series of devices from Google;
any wearables that use the Exynos W920 chipset; and
any vehicles that use the Exynos Auto T5123 chipset.

What is this about?  Google project zero have released a blog post about a security vulnerability that impacts these devices.

What does this mean? Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.  So if the attacker CALLS you, they could compromise your phone.

Note: Until security updates are available, users who wish to protect themselves from the baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings. Turning off these settings will remove the exploitation risk of these vulnerabilities.

What should I do? 

How to turn off WiFi calling on a Samsung phone

1. Open the phone on your Samsung phone
2. Tap the three-dot menu in the top-right corner
3. Select Settings
4. Find the WiFi Calling option about halfway down and toggle it off

How to Disable VoLTE on any Samsung Galaxy Phone

1. Head over to the Settings page on your galaxy device.
2. Then go to the Connections section.
3. Scroll to the Mobile network section.
4. Within that, you should see the VoLTE Calls option. Just disable the toggle and that’s it. (note I think this should be default disabled and is probably not enabled by default)

No patch is available at this time.  As soon as I hear word of one, I’ll add it to the master patch listing.

Please note – each vendor of the phones can customize the deployment and thus you may not see these options in your phone.

Master Patch list as of March 15, 2023

I’ve updated the Master Patch list for the March releases.

Remember to always review the known issues we are tracking on the Master Patch List. I will keep the latest info there.  Right now the big trending issue is the issue where Windows 10 22H2 doesn’t seemingly reboot if you manually check for updates. If you use Start11, StartAllBack, and ExplorerPatcher  make sure you update to the latest on Windows 11.

I am recommending at this time that you install Apple updates, I’m not recommending Windows updates at this time. I’ll have more details in the newsletter on Monday.

• Windows 11 22H2: Not recommended
• Windows 11 21H2: If you have a Windows 11 PC, recommended
• Windows 10 22H2: Recommended
• Windows 10 21H2: Recommended (if a vendor won’t support 22H2)
• Apple Ventura – Recommended for newer hardware – as always check with the applications you rely on if they recommend this release.

As always, thank you all for supporting the cause! Remember a donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

March madness here we come

Ready or not – here comes the March updates. Remember by this time you need to have a backup and defer updates (unless you are one of the souls who like to be the beta testers for the rest of us.

Interesting items of note:  Outlook vulnerability used in TARGETED only attacks and impacting NTLM (translation – businesses with Exchange servers not consumers/home users. If you have click to run Office this will be auto updated.

There is also a ‘smartscreen’ vulnerability where Edge can be tricked into thinking something isn’t from the web and not scan it. This will be auto updated when Edge updates.  When we finally update Windows the smartscreen as a whole will be updated. But again, we don’t blindly download things do we?

Both are more business only – not consumer/home targeted so I’m not changing my “hold off and wait to patch” stance in any way.

Remember Windows 11 22H2 gets “moments” releases – I’ll be reporting if my registry key works on Windows 11 Home computers.

More links as they come live…..

Also business impact:

This update implements phase three of Distributed Component Object Model (DCOM) hardening. See KB5004442. After you install this update, you cannot turn off the changes using the registry key.

This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails. This occurs on devices that have installed Windows updates dated October 11, 2022 or later. The error message is, “Error 0xaac (2732): NERR_AccountReuseBlockedByPolicy: ‘An account with the same name exists in Active Directory. Re-using the account was blocked by security policy.’” For more information, see KB5020276.

Dustin Childs’ zero day blog

Tooling around with laptops and other useful gear

HARDWARE

By Ben Myers

Portable computers have evolved from the Compaq luggable suitcase to laptops now weighing three pounds or even less, needing special handling and tiny tools.

Today’s notebook, subnotebook, and tablet computers demand an array of small tools, sometimes unique to a brand and model. My small kit for the road can handle the screws found outside and inside many laptops, but I needed more and better help.

Read the full story in our Plus Newsletter (20.11.0, 2023-03-13).
This story also appears in our public Newsletter.

How to participate in the forums

FROM THE FORUMS

By Will Fastie

Plus member Chuck wrote to say he wasn’t sure how to make a post in our forums.

The comment proved a bit alarming. We have links all over the place to get to the forums. We even have a huge area in the right sidebar of the site, devoted to the forums. This includes simple and advanced search features as well as other helpful sections.

Read the full story in our Plus Newsletter (20.11.0, 2023-03-13).
This story also appears in our public Newsletter.

Biniware Run — All your eggs in one basket

FREEWARE SPOTLIGHT

By Deanna McElveen

We all have that set of things we do every time we sit down at our computers. Open this, open that, read that webpage, check that stock price, etc. Why not put it all in one place?

Dicu Alexandru is a Romanian developer whose software portfolio includes the wildly popular Windows Firewall Control, which was purchased — along with his website — in 2018 by Malwarebytes (lucky dog!). Having many more ideas in his head, Dicu has continued to develop free software for the world to enjoy. I would just be sipping cocktails on a beach somewhere if Malwarebytes had bought my business — but you go, Dicu!

Read the full story in our Plus Newsletter (20.11.0, 2023-03-13).

My encounter with Verizon

INTERNET

By Will Fastie

I had two support encounters of note in the past 60 days, but the one with Verizon is worth noting.

Second by second, it seems the systems we use are getting more complex.  That’s natural evolution and, for the most part, to be embraced.

But the complexity of our systems in conjunction with the Internet to which we all connect also continues to rise. Even those who consider themselves experts will need help.

Here are my two support stories.

Read the full story in our Plus Newsletter (20.11.0, 2023-03-13).

Ensuring you can recover

PATCH WATCH

By Susan Bradley

Anyone reading the title of this edition of Patch Watch may think I’m talking about a Windows update issue.

But no matter what your technology, I want to remind you that having a backup means that you will be able to recover.

A good friend of mine, totally ensconced in the Apple world, reported that her older Apple computer running Monterey was not a happy camper. She had been traveling and did not want to install updates. Once at home after her travels, she attempted to update. That’s when the “fun” started.

Read the full story in our Plus Newsletter (20.11.0, 2023-03-13).

Don’t forget about….

The other day I was reminded that sometimes it feels like we focus on the new shiny thing instead of the thing we’ve had for years.  Not to worry…. all of this Windows 11 coverage isn’t going to crowd out me making sure that you have all the information you need to use your Windows 10 machine. We still also have forums for Windows 8.1, Windows 7 and even older operating systems. If anyone starts to wax poetic about Windows NT, however, I draw the line. Dealing with drivers and dip switches on that platform was NOT fun.

Windows 10 is going to be supported until October 14, 2025 and if you are like me, you are going to squeeze every single last bit out of that operating system – or rather – until the hardware won’t run it or it it’s too risky to run it anymore. Like many other businesses and consumers of every size and budget, I have too many systems still running it and even with budgeting for upgrades, I still predict that once 2025 comes, they will allow extended security updates – but probably with a hook to Microsoft 365 subscriptions.

Therein is my first reminder of anyone using hardware that is starting to get a bit older. Make sure you take care of it. Start always with having a backup of that operating system. I will once again urge everyone to ensure you have a backup method that makes sense to you. If you want an EXACT image of your computer, make sure you have a third party backup software that makes an exact copy.

It annoys me that to this day Microsoft stresses backing up to their cloud (onedrive) as a preferred way to backup rather than making sure we backup the operating system. Sorry Microsoft, Apple is superior here with their built in backup solution versus your “Windows 7” era backup solution.

So it’s the weekend before Patch Tuesday. Set your deferrals to ensure that you won’t receive updates right away?

If you do have Windows 11 Home, look out for a registry key in Monday’s newsletter that I’m hoping will keep Home systems from receiving “moment” updates.

So? Got your backup running this weekend?

MS-DEFCON 2: March Madness begins

By Susan Bradley

Ready for Windows 11 dribbles?

In addition to waiting for side effects of security patches to manifest themselves, sometimes you need to wait to see the impact of changes from the prior month’s preview updates. This month more than ever, you should to delay or defer to see the impact of the March changes for Windows 11 22H2.

Accordingly, I am raising the MS-DEFCON level to 2.

Anyone can read the full MS-DEFCON Alert (20.10.1, 2023-03-09).

March 2023 Office non-Security updates

Microsoft released NO non-security updates for Office on March 7, 2023.

Reminder:  Extended Support ends for Office 2013 on Patch Tuesday next month, April 11, 2023.

On April 10, 2018, Office 2013 reached End of Mainstream Support. Extended Support ends for Office 2013 on April 11, 2023.
Office 2016 also reached  End of Mainstream Support on October 13, 2020. EOS for Office 2016 is October 14, 2025.

Updates are for the .msi version (perpetual). Office 365 and C2R are not included.

Security updates for all supported versions of Microsoft Office are released on the second Tuesday of the month (Patch Tuesday).

Tooling around with computers

HARDWARE

By Ben Myers

Whether you maintain your own computer, run your family IT department, or manage lots of computers, having the right tools makes the work so much easier.

No matter which task you need to do, tools are essential — whether a spoon to stir your morning coffee or a hammer to pound a nail. So it is with computers, which need to be taken apart, put back together, cleaned, and sometimes connected to other devices to get the job done.

Read the full story in our Plus Newsletter (20.10.0, 2023-03-06).
This story also appears in our public Newsletter.