Newsletter Archives

• MS-DEFCON 2: Defer Windows & Office updates to June 24

  Posted on June 4th, 2021 at 03:00 Susan Bradley Comment on the AskWoody Lounge

  ISSUE 18.20.1 • 2021-06-04 By Susan Bradley Consumer and home users Hopefully, you’ve taken the time to get the May updates installed. Before next Tuesday, be sure you are comfortable with your methodology for deferring updates. For Windows updates, I’m still a fan of the method I call “pick the date.” Go to Settings, then to Update and Security; click on Advanced options, and select Pause updates. Then use the Select date drop-down to choose the date when you’d like updates to resume. I’m suggesting June 24. Note that the News and Interests notification will be fully enabled in your task bar this month. For Office updates, open up any Office application, click on File, Office Account, Office Updates; choose Disable Updates. You can resume updates later in the month. While you have Office updates disabled, avoid opening macro-enabled files as a defense against potential ransomware threats. Business users Ransomware has been a big topic in the news this month. While doing your patch testing, continue to educate your end users about the dangers posed by simple tasks done carelessly — opening emails, transferring files, clicking on links, etc. Greater danger requires greater vigilance. References AskWoody Master Patch List Read the full story in the AskWoody Plus Alert 18.20.1 (2021-06-04).

  AskWoody Plus Alert, Patch Watch AskWoody Plus Alerts, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, Patch Watch

• MS-DEFCON 2: Pause on patching

  Posted on May 10th, 2021 at 12:00 Susan Bradley Comment on the AskWoody Lounge

  ISSUE 18.17.1 • 2021-05-10 By Susan Bradley It’s time for both business users and consumer or home users to pause Windows updates. Accordingly, I’m changing the AskWoody MS-DEFCON level to 2. Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it. Consumer and home users If you are a home/consumer user, I recommend two actions to ensure you do not get inadvertent updates. First, select Start, Settings, Network & Internet, and then Wi-Fi or Ethernet (whichever connection you are using). Next, click Manage known networks; click on the network that you use, click Properties, and turn on Set as metered connection. This “tricks” the computer into thinking that your Internet connection is not unlimited (i.e., you might incur charges) and thus will download patches only after you approve the process. The second action is picking a deferral date after May 11, when Microsoft will push out the next Patch Tuesday security releases. Click on Start, Settings, Update & Security; then click on Advanced Options. Pick a date far enough in the future to give you comfort. I always wait at least a week, usually more. I’ll be re-evaluating the update situation closer to the end of the month, but for now choosing May 28 should be safe enough. For those of you with an Office click-to-run (CTR) edition, I strongly recommend that you change to the semiannual channel rather than the monthly one because it will keep you from the Autocomplete bug. Business users Coming this month in the May Security releases, Microsoft will be including a new “News and Interests” taskbar item featuring items of interest to your users. Remember, if you want to proactively block it, there are registry keys and group policy to control it. References AskWoody Master Patch List Read the full story in the AskWoody Plus Alert 18.17.1 (2021-05-10).

  AskWoody Plus Alert, MS-DEFCON, Patch Watch AskWoody Plus Alerts, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, Windows Update

• April Patch Tuesday out – Exchange once again

  Posted on April 13th, 2021 at 12:56 Susan Bradley Comment on the AskWoody Lounge

  Patches are just coming out.
  

  Small business guidance up first:

  Exchange (Microsoft’s on premises mail server) has an update. This time I’m ignoring any guidance that might say “targeted attacks only” and saying – if you have on prem Exchange patch TODAY just to be safe. I totally understand that to ask any business large or small to have them take down the mail server on a business day is asking a lot, but I’m not taking chances this time with my small business peeps getting nailed.
  Patch them.
  Do it.
  Reboot that Exchange server ahead of time.
  Ensure you open a command prompt and run as admin to run the commands to update Exchange. Ensure you watch that services fully restarted after the box is rebooted.
  https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617

  https://www.zerodayinitiative.com/blog/2021/4/13/the-april-2021-security-update-review

  – CVE-2021-28480/28481 – Microsoft Exchange Server Remote Code Execution Vulnerability

  Both of these CVEs are listed at a 9.8 CVSS and have identical write-ups, so they both get listed here. Both code execution bugs are unauthenticated and require no user interaction. Since the attack vector is listed as “Network,” it is likely these bugs are wormable – at least between Exchange servers. The CVSS score for these two bugs is actually higher than the Exchange bugs exploited earlier this year. These bugs were credited to the National Security Agency. Considering the source, and considering these bugs also receive Microsoft’s highest Exploit Index rating, assume they will eventually be exploited. Update your systems as soon as possible.

  For consumers and home users, pop that popcorn and we’re going to be in patch testing mode watching for the dead bodies. As usual the full write up will be coming up in Monday’s Plus newsletter.  Biggies to watch out for – old Edge goes, and… for how many months past October end of life for Office 2010 we are STILL patching Office 2010.
  Windows Patches/Security April 2021 Black Tuesday, MS-DEFCON 2, Patch Lady Posts

• MS-DEFCON 2 – Deferring the April Updates

  Posted on April 11th, 2021 at 01:00 Susan Bradley Comment on the AskWoody Lounge

  ISSUE 18.12.1 • 2021-04-11

  

  By Susan Bradley

  Brace yourself for April updates

  It’s the time of the month to pause for updates. You will recall that the March updates were very disruptive and many of you decided to not install that round. The April releases are cumulative so you won’t have to go back and install the March updates. Instead, we’ll take a long pause to see what April brings.

  If you are a home/consumer user, I recommend two actions to ensure you do not get inadvertent updates. First, select Start, Settings, Network & Internet, and then Wi-Fi or Ethernet (whichever connection you are using). Next click Manage known networks, click on the network that you use, click Properties and turn on Set as metered connection. This “tricks” the computer into thinking that your Internet connection is not unlimited (i.e., you might incur charges) and thus will only download patches once you approve the process.

  The second action is picking a deferral date after April 13, when the next Patch Tuesday security releases will be pushed out by Microsoft. Click on Start, Settings, Update & Security, then click on Advanced Options. Pick a date far enough in the future to give you comfort. I always wait at least a week, usually more. I’ll be reevaluating the update situation closer to the end of the month, but for now choosing April 30 should be safe enough.

  Remember: For those of you running Windows 10 1909, support is coming to an end. After May 11, 2021, 1909 will not receive security updates. In accordance with prior advice, update to 20H2; 21H1 is just around the corner.

  Read the full story in the AskWoody Plus Alert 18.12.1 (2021-04-11).

  AskWoody Plus Alert, MS-DEFCON AskWoody Plus Alerts, MS-DEFCON 2, Patch Lady Posts

• MS-DEFCON 2 — It’s time to defer March updates

  Posted on March 8th, 2021 at 14:45 Susan Bradley Comment on the AskWoody Lounge

  ISSUE 18.9.1 • 2021-03-08

  

  

  By Susan Bradley

  It’s the start of the patching week.

  We are a day away from the official start of patching season. While Microsoft started the March patching madness early, with a critical patch needed for its mail servers, we have yet to see what’s in store for those of us that merely use their Windows as workstations.

  Read the full story in the AskWoody Plus Alert 18.9.1 (2021-03-08).
  Learn more about MS-DEFCON!

  AskWoody Plus Newsletter, Windows Patches/Security AskWoody Plus Newsletter, Exchange Server, MS-DEFCON 2

• MS-DEFCON 2: Time to make sure you are pausing Patches

  Posted on February 8th, 2021 at 19:47 Susan Bradley Comment on the AskWoody Lounge

  It’s that time again. Tomorrow is Patch Tuesday (*) and it’s time to pause updates.

  There’s no reason to rush out updates this week.  Make sure your computer is set to pause updates or have set a date for deferred installs. If you are unsure how to do a deferral I have a post and a video with instructions. Also make sure you have a backup. I’ll be posting up a video how to next weekend.

  I’ve been warned that there is a zero day to be patched in tomorrow’s updates, but that’s all the information I have at this time. As always, visit us here and we’ll keep you informed.

  (*) Yes I realize that for some of you it’s Patch Wednesday but the ‘slang’ for the day when patches come out normally ties it to the Redmond time zone.  Patches normally start getting published around 10 to 11 a.m pacific time.

  Windows 10, Windows Patches/Security February 2021 Black Tuesday, MS-DEFCON 2

• MS-DEFCON 2 – Get ready for January updates

  Posted on January 11th, 2021 at 10:33 Susan Bradley Comment on the AskWoody Lounge

  Remember it’s time to prepare for January updates by delaying /or pausing updates.  Also I’m ready to give the all clear to 2004 if you want to do it before tomorrow’s patch Tuesday (or later on in the month).

  More in Computerworld.

  Windows Patches/Security January 2021 Black Tuesday, MS-DEFCON 2

• MS-Defcon 2 – Here comes December

  Posted on December 8th, 2020 at 12:28 Susan Bradley Comment on the AskWoody Lounge

  Microsoft is out with their December releases.  The blog post today focuses on something that a LOT of us complained about last month:  The lack of information that was lost in the new format.  We’ll have to see if they provide ENOUGH info this month.

  Remember the Server only fixes Kerberos that were in those out of band Catalog update only patches are included in the December releases.

  My biggest surprise?

  WHY are we still getting Office 2010 updates when it is officially out of support as of October 2020?

  More in ComputerWorld.   Full patch lists coming this weekend in the newsletter.  In the meantime what are your experiences?  Stay tuned.

   

  Windows Patches/Security December 2020 Black Tuesday, MS-DEFCON 2, Patch Lady Posts

• MS-Defcon 2 – Get ready to pause for Dec

  Posted on December 1st, 2020 at 12:20 Susan Bradley Comment on the AskWoody Lounge

  It’s time to put the pause (or defer) for your updates.  It’s the first Tuesday of the month and non security Office updates are out – PK has them listed here.

  More in Computerworld!

  Windows Patches/Security December 2020 Black Tuesday, MS-DEFCON 2, Patch Lady Posts

• The early view of November updates – we’re still at DefCon 2

  Posted on November 12th, 2020 at 12:06 Susan Bradley Comment on the AskWoody Lounge

  I’ve posted up my early take on the November updates in Computerworld.

  More details and the Patch charts and listings will be coming up in the Askwoody newsletter out this weekend.  Stay tuned.

  Windows Patches/Security MS-DEFCON 2, November 2020 Black Tuesday, Patch Lady Posts

• MS-DEFCON 2: Windows and Office patches out Nov 10

  Posted on November 10th, 2020 at 12:09 Susan Bradley Comment on the AskWoody Lounge

  Just a reminder.  Today is the day.  Usually about  10 a.m. pacific time is when I turn in my chair to look to the north (Redmond is located to the north of me) and see what the Mothership is offering up.  I’m starting to see the updates show up in the Security portal.

  We already know there’s a zero day in Windows that was used in targeted attacks.

  Home/Consumer patchers:  Make sure you are on pause and we’ll wait to monitor for issues.  If you have a spare PC you can install updates and report back.

  Business patchers:  Start your testing.  Install on a sample of PCs and monitor for issues.  Make sure you can print and use your key line of business applications.  Remember that there’s a zero day for Windows included in this bundle.  Dustin Childs has his great write up here.

  Don’t forget about the OTHER patches we may need to be aware of.  For example Intel has just posted their security advisories.

  (As you can tell I’m still getting in the swing of things, I forgot to title up what Defcon we’re on so I’m restating it again.

  More later as we know it.

  We have updates for Office 2010:  Seriously:  https://support.microsoft.com/en-nz/help/4583503/november-2020-updates-for-microsoft-office

  Office Patches/Security, Windows Patches/Security MS-DEFCON 2, November 2020 Black Tuesday, November 2020 Office security updates, Patch Lady Posts

• It’s time to pause

  Posted on November 9th, 2020 at 11:16 Susan Bradley Comment on the AskWoody Lounge

  Patches that is.  You know the drill by now, it’s time to make sure your computer is set to pause patches and not get them installed tomorrow.  We do have a targeted Windows zero day that got “outted” by Google the other day which has already been patched in Chrome and (New) Edge, but not yet in Windows.  The windows part of the zero day will be patched tomorrow.

  I always recommend that you be on Pro and not Home and discuss this in the Computerworld article.

  We’re at Defcon2 – and as soon as I get logged into the right console to change the image at the top of AskWoody it will show that up there as well.  I’m embarrassingly checking my notes and apparently forgot to write down an important step.  I’m going to have to bother Woody during his retirement for help already!

  Aw gee thanks Woody! (he logged in and fixed it already)

  Windows Patches/Security MS-DEFCON 2, November 2020 Black Tuesday, Patch Lady Posts
• « Older Entries