News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • Patch Lady – Office 365 pushes off disabling Basic Auth

    Posted on April 3rd, 2020 at 21:32 Susan Bradley Comment on the AskWoody Lounge

    https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-april-2020-update/ba-p/1275508

    While I totally understand why Microsoft is pushing off the due date for disabling basic authentication in their Office 365 platform/Exchange online I would recommend anyone using any sort of email platform these days (or online banking or anything online these days) to add multi factor authentication to anything you use online.  The attackers go after the weak links, weak passwords, reused passwords and you need to be aware of the attacks out there.

    Clearly COVID-19 is having a big impact.

  • Patch Lady – updated the Woody’s Windows Health release dashboard

    Posted on April 1st, 2020 at 23:00 Susan Bradley Comment on the AskWoody Lounge

    I’ve updated the Woody’s Windows Health Release Dashboard to reflect a still not quite resolved issue.

    The one we’re still tracking is the issue with VPN and using proxy servers.  We had a couple of reports on the patchmanagement.org list that the workaround KB of KB4554364 didn’t work.  If you are still impacted reach out to me at sb@askwoody.com and I’ll make sure you get in touch with Microsoft support.

  • Patch Lady – should we be concerned about Zoom?

    Posted on April 1st, 2020 at 22:49 Susan Bradley Comment on the AskWoody Lounge

    I’ve seen several comments on various venues about the risk of Zoom meetings.  Some of them are valid, others are….. hang on … who in their RIGHT MINDS posts the URL to a non password protected zoom meeting on a social location?

    I was listening to a presentation today and the gentlemen presenting was talking about how in times like these one has to balance risk with making sure the business survived.

    Here’s another person I respect … Dave Kennedy on the topic of Zoom and security:  https://threadreaderapp.com/thread/1245536000819986432.html

    First off as Lawrence Abrams writes … make sure you put a password on the Zoom meeting.    Next Zoom is working on the issue whereby NTLM hash values can be exposed, and Lawrence gives the workaround in the blog, but I have a better workaround.  Be EXTREMELY careful of clicking on ANYTHING right now.  I am seeing a huge uptick of COVID related emails and scams.  I’m seeing these kinds of scams come into my inbox (well, the notifications that they are being cleaned out of my inbox anyway)

    Subject: MUST READ-TRUTH ABOUT COVID-19
    Sender: valeria.flores@ambiente.gob.ec

    Time received: 4/1/2020 11:41:20 PM
    Message ID:<1870826593.23469281.1585784413797.JavaMail.zimbra@ambiente.gob.ec>
    Detections found:
    Virologyfiles.doc RTF/CVE-2017-11882.C.gen!Camelot

    So… be careful and remember right now this is about balancing the needs of the business and the users.  Absolute security doesn’t exist.

  • Patch Lady – KB4535996 issues?

    Posted on March 30th, 2020 at 00:22 Susan Bradley Comment on the AskWoody Lounge

    Installing an update to Macrium Reflect tonight and in the release notes this caught my eye:

    In response to potential file system corruption issues that could arise from applying some recent Windows Updates, we have reviewed our data integrity checks and implemented new features:
    See https://answers.microsoft.com/en-us/windows/forum/all/kb4535996/134c504e-bb55-4e3c-a5da-28794a4b6079

    Note: The first Incremental after installing may take much longer than normal.

    Clearly there are issues noted in that thread but I honestly haven’t seen side effects.  Bottom line don’t forget to update your backup software as well as your operating system.  ….. and read those release notes.

     

     

  • Patch Lady – Office 365 ATP this shouldn’t be missed

    Posted on March 25th, 2020 at 11:07 Susan Bradley Comment on the AskWoody Lounge

    Dear Office 365 Advanced Threat Protection.  You aren’t being that advanced today.

    1. that’s not my email address
    2. Short message and email attachment screams malware

    When I run it through virustotal.com and reverse.it sure enough

    Come on Microsoft (and all the other vendors who are missing this) we don’t need stupid stuff like this missed.  Not now.  Only Fortinet flags it right now 9:09 pacific time)

    https://www.hybrid-analysis.com/sample/ce7f61824f9b99ce1e96615b790f8e53e29d9e920cf1acb97956dfabf7031482?environmentId=100

  • Patch Lady – remoting into a desktop without VPN

    Posted on March 21st, 2020 at 22:41 Susan Bradley Comment on the AskWoody Lounge

    If you are a small or medium business – or an IT consultant who helps small or medium businesses here’s a thought of a way to temporarily allow folks to remote into their desktops at the office without introducing more risk.  Many IT consultants are setting up Virtual Private Network connections from potentially insecure home pcs that are not secure to the firm network and may introduce more risk.  Especially if you have an unpatched Windows 7, this could introduce MORE risk to the network.

    Here’s an alternative:

    First off you’ll need either a spare server or spare room in a HyperV server.  You’ll need a domain with workstations joined to that domain.   Next download a trial version of either Windows Server 2016 or 2019.  Download an ISO to that hyperV Server.  Then follow these instructions (*)to set up a RDServer on that trial version.  That trial version – and the Remote desktop cals – will work for 180 days.

    Now from a home pc – even a Mac computer – launch the remote desktop connection program.  In the computer name section put in the name of the computer you want to remote into.  Click on show options.  Click on the advanced tab.  Click on the connect from anywhere settings box.  Click on use these RDgateway settings and put in the url of the server name you’ve created from the instructions above.

    Now click on “Use my RDGateway credentials for the remote computer.  Click on the experience tab and change the performance setting to modem (this will thin down the remote connection so that you get the best experience).

    Back on the first tab

    Back on the first tab you put in the actual workstation/computer name you want to get to and for the user name you put in DOMAINNAME\user name.  The remote user can now get to his or her exact workstation and remotely print.

    Note to anyone using SBS 2011, SBS 2008, Essentials Server 2012, Essential Server 2016 those servers all have RDgateway set up by default and you can use the same process above to bypass the RWA portal and go directly to the workstations.  Note this also works for Mac workstations as long as you download the new RDP client

    PC name would be the PC you’ll want to remote into.  In the Gateway setting, you’ll click on that blue icon on the right and put in the rdgateway url just like you do for the Windows machines.

    Again, this will work to let workers remote straight into the exact desktop they use, so it’s best for office workers and those have have a single computer assigned to them.

    Note if you have excess server computing power on that HyperV you can also use this to set up RDweb apps.  Put the date on your calendar as this will only work for 180 days or be prepared to license it before then.  But bottom line – this temporary solution can give your smaller clients a secure way to remote back into their offices with the Work from Home orders.

    Also remember if you are like me where you are suddenly putting an ancient Windows 7 back into remote service, you can still buy ESUs from Amy.

    (*) Huge thanks to Richard Kokoski for allowing me to post his step by step instructions.

    Note that this only works with “normal” GUI server 2019 not Essentials 2019.  Microsoft removed the RDgateway bits from Essentials 2019 so do not attempt to do this with that version.

    If you need a good VPN solution check out using OPENVPN.

  • Patch Lady – Covid-19 Impact on Microsoft Patching

    Posted on March 19th, 2020 at 12:25 Susan Bradley Comment on the AskWoody Lounge

    https://techcommunity.microsoft.com/t5/windows-it-pro-blog/revised-end-of-service-date-for-windows-10-version-1709-october/ba-p/1239043

    We have been evaluating the public health situation, and we understand the impact this is having on you, our valued customers. To ease one of the many burdens you are currently facing, and based on customer feedback, we have decided to delay the scheduled end of service date for the Enterprise, Education, and IoT Enterprise editions of Windows 10, version 1709. This means devices will receive monthly security updates only from May to October. The final security update for these editions of Windows 10, version 1709 will be released on October 13, 2020 instead of April 14, 2020.

  • Patch Lady – Chrome patching impacted by “work from home”

    Posted on March 18th, 2020 at 22:23 Susan Bradley Comment on the AskWoody Lounge

    https://www.zdnet.com/article/google-pauses-chrome-and-chrome-os-releases-due-to-coronavirus-outbreak/

    Interesting side effect of this disruption, Google is pausing Chrome feature updates due to the virus outbreak

    Due to adjusted work schedules at this time, we are pausing upcoming Chrome and Chrome OS releases. Our primary objectives are to ensure they continue to be stable, secure, and work reliably for anyone who depends on them. We’ll continue to prioritize any updates related to security, which will be included in Chrome 80. Please, follow this blog for updates.”

    Security updates will still come however.  Wonder if Microsoft will do likewise with the Windows 10 feature release?