News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • Patch Lady – watch out for banner ad scams

    Posted on December 4th, 2019 at 09:17 Susan Bradley Comment on the AskWoody Lounge

    Never ever stick a user name and password into such a page.

    (I was reading a story from news recap page and that suddenly popped over the entire page)

    Use task manager to close the browser.

     

  • Patch Lady – Office 365 in the cross hairs

    Posted on December 3rd, 2019 at 19:18 Susan Bradley Comment on the AskWoody Lounge

    Over the Thanksgiving weekend I was migrating the firm over to Office 365 and I’ve been also enabling such things as two factor authentication and conditional access based on location.

    Even with the Microsoft 365 business subscription that I have I found that I needed to bump up and purchase an Azure AD P1  license in order to review and audit the logins.

    Because I’m in the process of setting up multi-factor, already I have seen that there are log in attempts from (yes I had to google that one up) Armenia.  Here’s my absolute bare minimum recommendations for small businesses going to Office 365:

    Make sure you’ve enabled the Multi-factor authentication using the Microsoft authenticator app  (MFA is now free and part of the security defaults feature).  Note that you can set up the authenticator app on multiple devices – handy if you forget your phone at home.  You can also whitelist the static IP of the office so desktop users that don’t roam and only log into their applications locally won’t be hit by two factor.  You absolutely want to run everyone through https://aka.ms/MFASetup and set up multifactor authentication and lock down access such that multi factor is mandated.  You want to disable basic (or legacy) authentication.

    You’ll want an Azure P1 license for at least the admin account ($6 per month) so that you can review the log ins.

    And then if you are an Office 365 admin, check out these resources.

    Bottom line, know that yes, they really really really are out to get you.

    P.S.  users should be able to access https://mysignins.microsoft.com/ to review their personal logins.

  • Patch Lady – looking for info on extended patches for Windows 7?

    Posted on December 2nd, 2019 at 11:50 Susan Bradley Comment on the AskWoody Lounge

    Hang loose, it just went on the price list on 12/1.  I’m in the process now of having Amy Babinchak (fellow author on askwoody.com and cloud service provider) to go through the process to purchase so we can see how this process works.

    More to come…..

  • Patch Lady – cleaning up the installer folder

    Posted on November 28th, 2019 at 23:20 Susan Bradley Comment on the AskWoody Lounge

    First off I hope everyone in the United States had a wonderful and safe Thanksgiving.  I cooked and cleaned up the kitchen and now I’m working on cleaning up a too full c drive.  In using TreeSize to see what was causing the hogging, I realized I had 30 gigs in the Windows Installer folder.

    After reviewing several recommendations, the one that I’ve seen recommended in several places is PatchCleaner.

    Now if only Windows could do this itself….

    It’s not recommended to delete the folder, and even this gives me a bit of pause, but I do have a backup of my computer, which one should always have when doing such things.

    What other tools do you use to clean up your hard drives?

  • Patch Lady – how do you handle drivers?

    Posted on November 20th, 2019 at 23:52 Susan Bradley Comment on the AskWoody Lounge

    I spotted this post the other day.  And the big big takeaway of the article is that a key issue with feature updates is driver updates.

    As we’ve discussed extensively in blogs, keeping device firmware up to date is becoming increasingly important. Our Windows tablets support firmware updates through Windows Update, so they’re taken care of by the configuration above.

    Once upon a time we NEVER updated drivers after a machine was installed.  Now we have to be soooooo proactive in finding updates.  I strongly encourage you to actively seek out the vendor firmware updating tool and ensure that you have that installed.  Another tip I’d recommend is to consider removing any third party antivirus if you are in any way concerned about the feature release process.  I’ve personally found that updating it less disruptive with defender on the system.

  • Patch Lady – for small businesses remember your firewall is a computer too

    Posted on November 19th, 2019 at 15:35 Susan Bradley Comment on the AskWoody Lounge

    If you are like many small businesses, in addition to the router provided by your Internet provider, you also may have a hardware firewall that goes between you and the outside world.  It provides additional filtering and protection.  In this era of cloud computing it may be getting less important, but I still like to have a bit of web filtering between me and the bad guys that come through browsing in a firm setting.

    Last night at 5:05ish p.m. our Sophos firewall hardware completely died.  Good news is that is covered under warranty they are shipping out a unit overnight.

    The good news is that I quickly downloaded a ISO of a trial of Sophos firewall software, stuck it in hyperV, installed it and after a few missteps in setting up firewall rules, got the server/network back online.  It pays to have a server with spare networking ports that you aren’t using that you can set up a virtual appliance firewall.  I’m using a 30 days trial version to tide me over.  I’m thinking about sticking the home license in there and keeping it on the server as a just in case of emergency.  You don’t realize how dependent you are on the firewall until it goes boom. And then you realize your ENTIRE network goes through a SINGLE box.

    For those of you that are small business consultants, you may want to see if your firewall vendor has similar software appliance downloads to work as a temp firewall as long as you have two nics free.  Once you get it up it looks just like your real firewall.

    Here’s the bad news:  So in googling around last night, I realized that I have a rev 1 SG125 and guess what….. there’s a known issue in these suckers

    And it’s been known for at least two years.  So you may want to google on the firewall vendor forums every now and then to determine if other devices are like this unit:

    “Please do not go screaming at Sophos as this one is NOT THEIR FAULT.  Intel is hampering things trying to contain the damage by not allowing the vendors to say exactly which chips are hit..but a little self-research makes it very easy to figure out whoe SOC is screwed up and which devices are a time bomb.”

    Apparently I’m lucky that it hasn’t occurred before this.

    More on this issue:  https://www.theregister.co.uk/2017/02/06/cisco_intel_decline_to_link_product_warning_to_faulty_chip/

    And it impacts Cisco too:  https://www.reddit.com/r/networking/comments/5sbh7u/cisco_clock_issues_caused_by_faulty_intel_atom/

     

  • Patch Lady – Access bug will be fixed sooner versus later

    Posted on November 18th, 2019 at 15:06 Susan Bradley Comment on the AskWoody Lounge

    The Access bug page has been updated to reflect that they intend to fix the Access bug sooner versus later.  No longer does it say “next month”…. well at least for versions other than Access 2019… and Access 2016 has a release out already.

     

    This issue will be fixed for all versions:

    Version Build Release Date Update Link
    Access 2010 7241.5001 November 22, 2019 (estimated)
    Access 2013 5189.1002 November 22, 2019 (estimated)
    Access 2016 MSI 4927.1002 November 18, 2019 KB4484198
    Access 2019 Volume License 10352.20054 December 10, 2019
    Access for Office 365/Access 2016 C2R/Access 2019 (Version 1911) 12228.20152 November 22, 2019 (estimated)
    Access for Office 365 Semi-Annual (1901) November 25, 2019 (estimated)
  • Patch Lady – computers know when they are going to be replaced

    Posted on November 10th, 2019 at 19:51 Susan Bradley Comment on the AskWoody Lounge

    There are some fundamental truths in computing.

    1. Computers hear when you talk about replacing them and suddenly start doing weird things.
    2. When you are doing a migration process, do not install updates.

    …so Saturday night at 3 a.m. the server that housed our old (and still active) domain controller went offline.  The time of 3 a.m. is notable as it’s the historical and traditional time that updates are installed in my office.  This server is a virtual machine and was housed along with a few others on an older HyperV server that I’m getting ready to retire.  In a small environment I normally don’t join the HyperV (virtual server) to the domain, but had in this case in order to do a live migration from the old server to the new server.  I was going to leave this one domain controller behind once I migrated off of it on the old server since I was planning to retire it, along with the HyperV.  My guess is that because I had joined it to the domain it inadvertantly caught the update policies from the domain and installed updates that I hadn’t intended and it rebooted.  Note that I can’t prove this, but I just know what I did to the server and how it went offline at 3 a.m on Saturday morning, which is the exact time that updates are normally installed in my office.

    Now comes the fun part.  When I went to the office to see why it wasn’t online, it was at a boot  prompt waiting for a bitlocker key for the C drive.

    Now here’s the thing, when I built this server five years ago I wasn’t comfortable with bitlockering the boot drive so I didn’t do it.  I bitlockered (drive encryption) the Data drive on D, but NOT the C drive.  And I’m positive I didn’t because I blogged at the time (five years ago) that I wasn’t comfortable with encrypting the boot drive.  I had the print out of the bitlocker key for the D drive, but NOT the C drive as I never bitlockered the C drive.  I went back in fact and found my blog post where I talked about not bitlockering the C drive.

    And the bitlocker key wasn’t hooked to a Microsoft account like my Surface devices, nor was it in AzureAD as again, I never entered  it on the C drive.  So the two places that you can go to to see if your bitlocker key is there, I know it wouldn’t BE there.

    Needless to say I didn’t have a recovery key when I never gave it one.   Just for grins I tried the recovery key of the D drive (you can see that above) and it said it was incorrect.  Yeah, no kidding!  So while I then got out my backup of that server and started the process of restoring it to the new HyperV server, I decided to also reinstall the host OS knowing that once I got into the server I could then reset up the HyperV server that was safely on the D drive untouched.  It was an exercise to see which method would be faster and rebuilding the boot drive was faster than the restoration process.

    So what update might have triggered this?  I honestly don’t know.  I know that when I patched this hyperV server based on 2012 R2 I only installed recommended updates not optional ones.  I never installed a later .net.  Given that I had hooked it to the domain, my guess is, and I can see in my WSUS policies that it had picked up additional patch approvals while on the domain and accidentally installed them.  Shame on me I know better than this and while doing migrations I should have turned the windows update service to disabled.

    It’s a reminder to me that encryption is wonderful, until it’s not.  It’s a reminder to ensure you have an alternative way to get to the web because your normal method may be impacted.  It’s a reminder to remember you have backups and to have paper documentation of passwords and information in case you can’t get into the digital copies.  It’s a reminder to download a copy of Windows media and have flash drives and external usb hard drives as supplies ready at a moments notice.

    ….. and finally, it’s a reminder to not talk about new servers and migration plans while the old server is listening.  Clearly I hurt it’s feelings.