Newsletter Archives

  • Apple zero days fixed – November 30, 2023

    End of the month zero days for Apple
    Apple pushed updates for 2 new zero-days that may have been actively exploited.

    🐛 CVE-2023-42916 (WebKit),
    CVE-2023-42917 (WebKit):
    – iOS & iPadOS 17.1.2
    – macOS Sonoma 14.1.2
    – Safari 17.1.2

    Link at the Apple site

  • MS-DEFCON 3: A slightly bumpy November

    alert banner

    ISSUE 20.48.1 • 2023-11-28

    MS-DEFCON 3

    By Susan Bradley

    For most Windows 10 and 11 users, including me, there have been no side effects as a result of November’s updates.

    Nonetheless, there appear to be a few potholes in the road. That’s enough to make me cautious — I’m lowering the MS-DEFCON level to only 3.

    One thing I did notice was updates taking more time to complete than usual — not a good sign. At the very least, it’s a good reason to take a look at the update history in Settings.

    Anyone can read the full MS-DEFCON Alert (20.48.1, 2023-11-28).

  • Why do computers want my location?

    PRIVACY

    Susan Bradley

    By Susan Bradley

    On a regular basis, my phone and computers ask whether they can use my location.

    iPhone apps, in particular, often generate multiple requests. To be fair, these annoying prompts are meant to alert you to the fact that the apps want your location for one reason or another.

    But why do these apps need location information? Are they spying on you?

    Read the full story in our Plus Newsletter (20.48.0, 2023-11-27).

  • Keeping gadgets talking and secure

    PRIVACY

    Susan Bradley

    By Susan Bradley

    I admit to being a lover of gadgets, from streaming audio devices to IoT sprinkler systems to dog-minding cameras.

    I use all sorts of gadgets in my house. But when I do, I understand two things. First, I must choose the device carefully, read the entire end-user license agreement, and determine whether I will accept the risks.

    Read the full story in our Plus Newsletter (20.48.0, 2023-11-27).

  • Spying or helpful? You decide.

    PRIVACY

    Susan Bradley

    By Susan Bradley

    Years ago, my girlfriend had her first baby.

    Suddenly, I found myself sitting in front of my computer, searching only for baby bottles, baby clothes — everything baby-related.

    Milliseconds later (at least it seemed that fast), I was receiving mail for everything baby-related. Clearly, my online activity was being tracked, but I was missing the prominent online notices explaining how I could opt out.

    Then something really weird happened. That baby got a bit older. When he became a toddler, the marketing machine made sure I heard about the perfect baby pull-up pants. He hit kindergarten and I learned about all the books he needed to read.

    Read the full story in our Plus Newsletter (20.48.0, 2023-11-27).

  • Hardening for privacy

    PRIVACY

    Susan Bradley

    By Susan Bradley

    Privacy means different things to different people.

    At the office, we want to keep our information private from certain individuals and certain departments, but not from ultimate business needs.

    In fact, we will often “spy” on our own employees. Want to know exactly what your users in the office do? Consider an analytics app such as ActivTrak to monitor the productivity of employees.

    Read the full story in our Plus Newsletter (20.48.0, 2023-11-27).

  • Thank you to all the readers and supporters

    As this is the American day of Thanksgiving, I’d like to give thanks to all the readers and supporters!  We wouldn’t be here without you!

    I’d also like to thank you for being a bit more aware, a bit more savvy, a bit less prone to scams and fraud. Take this holiday season when you interact with others to educate others about the latest frauds and scams. The Holiday season is always a time when you can get sucked into online shopping scams.

    This year I’m not doing any major technology migration projects this weekend, but I am going to be hanging up the Christmas lights and decorations. In addition to making sure Alexa still turns on the Christmas lights in unison, I had to debug why my garland wasn’t lighting up properly in anticipation of hanging it up. Amazing how many burnt-out light bulbs can hide in the garland!

    Here’s hoping all of your Burnt-out lightbulbs are easily found this holiday season.

    And again, thank you for being here!

  • A serving of zero days

    PATCH WATCH

    Susan Bradley

    By Susan Bradley

    In a lighter-than-usual November release, Microsoft is patching 63 vulnerabilities, including three already under targeted and limited attacks and three deemed critical.

    Even though you and I will see the same number of patch installs, the number of underlying vulnerabilities for the month is down compared to past years. But that doesn’t mean you should change how you install updates — wait to see what side effects may occur, my usual recommended practice.

    Read the full story in our Plus Newsletter (20.47.0, 2023-11-20).

  • Need to uninstall an update?

    It’s really easy to uninstall an update and then pause updates while we investigate what’s going on with the patches. Remember I have NOT approved installing updates at this time and if you have installed them and are seeing interactions with third party menu or file explorer programs you can uninstall the updates.

    I’ve uploaded a video here of the process for both Windows 10 as well as Windows 11. Once you’ve uninstalled the update, don’t forget to pause updates so that it won’t attempt to reinstall again tomorrow.

    If you HAVE installed the updates and are not seeing issues, keep them installed. If you haven’t yet installed the updates, remember I have not changed my recommendations at this point in time, I’m still in pause mode and I’m personally testing and monitoring for issues.

    Got questions?  Ask in the forums!

  • Copilot coming to Windows 10

    Just confirmed on the Windows update twitter feed, Copilot will be coming to Windows 10

    But don’t panic, we will have registry keys and information to block it if you don’t want it.

    I kinda figured this was coming, they have to justify the price tag somehow.

    Just like with 11, it won’t be pushed to “managed” devices.  For unmanaged (those controlled only by Windows update as in Home computers), we will have registry keys and blocking info on the Master Patch List page and articles coming in future newsletters.  Don’t worry, we got your back and will keep you in control of your operating system.

  • Master Patch List as of November 14, 2023


    I’ve updated the Master Patch list for the November updates.  I’ll be updating the page for any known issues or issues that we are tracking. I will keep the latest info there.  Some people are reporting that updates are taking a bit longer to install.

    I’ve also seen some reports of interactions with the start menu for some users. It’s unclear to me right now if these are folks with third party start menu customization. But remember you can ALWAYS uninstall and defer an update while we wait to see if others are reporting issues.

    Click on start, Open Settings. Click on Update & security. Click on Windows Update. Click the Update history link. On Update history, you can view which updates were installed. Click on the update number to uninstall the update.

    If you have an HP computer with ” HPAudioAnalytics Service ” this may delay the installation of updates and appear to get stuck at 30%. If you are impacted, temporarily stop the service.

    For business patchers it’s mandatory that you update your VMware tools – ensure you update your VMware servers to https://www.vmware.com/security/advisories/VMSA-2023-0024.html

    Windows 11 22H2 and 22H3 unmanaged PCs may start to see Copilot.  To disable this use Download reg file to disable Windows Copilot  I’ve seen it dribbled on some, but not all machines.

    As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much you will pay for  a membership . Plus membership gives you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.  More details in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers and brain power and 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

  • Ready for Thanksgiving updates?

    Here we go again with the monthly updates for Windows.

    Just a reminder that end of life for Server 2012 and 2012r2 is hitting. You can opt for 0Patch, or plan on upgrading and migration.  See resources at this page.

    It’s the American holiday of Thanksgiving, which means I always decide if I’m going to do updates early DURING the holiday window if I don’t need my computer or AFTER the holiday if I do need my computer for online shopping.

    Highlights for Windows 11, version 23H2 & 22H2:
    – Adds a preview of centralized AI assistance, called Copilot in Windows
    – Gives a richer preview when you hover over files under Recommended on the Start menu
    – Adds an enhanced volume mixer to Quick Settings

    I will be deciding later what to do, but in the meantime, Microsoft is already releasing some “known issues” that they indicate will be fixed in this week’s releases:

    I’ll be adding more links and also updating the Master Patch listing by tonight.

    =====================

    The October 2023 security update might fail to install
    Status
    Resolved

    Affected platforms
    Client VersionsMessage IDOriginating KBResolved KB
    Windows 10, version 21H2 WI681181 KB5031356 –

    Microsoft has received reports of an issue where Windows updates released October 10, 2023 (the Originating KBs listed above) fail to install. Devices might initially display progress, but then fail to complete installation.

    Based on our reports, some of the most common errors being encountered is Error 8007000D (ERROR_INVALID_DATA). This error can be found from the Windows Update view under System settings, by selecting Update History.

    For additional guidance on quality update install errors, see Troubleshoot problems updating Windows.

    Resolution: This issue was resolved in updates released November 14, 2023 (the Resolved KBs listed above) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. If you install an update released November 14, 2023 or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue.

    If necessary, the following manual steps can be used to speed up the recovery:
    Run command Prompt as Administrator. To do this, you can open the Start menu and type ‘cmd’. From the right-side panel of the search results, select the option ‘Run as administrator’In the window that opens, type the following to execute a restore command: Dism /online /cleanup-image /RestoreHealthWait for it to complete successfully, then close the windows. You can now search for updates again from the Windows Updates from the Settings view.

    The Windows Updates settings view can always be found by opening the Start menu and typing ‘Windows Updates’. Then select ‘Check for updates’ from the search results.

    If you are using an update released before November 14, 2023 (the Resolved KBs listed above), and have this issue, you can resolve it by installing and configuring the special Group Policy listed below. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>. For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.

    ==================================

    Windows Server 2022 VMs running on VMware ESXi hosts might fail to start
    Status
    Resolved

    Affected platforms
    Server VersionsMessage IDOriginating KBResolved KB
    Windows Server 2022 WI688460 KB5031364 KB5032198

    After installing the Originating KBs listed above on virtual machines (VMs) running on VMware ESXi hosts, Windows 2022 might fail to start up. Affected VMs will receive an error with a blue screen and Stop code : PNP DETECTED FATAL ERROR. This issue only affects guest VMs with the following configuration on VMware ESXi hosts only:
    AMD Epyc physical processor”Expose IOMMU to guest OS” enabled in VMware settings for the VM.“Enable Virtualization Based Security” enabled in Windows Server 2022.”System Guard Secure Launch” enabled in Windows Server 2022.

    Workaround: To mitigate this issue, you can disable “Expose IOMMU to guest OS”. Important: This workaround should only be used in environments which do not require “Expose IOMMU to guest OS” to be enabled.

    Resolution: This issue was resolved in the Resolved KBs listed above.