News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch lady – Make sure your 1099s are private

    Posted on February 11th, 2019 at 22:31 Susan Bradley Comment on the AskWoody Lounge

    A bit off topic to patching – and very much USA centric at this time.  I’ll urge you to review your tax notices (or 1099s) (**) that you should have received – or are receiving – at this time.  Make sure that if they are mailed to you that your bank or sender has blanked out the tax identification number so that only the last four digits are listed.  Make sure that the entire social security number is not listed – especially if you get your tax documents emailed to you insecurely or mailed to you.

    I live in a neighborhood where the mailboxes are out on the street in unlocked mailboxes.  I have recently installed an alert on my mailbox that sends me a text message and email alert every time the door to my mailbox is opened.  Twice since I have installed it, I’ve seen people early in the morning and late at night go down the street opening the doors of the mailboxes obviously looking for tax documents and or refund checks.

    (On a geek note they use Amazon web services notification to send an email and text with the circuit of the magnet is broken when the door to the mailbox is open.  It hooks to my wifi so that I can get the alerts.  Obviously now I need to install a camera that can grab the car license number as someone opens the door to the mailbox as stealing mail is a crime.) 

    Also make sure anything emailed to you doesn’t include your full social security number.  If anyone sends you a document and doesn’t demand that you go through a slightly annoying process of logging into something, or providing a password, or touching your toes, or something else annoying and instead just emails you a pdf of sensitive information that you can read immediately after opening the pdf, so can the attackers.  Complain to any vendor, bank, financial institution and accounting firm and hold them accountable to doing a better job to keeping your identity secure.

    And if you think adding a four digit pin to a pdf helps to make it secure, there are a number of tools that will remove passwords from pdfs in a short amount of time.

    My sister has had tax identity theft and she has to provide a PIN number when she files her tax return.  Unfortunately those of us who have not had our identity stolen through the IRS system can’t get this same multi factor authentication process because the tax computers are a bit too archaic and there isn’t enough funds set aside to afford multi factor authentication for all of us taxpayers (I’m not kidding).

    So my recommendation is to file as early as you can as the person who files earliest (either the identity thieves or you) gets first into the system.

    Remember that the IRS never ever calls you.  Ever.  Nor do they email you.  They also don’t call demanding payment or a credit card number and say that they will be there soon to arrest you.    The IRS audit process is a slow slow process and you will get many things mailed to you over time.  And especially they do not call with a thick foreign accent pretending to be from an area code that could be an IRS center (VOIP can be made to look like it’s from a USA number even when they are calling from overseas).

    So take a look at those tax documents you are getting and see how private they are.  Complain when they aren’t.

     

    (**)  1099’s is the number of the form that the USA government requires that businesses send to recipients of bank interest, dividends, non employee compensation.  You may also receive your salary on a form W-2 that has your tax identification number.  For anyone overseas, think about any document that gets sent to you that has sensitive information on it.  Do you want it emailed to you just as an email attachment?  If no, take the time to reach out to the sender and ask them that they do something better to protect your information.

  • Patch Lady – keeping track of Access issues

    Posted on February 6th, 2019 at 22:56 Susan Bradley Comment on the AskWoody Lounge

    A recent question of the forum reminded me that there was a recent post I saw about issues migrating to 1803 and it’s impact to Access databases.  As I posted in the forum post the situation was as follows….

    “Client has a database app written In MS Access. It imports data from an Excel spreadsheet using a macro. Reportedly, when the client O/S is 1803 the import corrupts his data and it needs to be repaired. Not so when the client O/S is 1709.”

    To fix this, the person did:

    Add the following Registry Values:

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]

    “FileInfoCacheLifetime”=dword:00000000
    “FileNotFoundCacheLifetime”=dword:00000000
    “DirectoryCacheLifetime”=dword:0000

    Sources for these reg edits below:

    1803 UPDATE SERIOUS ISSUE

    https://social.technet.microsoft.com/Forums/en-US/3cd934cc-cbc3-4bdc-8c29-8e486528ce9f/1803-update-serious-issue?forum=officesetupdeploylegacy

    Microsoft Access Database Corruption

    https://answers.microsoft.com/en-us/msoffice/forum/msoffice_access-mso_win10-mso_2016/microsoft-access-database-corruption/e933f760-f7f2-4b3e-9bc3-0061d5073219

    Access – Bug – Database is in an Unrecognized Format

    https://www.devhut.net/2018/06/13/access-bug-database-is-in-an-unrecognized-format/

    Access reports that databases are in an ‘inconsistent state’

    https://support.office.com/en-us/article/access-reports-that-databases-are-in-an-inconsistent-state-%ef%bb%bf-7ec975da-f7a9-4414-a306-d3a7c422dc1d?ui=en-US&rs=en-US&ad=US

    Not this is not the same as the Access 97 bug that impacts all Windows platforms with data tables longer than 32 characters.

  • Patch Lady – Microsoft safe links is having issues

    Posted on January 29th, 2019 at 10:59 Susan Bradley Comment on the AskWoody Lounge

    Office 365 and Microsoft 365 has a service called “safe links” where it prescans the urls that users receive in emails.

    Per the Microsoft 365 twitter account it’s having issues.  If you attempt to click on the links you’ll get a service unavailable.

    If you need to convert these links, you might want to try using http://www.o365atp.com/

    The fix is rolling out now.  Safe links is something I honestly recommend that you set up if you use Office 365.  You’ve probably seen it in action in Outlook.com.  You’ll get an email and the first part of it has https://na01.safelinks.protection.outlook.com/?url= and then it’s followed by the url of the site along with your email address for the ability to track it through your Advanced Threat Protection portal.  Bottom line, it’s not you, it’s them.  And I strongly recommend signing up and following that twitter account and setting it up to alert you directly.  There is no way (that I’ve found) to get an alert directly from Microsoft about issues in their service.  While it’s documented in the portal, you have to go there, and even when I have the 365 admin app on my phone I don’t get proactive alerts that something is amiss.  So for now, twitter is my way to know when it’s them, not me.

     

  • Patch Lady – 11 days and counting

    Posted on January 28th, 2019 at 20:59 Susan Bradley Comment on the AskWoody Lounge

    You remember this?  Well today I had access to a Windows 10 Home laptop and it was still running 1803.  I honestly don’t think that Microsoft is pushing 1809 hard at all.

    Has anyone – who hasn’t been a “seeker” – or in the early rollout where 1809 fell on it’s face – seen 1809 offered up to your computer?

    Post in the comments if you’ve seen it!

  • Patch Lady – bring it on

    Posted on January 23rd, 2019 at 22:02 Susan Bradley Comment on the AskWoody Lounge

    I would add one more ask – make it clearer when we will see issues and when we won’t.  I see many people holding off updating because the  known issues section looks insanely scary.  But here’s the thing:  You more than likely won’t hit many/most of these known issues.  But they look scary and risky.

    January of 2019 hasn’t honestly been a bad month at all.  January of 2018 when we were getting nailed with inaccessible boot device due to servicing stack update issues was a much much worse time.

    Trust will need to be earned back.  But it’s good to see the outreach like this.   So to Microsoft, bring it on.

  • Patch Lady – Windows 7 documentation is showing it’s age

    Posted on January 16th, 2019 at 00:00 Susan Bradley Comment on the AskWoody Lounge

    So I’m working on a master listing of all the Windows 7 updates that I’ve installed on my crusty Windows 7 machines and I’ve found something interesting.  In documenting each knowledge base article that is installed, I’ve noted that there’s a handful of updates out of the 540 someodd updates listed in my Windows update history that don’t have a corresponding knowledge base article.

    Take for example this patch.  If I  click on it and try to find the KB link, it says that KB2868623 is “sorry not found”.  The security bulletin page is there  in the docs.  It’s just the KB article that is missing.  When you get to the end of the life of a product, you start to see a fair amount of what I call “link rot”.   Links no longer work, or venues no longer are as active as they were.

    It’s also interesting to see the evolution in resources as well.  I used to go to https://blogs.technet.microsoft.com/ as the go to place to read technical blogs.  Now I’ve added the Techcommunity to my list of resources.  As we come to the year countdown to the end of life for Windows 7, you need to determine your road ahead.  Do not plan on using your Windows 7 after the end of patching while surfing the web.  I’d much rather have you surf on a phone or a tablet than an unpatched anything.

    So be thinking now, be planning now to prevent your own “windows 7 rot”.  What are you planning to do?

  • Patch Lady – issues with Win10 Access 97

    Posted on January 11th, 2019 at 23:07 Susan Bradley Comment on the AskWoody Lounge

    I just noticed that in the Windows 10 release notes it has this info:

    I just noticed that in all of the Windows releases this month (Windows 7, 8.1, Windows 10, Server 2008 R2, Server 2012, Server 2012 R2, Server 2016, Server 2019) they have now listed a side effect with Access 97 based databases.

    Remember this patching issue?  https://borncity.com/win/2019/01/11/windows-january-2019-updates-breaks-access-to-access-dbs

    Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.

    Use one of the following options:

    Option 1: Modify the database to ensure that all column names are less than or equal to 32 characters.

    Option 2: Convert the database to the .accdb file format. To use the .accdb file format, you must change the Connection string after conversion.

    The easiest way to convert is to use Microsoft Access 2010 or earlier.

    Use Microsoft Access to open a database that has an older file format.

    You will be asked if you would like to convert. Click Yes and save the database with the .accdb extension.

    Option 3: Convert the database to a newer .mdb file format. This doesn’t require a change to the Connection string.

    Use Microsoft Access to open a database that has an older file format.

    You will be asked if you would like to convert. Click Yes and save the database with the .accdb file extension.

    Open the .accdb.

    From the File menu, click Save as and select Access 2002-2003 Database.

    Microsoft is working on a resolution and estimates a solution will be available early February.

    UPDATE: I have a tweet from Danial Beato Lopez that says the Napco Quickloader also has the same problem.

  • Patch Lady – That SMB issue isn’t SMB

    Posted on January 11th, 2019 at 18:04 Susan Bradley Comment on the AskWoody Lounge

    As a follow up to Woody’s earlier post on the issue of  KB4480970 (Monthly Rollup) and KB4480960 (Security only) causing issues with networking and discussed on the Patch Watch Podcast, an interesting factoid about the Windows 7/Server 2008 R2 bug of this week:

    It’s not due to SMB, but NTLM bug.

    Ned Pyle on twitter (and summarized here) states that:

    You will NOT have this issue if you’re using Kerberos. I.e, with a Domain user that is connecting to remote share by DNS or NB name & not IP address

    You won’t have this issue if you are NOT a local administrator on SMB host

    You will NOT have this issue if your SMB host is running Windows 8, 8.1, 10 or Windows Server 2012, 2012 R2, 2016, 2019

    Furthermore, it already looks like the issue has been resolved in a new KB https://support.microsoft.com/en-us/help/4487345 … which appears to only be released on the Microsoft catalog site at this time and not through Windows update.   Which may I point out is a bit odd since many hitting this are … cough … not in a domain and thus wouldn’t be behind WSUS and would only experience Windows update as their patching mechanism.

    If you are impacted the other workaround is showcased in https://support.microsoft.com/en-us/help/951016/description-of-user-account-control-and-remote-restrictions-in-windows that has the fixit version of the registry key workaround.

    One could argue that it’s bad running as local administrator (it is).  One could argue that one needs to ensure you are moving off sharing files on a Windows 7 or Server 2008 r2 given that it has about a year’s life left (unless you have an uber expensive premier support contract and plan to be buying extended support for Windows 7/Server 2008 R2).  But one could also argue that Microsoft is once again showcasing that it’s not testing patches across a wide range of scenarios.

    The reality is that we still have a ton of crappy line of business software that demands local administrator, and the reality that we have workhorses called Windows Server 2008 R2 and Windows 7 that until the feature release process settles down (I’m looking at you 1809 for the number of consultants I see complaining about excessive CPU, the need to constantly install updated drivers, and interactions with printers that worked fine with prior feature releases) as a reason that Windows 10 still needs to act like the adult it’s supposed to be and be dull and boring as it should be instead of annoying and petulant like it is.

    Until then, download that patch from the Microsoft catalog site and go back to keeping an eye out for any other issues on the first official “B” Patching week of the 2019 patching year.