Saturday, November 23, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

windows

ComputerWorld Independent 

Patch Tuesday’s tomorrow. We're in uncharted territory. Get Automatic Updates paused.

admin , ,

Credit to Author: Woody Leonhard| Date: Mon, 09 Mar 2020 07:06:00 -0700

It’s always a good idea to pause Windows updates just before they hit the rollout chute. This month, we’re facing two extraordinary issues that you need to take into account. Wouldn’t hurt if you told your friends and family, too.

Take last month’s Windows patches. Please. We had one patch, KB 4524244, that slid out on Patch Tuesday, clobbered an unknown number of machines (HP PCs with Ryzen processors got hit hard), then remained in “automatic download” status until it was finally pulled on Friday. We had another patch, KB 4532693, that gobbled desktop icons and moved files while performing a nifty trick with temporary user profiles. Microsoft never did fix that one.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Microsoft Patch Alert: February 2020 patches bring fire and ice but seem to have settled – finally.

admin , , , ,

Credit to Author: Woody Leonhard| Date: Wed, 26 Feb 2020 09:44:00 -0800

The real stinker this month, KB 4524244, rolled out the automatic update chute for four full days until Microsoft yanked it – leaving a trail of wounded PCs, primarily HP machines, in its wake. The other big-time bug in this month’s patches, a race condition in the KB 4532693 Win10 version 1903 and 1909 cumulative update installer, hasn’t been officially acknowledged by Microsoft outside of a blog post. But at least it’s well known and understood.

Folks running SQL Server and Exchange Server networks need to get patched right away.

Win10 UEFI update KB 4524244 blockages

Patch Tuesday brought KB 4524244 for Windows 10 owners, a bizarre single-purpose patch apparently directed at one specific UEFI bootloader. I talked about it last week.

To read this article in full, please click here

Read more
ComputerWorld Independent 

The mess behind Microsoft’s yanked UEFI patch KB 4524244

admin , ,

Credit to Author: Woody Leonhard| Date: Thu, 20 Feb 2020 06:23:00 -0800

Remember the warning about watching how sausage is made? This is an electronic sausage-making story with lots of dirty little bits.

First, the chronology. On February’s Patch Tuesday, Microsoft released a bizarre standalone security patch, KB 4524244, which was then called “Security update for Windows 10, version 1607, 1703, 1709, 1803, 1809, and 1903: Feb. 11, 2020.” The name has changed, but bear with me.

The original problems with KB 4524244

That patch had all sorts of weird hallmarks as I discussed at the time:

To read this article in full, please click here

Read more
ComputerWorld Independent 

Dump Windows 7 already! Jeez!

admin , ,

Credit to Author: Steven J. Vaughan-Nichols| Date: Tue, 18 Feb 2020 07:00:00 -0800

Why am I still writing about Windows 7? It’s dead, Jim! The tombstone reads, “June 22, 2009 – January 14, 2020.” It was a good run, but unless you’re shelling out some serious coin for Windows 7 Extended Security Updates (ESU), you shouldn’t be running Windows 7.

But many of you are. According to the best survey of who’s running what, the U.S. government’s Digital Analytics Program (DAP), on Feb. 14, weeks after Win7’s end of life, just over one in 20 of Windows users was still using Windows 7! Oh, come on! More than 5%! A dead and buried OS! Get with the program!

To read this article in full, please click here

Read more
ComputerWorld Independent 

Microsoft springs last-minute demand on buyers of Windows 7 after-expiration support

admin , ,

Credit to Author: Gregg Keizer| Date: Sat, 15 Feb 2020 05:35:00 -0800

Microsoft this week threw a wrench into the workings of its long-touted Windows 7 post-retirement support, telling IT administrators that there was a brand new prerequisite that must be installed before they can download the patches they’d already paid for.

The last-minute requirement was titled “Extended Security Updates Licensing Preparation Package” and identified as KB4538483 in Microsoft’s numerical format.

The licensing prep package can be downloaded manually from the Microsoft Update Catalog. It should also appear in WSUS (Windows Server Update Services), the patch management platform used by many commercial customers. It will not, however, be automatically delivered through the Windows Update service, which some very small businesses rely on to provide them necessary patches.

To read this article in full, please click here

Read more
ComputerWorld Independent 

A large – but manageable – February Patch Tuesday brings critical browser updates

admin , ,

Credit to Author: Greg Lambert| Date: Thu, 13 Feb 2020 03:00:00 -0800

With 99 reported vulnerabilities and patches to both Microsoft browsers, Office and Windows, this month’s Patch Tuesday update is not as large an administrative burden as you might initially think. We’ve rated the browser updates as a “Patch Now” update due to issues with the Chakra engine, but both Office and Windows can be scheduled according to a regular patch cadence. Unfortunately, we have another Adobe Flash update to deploy, but no critical development updates for February.

You can find more information in our helpful infographic here.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Patch Tuesday: 99 holes, 'exploited' IE fix, Win7 mayhem and UEFI ghost

admin , ,

Credit to Author: Woody Leonhard| Date: Wed, 12 Feb 2020 09:40:00 -0800

What a month it’s been – and the Patch Tuesday patches have only been out for 24 hours. There are many February patching foibles to report.

Every version of Windows 10, stretching back to the beginning of time (except for the long-neglected version 1511) got patches this month.

Welcome to the new, improved, paid-for Win7 patches

There was no free Windows 7 update this month, even though Microsoft released a Monthly Rollup Preview in January. Anyone concerned about the well-documented “Stretch” black wallpaper bug caused by last month’s Win7 Monthly Rollup apparently can pound sand – or manually download and install the fix. Your choice.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Thought you already paid for Win7 Extended Security Updates? Think again.

admin , ,

Credit to Author: Woody Leonhard| Date: Wed, 12 Feb 2020 05:43:00 -0800

I’m hearing lots of complaints from people who spent good money to get Win7 Extended Security Updates, but don’t see this month’s patches. There’s a reason why. Microsoft didn’t bother to tell us that you need a new patch, released yesterday, in order to start receiving Win7 ESU updates. You have to download the new patch, KB 4538483, from the Microsoft Catalog, and install it manually before the updates even appear.

Folks who spent money to get the February and later patches are livid. 

Yesterday, after releasing the February updates, Microsoft modified its ESU Procedure page to add this step:

To read this article in full, please click here

Read more