Tag : microsoft

Microsoft delays February patch till March 14th

microsoft-patch-tuesday-delayed

Microsoft freaked out many tech pros, announcing that February patches would be delayed till Tuesday, March 14th, because of a “last minute issue”.

Tech professionals often plan such patching schedules and prefer to know in advance when major vendors are set to release the next patch, since they are most likely deploying these across thousands of workstations and servers.

February was also the first month that Microsoft was set to publish information on patches and vulnerabilities on the new Security Updates Guide portal (rather than in Security Bulletins) but that will have to wait till March.

Many were expecting a remedy for the unpatched Windows SMB bug as well in the February update bundle.

Word on the street is that Microsoft was having trouble with its patch build system. Microsoft has been very hush hush about the reason for the delay.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.zdnet.com

 

WaaS! What Windows as a Service means for IT professionals

WAAS

Windows as a service means less control for IT professionals. Faster upgrade cycles, single rollup patching, and no more service packs.

Aggressive upgrade cycles means that you can no longer deploy a version of windows and stick with it for 5 or 7 years. The upgrade cycle has shortened dramatically to about 18 months. Now feature updates can be deferred but only for a certain amount of time, and never refused entirely.

Windows 10 Pro was released in February 2016, six months later the Anniversary update (version 1607) was released to the Current Branch (CB) and in November 2016 to the Current Branch for Business (CBB). Business versions are able to defer updates for eight months. Therefore, not even a year and a half later in July 2017, you will be forced to upgrade to version 1607 or later.

The version 1607 tightens the group policy timeline down from eight months to 180 days, with a 60 day grace period at the end. It is expected that businesses will have to upgrade each PC in their organization once a year, which can be difficult for those small business without IT staff, since upgrades often break the functionality with third party applications.

It use to be that patches could be selected, rather than with the new upgrade model that rolls all patches into one. This essentially is forcing the PC to the same base configuration as needed for the new rollup. IT professionals can no longer pick and choose, and uninstall problematic updates. The only option is to delay the update a number of weeks until the next rollup. But this also means delaying critical security fixes as well.

No more service packs means that rolling back an OEM device to factory configuration entails getting it to the latest feature update then installing another large update to get it to current.


If you would like to educate yourself in more detail about the information presented in this blog post, or to view the original content please visit: www.zdnet.com

Windows 10 Vulnerability – Edge Browser users Safe

windows-10-cyber-threat-bug-558378

The vulnerability is called Strontium, found in Windows code. Google stumbled across the flaw, and wrote a blog post in late October stating the affects on Adobe’s Flash media player. Google’s policy concerning such critical vulnerabilities is to publish them actively seven days after Google has reported them to the software’s creator.

According to Google, the flaw exists in the Windows kernel and can be used as a “security sandbox escape”. Sandboxes are use in software in order to stop malicious or malfunctioning programs from reaching or otherwise damaging other parts of the machine.

Microsoft has acknowledged the flaw, but also criticized Google for releasing it before a fix was available, stating to a member of VentureBeat,

“We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk,” said a Microsoft spokesperson.  “Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible.”

Microsoft Executive Vice President Terry Myerson, explained the vulnerability in more detail in his blog post on Tuesday. In order for the computer to be affected with the malware, it must first infiltrate Adobe;s Flash to gain control of the web browser. After which privileges are elevated in order to escape the browser’s sandbox. Finally the malware would be able to install a backdoor to provide access to the victim’s computer.

Those that are using Microsoft Edge browser are protected, as the browser prevents the installing of the backdoor. Everyone else is left to wait for the next available patch to solve the issue, which should be November 8th.

 


If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.pcmag.com 

 

Top 3 Identity Management Solution Recommendations

 Identity-Management-as-a-Service (IDaaS) provider aids with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity.

okta

Okta Identity Management

Okta comes highly rated for identity management, and for good reason. Rated best-in-class for support of integrating multiple directories, as it allows for multiple identity providers without compromising data quality, support providers such as AD, Google Apps, and Workday. Beginning at $2 per user, per month and ranging up to $8 for the most advanced tier. Installation and set up of Okta is fairly easy. One of the first steps of set up involves connecting to an existing AD domain, which Okta offers an AD agent that will synchronize user and security group objects to the software’s cloud based Universal Directory. After downloading the installer and going through the basic wizard motions, you can start using the Okta Agent Manager to dabble with basic maintenacne tasks, adding domains, and configuring a proxy server. You can use Okta to make your life easier by configuring the software to pull employee information from a SaaS application, configured as master attricutes, fed back to AD, and therefore enabling changes to the group to be automatically populated. The functionality possibilities are really to whatever degree you decide to take it. Okta offers more than any other Identity Management in the game.

 

onelogin  OneLogin

OneLogin is another great Identity Management tool. It offers support for multiple security policies and roles and mapping functionality provide flexible management. OneLogin offers a free entry-level proving that makes it the ideal choice for small businesses. Their four tier model ranges from the free level offer to an $8 per user, per month option similar to that of Okta. The directory integration sets OneLogin apart in the enterprise, alomg with other expected features of a quality IDaaS, such as multiple security policies, mobile functionality for users, multifactor authentication, and SAML authentication. Some found OneLogin’s dependence on mappings to be confusing, so that is something to consider.

azureWindows Azure Active Directory

Best-in-class integration with both Active Directory (AD) and Office 365, as well as the most cost-effective option for multifactor authentication (MFA). Azure gets a significant boost up due to the tight integration with Microsoft Windows Server Active Directory (AD) and Office 365. Azure AD encompasses advanced toolsets for managing identities and identifying the Software-as-a-Service (SaaS) applications used within an organization. Microsoft has been a top industry leader for decades, which is why they have such a significant leg up in on-premise network directories. Azure AD’s pricing is very competitive compared to other IDaaS, offering a free tier, a Basic tier for $.50 per user per month, and a Premium tier that runs $6 per month.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post, please click on the linked titles above.

 

Latest Windows 10 Update Breaks PowerShell

powershell

The latest Microsoft cumulative patch for the Anniversary update had unexpected consequences for PowerShell, the command line shell and scripting language. Notes accompanying the release suggest that this was not unexpected for Microsoft, as the company appears to have known of the implications for PowerShell features when pushing the update. The Windows 10 upgrade has brought a few issues to users, such as frozen screens and broken USB-connected webcams. These two issues have not yet been solved in the KB3176934 (OS Build 14393.82) –for Windows 10 version 1607, also known as the Anniversary Update. However this PowerShell break proves to be the most relevant and recent issues to emerge.

Microsoft explains that the update breaks PowerShell due to a missing MOF file in the build package, and therefore breaks PowerShell Desired State Configuration, a feature used by IT admins to manage enterprise environments.

“All DSC operations will result in an ‘Invalid Property’ error,” Microsoft said. “In addition, due to a missing binary in the build package the update breaks PowerShell implicit remoting. Implicit remoting is a PowerShell feature where PowerShell commands work on a remote session instead of locally. Specifically, importing a remote session no longer works.”  www.zdnet.com 

Microsoft open sourced PowerShell and brought it to Mac OS and Linux distributions just a week ago.

Microsoft expects the PowerShell issues to be resolved with the next update release, today August 30th.


 

 

If you would like to educate yourself in more detail about the material presented in this blog post please visit : www.zdnet.com 

Monthly patch rollups for Windows 7, 8.1 start October 2016

microsoft-patch

Monthly patch rollups for the Windows 7, 8.1, Windows Server 2008 R2, Windows Server 2012 and Server 2012 R2 operating systems will commence in October 2016. Microsoft will also move the same monthly rollup model for the .NET Framework in October as well.

A rollup is multiple patches, “rolled up” into a single update, replacing individual patches for operating systems. Previous individual patches allowed users and administrators to select the patches they wished to apply, but Microsoft officials say this has led to fragmentation, with different PCs having different sets of updates installed.

“The new rollup model gives you fewer updates to manage, greater predictability, and higher quality updates. The outcome increases Windows operating system reliability, by eliminating update fragmentation and providing more proactive patches for known issues. Getting and staying current will also be easier with only one rollup update required. Rollups enable you to bring your systems up to date with fewer updates, and will minimize administrative overhead to install a large number of updates.” –  Microsoft said in a statement

Security and reliability patches will be included in the rollups, yet Servicing Stack and Adobe Flash updates will not. Windows Update, Windows Server Update Services (WSUS), System Center Configuration Manager (SCCM) and the Microsoft Update Catalog will have the monthly updates published.

Microsoft’s goal is for the monthly rollups to be fully cumulative, happening as the team adds patches previously released, so users can install the latest single rollup and be up to date.

Windows will release a single Security-only update, including new security patches for each month with individual patches no longer available. The Security update will not be available on Windows Update, but will be available from WSUS, SCCM, and the Microsoft Update Catalog.

 

 

 


 

If you would like to educate yourself in more detail about the information presented int his blog post, please visit : www.zdnet.com

Windows 10 – Taking Tricks from Malware

Windows 10

 

Microsoft has been long pushing its users to jump aboard the Windows 10 train. But have they crossed the line?

Tech writer for Computer World, Preston Gralla, explains how Windows 10 took over his wife’s computer, installing the Windows 10 update without her permission. Gralla was understandably skeptical when his wife came into his office frustrated with Microsoft and complaining about the new update. How could the largest software platform, installed on PCs and Laptops alike, just blatantly ignore a users preferences and install new software without permission?

Microsoft has been aggressive in it’s attempts to get users to upgrade to Windows 10 before July 29th. Pop-ups began to appear on user computers urging them to update, but the action could be easily blocked with a quick click of the X in the pop-up window. Sounds just like any other pop-up, easy enough to understand. It started when Microsoft began quietly downloading the bits needed for the Windows 10 upgrade without telling users. Then this spring, Microsoft took it one step further. Changing everything we users know to be true about the X button in the upper right corner of any pop-up, Microsoft flipped the script. When the upgrade app appeared on user screens, and a user decided to click the X in the top right corner to avoid the installation, Microsoft did the exact opposite of what the user intended, taking a NO for a YES and installing Windows 10 on the user’s PC. Extremely frustrating to anyone thinking they had just avoided that action.

As Computer World’s Gregg Keizer points out, Microsoft violated it’s own recommended policy by changing this action on their upgrade app. Microsoft advises developers to maintain the action of clicking the X to close a dialog box to halt any action the box might take. Microsoft writes on it’s website for design guidelines, “The Close button on the title bar should have the same effect as the Cancel or Close button within the dialog box. Never give it the same effect as OK.”. Well, What the bleep Microsoft. You did exactly what you advise others not to do, giving the action of clicking X the same effect as OK.

Preston Gralla points out the painful resemblance of Microsoft’s shady acts to that of malware. Microsoft’s document  “How to prevent and remove viruses and other malware.” warns, to never click agree or OK to close a window suspected to be spyware. Instead Microsoft advises to click the red X in the corner of the window or press Alt+F4 to close the window. Hm. Even more ironic, Microsoft defines Spyware, “Spyware can install on your computer without your knowledge. These programs can change your computer’s configuration or collect advertising data and personal information.”

Well Microsoft, let’s make a list.

  • The Windows 10 upgrade downloads bits onto a user’s PC without permission or knowledge.
  • Changes a user’s computer configuration to meet the agenda of Microsoft.
  • By default, Windows 10 collects advertising data and personal information.
  • If a user tries to stop the Windows 10 upgrade, by doing exactly what Microsoft advises users to do with any other application, click the X in the right corner of the dialog box if you do not wish to receive the upgrade, the upgrade installs anyway!

If these tricks were tried by any other company, especially with malicious intent, I would be writing a blog post about a new form of Malware. It appears Microsoft has taken notice to the aggressive push of malware and tailored a few of these features to benefit the push of the latest Windows 10. Not even Microsoft can advise users and developers to do one thing and then employ the complete opposite when it is to their benefit, eventually one of us is going to realize something fishy is going on. Windows 10 is not malware, and upgrading isn’t going to crash your computer or hold your data hostage. However, being upgraded to a new operating system is a lengthy installation that can have significant consequences for the user. Some applications may no longer work with the new OS, the length installation means time taken away from the work day, and learning a new OS is not particularly thrilling to most of the population. Not to mention the violated feeling most will endure when they find out Microsoft ignored their preferences and installed the upgrade anyway.

Take your own advice Microsoft.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit:How Windows 10 Became Malware

Microsoft’s HoloLens Platform is Open to Partners

maxresdefault (1)

 

Microsoft took a leap this week, deciding to open it’s Windows Holographic platform to hardware developers creating virtual and augmented reality devices. Windows 10 partners can create their own mixed-reality worlds for users to both communicate and work, thanks to the same software that powers Microsoft HoloLens. Microsoft has invited it’s hardware partners to build PCs, displays and accessories with the Windows Holographic platform.

Microsoft wants users and partners alike to visualize using a VR device and being able to see their hands as they manipulate an object, or even bringing in a holographic representation of a person, object, or concept into a users personal virtual reality in order to collaborate on big projects. Microsoft is looking a the bigger picture by encouraging partners to take a jump  with their HoloLens platform. Already working with partners such as Intel, AMD, Qualcomm, HTC, Dell, Lenovo, and more, that jump doesn’t look so unimaginable. The Windows Holographic includes a holographic shell ans interaction model, perception APIs and Xbox Live services. The HoloLens 3D augmented reality headset is untethered and rather than taking a users entire field of vision like VR gadgets, the HoloLens adds 3D objects to the real world vision of the user. The newest version of the reality headset is already in the works, which will encompass even more capabilities such as multi-tasking, new voice commands, photo applications, Bluetooth for devices, and support for the Edge Web browser.

Personally, I can’t wait to get my hands on one of these even if just for a little test, and if Microsoft is successful in their efforts that shouldn’t be too hard to do.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Microsoft Opens HoloLens Platform to Partners

Windows Anniversary Update – Increased RAM Requirement

According to Microsoft, the Windows Anniversary Update will double the amount of RAM needed in order to run, which could be problematic for anyone using an older machine or running on a very small hard drive. Windows 10, 8, and 7, required only 1GB of RAM. The 32-bit Windows Anniversary update will increase this requirement to 2GB of RAM. The RAM required for the 64-bit systems will not increase but rather stay at the already required 2GB of RAM. All other requirements remain unchanged. You still need 1GHz processor, 16GB of free storage for the 32-bit version and 20GB free storage for the 64-bit version, as well as DirectX 9 support. For those that have cut corners on RAM, or have a “vintage” machine, you will most likely encounter problems trying to meet the new requirements. If you have recently invested in increased RAM or purchased a new machine in the past few years, Windows Anniversary update should give you no trouble. RAM is a fairly inexpensive upgrade and should prolong the life and quality of your machine.  As a reminder, the Windows Anniversary Update launches on July 29th of this year, with an improved Cortana and Hello login feature.

o92a2806 (1)

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Windows 10 Anniversary Update will require more RAM

3 Ways to Make Windows 10 Less Annoying

Sign in with a local account rather than a Microsoft account

Microsoft doesn’t exactly make this option super accessible to its customers. It’s not in big bold letters, but it can be done. As many of you might have already discovered during the initial setup Windows 10 will ask you to sign in with a Microsoft account, or create a Microsoft account if you do not already have one. If you would prefer not to sign in with a Microsoft account, you can choose a local account. The very tiny “Skip this step” option during setup is the golden ticket. When asked to create a new account in Windows 10 you will see again, a very tiny, “I don’t have this person’s sign-in information” which will allow you to bypass with ease.

*If you have already fallen victim to signing in with your Microsoft account, open settings, click accounts and then “your email accounts“. This will present you with the option to sign in with a local account.

local-account-before

Pull Back on Telemetry Settings 

Microsoft sends a hefty amount of telemetry information from your PC. This is not entirely a bad thing, as telemetry information shows how well or poorly your PC is operating, as well as how you use it. The main factor in which is problematic is the amount of information transmitted that ultimately takes your personal information with it. Protect yourself by changing the settings to manage security. The default setting sends the maximum amount of information possible.

In order to get to the settings changed required to perform this action you need to open the Settings app. After you have opened the Settings app you can continue to click Privacy > Feedback & Diagnostics. Click to the right of the Send your device data to Microsoft and you will see the full list of options. Choose Basic, close settings, and sleep better at night.

telemetry-after

Please Cortana, give it a rest 

Cortana is a great feature, but sometimes her persistent nature gets in the way of your needs. If you would rather use the search box without Cortana’s input, Cortana can be disabled. The search box on the taskbar will focus mainly on local files, settings and apps. I assume if you are annoyed by Cortana, that you missed the opportunity to tell her “No thanks”. If you have changed your mind and would like her to fade into the background, click the search box on the taskbar. This will bring the Cortana pane to you, where you can click the hamburger menu in the upper left corner. Proceed to click Notebook, then click Settings. Slide the top switch to Off, and Cortana won’t make a peep!

cortana-after

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Six Windows 10 annoyances: How to make them go away for good