Newsletter Archives

• MS-DEFCON 2: ESU plans announced for Windows 10

  Posted on November 7, 2024 at 02:45 CST by Susan Bradley • Comment in the Forums

  

  ISSUE 21.45.1 • 2024-11-07

  

  By Susan Bradley

  In the midst of Microsoft’s pushing Windows 11 24H2 and updates for Windows 10, caution is in order.

  As a result, I’m raising the MS-DEFCON level to 2. Keep 24H2 at bay, and give me a few weeks to understand and fully vet next week’s updates.

  We’ve known for some time that Extended Security Update (ESU) plans would be offered for Windows 10 in October 2025, when regular support ends. What we did not know until recently was the cost for consumers. Last week, on Halloween, Microsoft gave us a treat by announcing a price of $30 for one year. Exact details about obtaining these ESU plans will be disclosed later next year.

  Anyone can read the full MS-DEFCON Alert (21.45.1, 2024-11-07).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38094, iOS 18, KB5002606, KB5002615, KB5002618, macOS Sequoia, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, Windows 10, Windows 10 ESU, Windows 11 24H2, Windows Server 2025

• MS-DEFCON 4: 24H2 is a work in progress

  Posted on October 22, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.43.1 • 2024-10-22

  

  By Susan Bradley

  Every month, I look back at the issues and oddities I’ve been tracking to see whether they are merely corner cases or something more widespread.

  One thing is certain: I am not recommending the installation of Windows 11 24H2 now, especially for consumers and small businesses. I am testing and evaluating the release, and I will continue to keep you informed about bugs and problems. For everything else, I’m lowering the MS-DEFCON level to 4.

  Anyone can read the full MS-DEFCON Alert (21.43.1, 2024-10-22).

  AskWoody Plus Alert, MS-DEFCON Alerts, Always On VPN, KB5043950, MS-DEFCON, MS-DEFCON 4, Outlook (classic), Outlook (new), Patch Lady Posts, SSDs, Windows 11 24H2

• MS-DEFCON 2: Windows 11 24H2 is out!

  Posted on October 1, 2024 at 20:03 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.40.1 • 2024-10-01

  

  By Susan Bradley

  It’s not that 24H2 was unexpected — but we had very, very little notice.

  You won’t be surprised by this advice: Don’t take the 24H2 update just yet. Nobody has had time to react to today’s announcement — much less examine the changes, check out the new features, and assess the effects of the update on existing systems.

  I considered raising the MS-DEFCON level to 1 because of the suddenness of the news, but 24H2 is not exactly an emergency. So I’m raising the level to 2. I recommend that you use your preferred delaying tactic to prevent 24H2’s installation until we’ve gone through our testing and you reach your own comfort level. As usual, I suggest Steve Gibson’s easy InControl app.

  Anyone can read the full MS-DEFCON Alert (21.40.1, 2024-10-01).

  AskWoody Plus Alert, MS-DEFCON Alerts, KB5042207, KB5042209, KB5042211, KB5042214, KB5042215, KB5042217, KB5042749, KB5043145, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, Windows 11 24H2

• MS-DEFCON 4: Dual-boot computers now safe to patch

  Posted on September 24, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.39.1 • 2024-09-24

  

  By Susan Bradley

  In the August updates, Microsoft introduced a bug that impacted Windows users who dual-booted into Windows and Linux.

  At first it was thought the bug had not been fixed in the September updates, but upon further investigation, I learned that it had been addressed. Because it is now fixed, I find no reason to delay updates further and am therefore lowering the MS-DEFCON level to 4.

  Anyone can read the full MS-DEFCON Alert (21.39.1, 2024-09-24).

  AskWoody Plus Alert, MS-DEFCON Alerts, Dual Boot, Intune, iOS 17, iOS 18, KB5043064, KB5043076, MS-DEFCON, MS-DEFCON 4, Patch Lady Posts, Repair Install, Windows Autopatch, WSUS, WSUS Automated Maintenance

• MS-DEFCON 2: 24H2 is around the corner

  Posted on September 5, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.36.1 • 2024-09-05

  

  By Susan Bradley

  I can always tell when fall is in the air.

  No, it’s not a decrease in temperatures — we’re still very hot here in Central California. No, it’s not that pumpkin-spice aroma around coffee shops.

  It’s the technology headlines about imminent updates from Redmond and Cupertino. Naturally, that means I’m raising the MS-DEFCON level to 2. Here are a few things you should consider.

  Anyone can read the full MS-DEFCON Alert (21.36.1, 2024-09-05).

  AskWoody Plus Alert, MS-DEFCON Alerts, Apple, CVE-2024-26248, CVE-2024-29056, InControl, KB5014754, KB5025885, KB5037754, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, RSA, TLS, Windows 11 23H2, Windows 11 24H2

• MS-DEFCON 4: Side effects for dual booters

  Posted on August 27, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.35.1 • 2024-08-27

  

  By Susan Bradley

  Secure Boot is causing — once again — side effects for Windows patchers.

  The August updates are triggering issues for those who dual-boot into Linux. Because this is unlikely to affect very many users, and because the IPv6 bug I alerted you to ten days ago is now well understood, I feel that lowering the MS-DEFCON level to 4 is safe.

  That assumes you do not ignore the IPv6 matter.

  Anyone can read the full MS-DEFCON Alert (21.35.1, 2024-08-27).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38063, KB5041578, KB5041580, KB5041585, MS-DEFCON, MS-DEFCON 4, Patch Lady Posts, Secure Boot, Server 2019

• MS-DEFCON 3: Blocking a potential wormable event

  Posted on August 16, 2024 at 21:22 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.33.1 • 2024-08-16

  

  By Susan Bradley

  It’s been a long time since we’ve had a Microsoft worm event.

  Last week’s patches contained a fix for the Windows TCP/IP Remote Code Execution Vulnerability identified as CVE-2024-38063. This one affects all supported Windows versions and extends back to Windows 7 and Windows 8, including older servers.

  This CVE has a very high danger rating. Because of that, I am lowering the MS-DEFCON level earlier than I normally would, setting it to 3. That sounds backward, but this advisory is conditional, based upon the type of user you are and how you decide to deal with the update.

  Although the danger is real, I believe the risk is somewhat less. In this alert, I’ll explain why.

  Anyone can read the full MS-DEFCON Alert (21.33.1, 2024-08-16).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38063, IPv6, MS-DEFCON, MS-DEFCON 3, Patch Lady Posts, Windows, Windows Server, wormable

• MS-DEFCON 2: Microsoft and Apple betas near finish line

  Posted on August 8, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.32.1 • 2024-08-08

  

  By Susan Bradley

  Hold off on updates from both companies until they are fully vetted.

  With so much activity around forthcoming Windows updates, continued caution is recommended. That’s why I’m raising the MS-DEFCON level to 2.

  I realize that the window between today and last week’s Alert has been brief. It’s just a matter of the calendar — more testing time was needed last month, and Patch Tuesday is next week.

  Anyone can read the full MS-DEFCON Alert (21.32.1, 2024-08-08).

  AskWoody Plus Alert, MS-DEFCON Alerts, Black Hat USA, CVE-2024-36971, iOS 18, KB5001716, KB5025885, MS-DEFCON, MS-DEFCON 2, Office 2019, Patch Lady Posts, Windows 11 24H2

• MS-DEFCON 3: Secure Boot triggers recovery keys

  Posted on July 31, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.31.1 • 2024-07-31

  

  By Susan Bradley

  It’s time to check whether your boot drive is encrypted.

  As I predicted, Microsoft’s July 2024 security update may trigger a request for recovery keys among those who enabled BitLocker or drive encryption. That’s because the update included a change to Secure Boot.

  This is problematic enough that I’m lowering the MS-DEFCON level to just 3, rather than the more common level 4 I usually suggest at the end of the month. I think you should install updates, but don’t install and then review. Instead, understand this problem ahead of time, prepare as needed, and then update.

  Anyone can read the full MS-DEFCON Alert (21.31.1, 2024-07-31.

  AskWoody Plus Alert, MS-DEFCON Alerts, Binarly, BitLocker, Drive Encryption, KB5040430, KB5040437, KB5040525, KB5040527, MS-DEFCON, MS-DEFCON 3, Patch Lady Posts, PKfail, Secure Boot

• Bad antivirus definition triggers shutdowns

  Posted on July 20, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.29.1 • 2024-07-20

  

  By Susan Bradley

  It was a really bad day for IT admins.

  Late Thursday night, the security protection company CrowdStrike sent a bad antivirus definition file to its entire customer base. Because this faulty data file inserts itself into the Windows kernel, Windows does what it was designed to do — it goes directly to the blue screen of death (BSOD).

  Most of us can rest easy. CrowdStrike is not a product for the consumer or for a very small business. It’s an enterprise product, and thus its impact was widely seen in very large companies, triggering service interruptions for airlines, banks, healthcare providers — worldwide.

  Read the full Plus Alert (21.29.1, 2024-07-20).

  AskWoody Plus Alert Alerts, Antivirus, Blue screens of death, Crowdstrike, Outage, Patch Lady Posts

• MS-DEFCON 2: Never install previews

  Posted on July 3, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.27.1 • 2024-07-03

  

  By Susan Bradley

  Microsoft regularly releases updates. Previews are betas.

  In the first week of each month, Microsoft issues the non-security Office releases that PKCano documents in the AskWoody blog. In the second week of each month, Microsoft releases its main security patches. Finally, in the last week, Microsoft releases previews of the following month’s non-security fixes.

  Previews do not go through the same rigorous testing as the security updates. (Credit where it is due: Microsoft does perform basic testing of its main security updates.) As a result, issues can occur. This is why I strongly recommend that you do not install preview updates when offered for Windows 11 23H2 and Windows 10 22H2. In addition, pause all updates now while I test, vet, and approve. This is the reason I’m raising the MS-DEFCON level to 2.

  Anyone can read the full MS-DEFCON Alert (21.27.1, 2024-07-03).

  AskWoody Plus Alert, MS-DEFCON Alerts, Copilot, KB5036893, KB5039299, KB5039302, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts

• MS-DEFCON 4: Consumers get a break

  Posted on June 25, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.26.1 • 2024-06-25

  

  By Susan Bradley

  We’re halfway through the patching year!

  It’s time to install the June updates, which is why I’m lowering the MS-DEFCON level to 4. I’m not seeing any widespread issues or major impacts. Most side effects seem to be with Win11 Insider versions and 24H2.

  It appears that new technology allowing you to sync your phone with your computer is causing a bit of a CPU hit in the 24H2 release. Microsoft is trying to fix this issue before it gets released to the rest of us. That’s good news.

  In the very good news category is the delay in releasing Microsoft Recall, the much-hyped “reminder” software. The company pulled back at the last minute, due to concerns from security researchers and businesses.

  Anyone can read the full MS-DEFCON Alert (21.26.1, 2024-06-25).

  AskWoody Plus Alert, MS-DEFCON Active Directory, Alerts, bug bounty, CVE-2023-38606, CVE-2024-30078, KB5039211, KB5039212, KB5039217, MS-DEFCON, MS-DEFCON 4, Process Monitor, Recall, SQL Server, Sysmon
• « Older Entries

  Newer Entries »