Newsletter Archives

• Tip for the weekend – scanning for Log4j vulnerabilities

  Posted on January 9, 2022 at 00:32 CST by Susan Bradley • Comment in the Forums

  Video here

  I wrote about this the other day in the newsletter to check your computer for the Log4j2 vulnerability. So far the good news is that I’ve not seen active attacks in consumer computers, but I have seen vendors taking action to patch their software in business software. Now comes word that the Federal Trade Commission is reaching out to warn vendors to step up and ensure that their software is patched.

  While I don’t see this as an issue for consumers, it’s still a concern for those of us in small businesses, as we don’t have the power to demand stuff from our vendors. For us, it is what it is.

  I’ve found a tool that does a better job of identifying if your system has vulnerable code. It’s from Qualys and can be downloaded here. 

  You download the zip file, extract it. Now open up a command window, right mouse click to run as admin and leave it open. (watch the video for a demonstration)

  Get yourself to where you downloaded the file (this is often the tricky part) and then run the command log4jscanner.exe

  

  Now wait for it to scan your drives. This may take some time. On my laptop it found nothing on the drive. On my machine that I am typing this up from, it found some old files on my spare E drive.  I can remove them with no issues. But on my office computers, it found files on some line of business vendor software that I use.

  So now what? It’s active software so I can’t uninstall it. But keep in mind that the attacker has to get on to your system first, unlike the cloud vendors I don’t have the vulnerable software exposed directly to the web. So they have to get on my system first. And that means to me that they can nail me lots of OTHER ways first. So while I am going to reach out to my vendor, I’m not panicking.  But it is interesting to see how the FTC is getting into the act of pushing our vendors to get better.

  So if you are a small business tech person like me?  Check your computers to see what vendors you need to push.

   

   

  Security, Small Business Computing

• The annoyances of printers

  Posted on October 19, 2021 at 14:53 CDT by Susan Bradley • Comment in the Forums

  We are supposedly in a paperless business world. Yea… right.  Meanwhile every month we keep hitting printer issues (for some printers, not all) triggered by Microsoft updates. So we get told to buy a new printer to make our lives easier and then the printer manufacturers get downright … well how can we say this nicely…. overbearing, and nearly evil in their ways to hook us into their ink and cartridge programs.

  Once upon a time I had an HP laserjet 4 printer that would run and run and run. The next version of that printer for home users, the HP Laserjet 4L would just run and run and run. (You can still buy one on ebay). I finally had to get rid of it when plastic parts would break off but I must have had that printer for 15 years or more?

  So then the printer manufacturers realized two things – thing one selling printer cartridges was a good business to be in and thing two – if they made a printer that was indestructible we’d never buy another printer again.

  In the small business industry there are certain models of printers that work nicer with working from home and remote printing. A plain laser jet printer of the Lexmark or Brother variety tends to not give you grief when remote printing unlike a USB connected all in one. I also try to not connect home printers via USB when I’m sharing them, rather I look to see if they have a network jack and connect them via a rj45 cable to my home router. Then I go into “add printer” and add a network printer and they find the printer on the network.

  Bottom line it’s 2021. We’re not paperless. We still have issues printing. Each time you install an update (and a reminder, we’re not ready yet to give the all clear to install updates) you need to test that you can print as your first post reboot activity.

  Printing is still such a mess.

  So what printer do you use and what annoys you about your printer?

   

  Small Business Computing Patch Lady Posts

• QuickBooks Desktop moves to subscription model

  Posted on September 7, 2021 at 12:32 CDT by Susan Bradley • Comment in the Forums

  (USA small business accounting centric post)

  Just got this email from QuickBooks – this notice is for QuickBooks Pro Advisors but you can already see that they are selling QuickBooks 2021 and 2022 in subscription model in stores and online.

  If you want to have a ‘fixed price’ for a few years grab the QuickBooks Desktop 2021. It will support payroll for several years and then you’ll have to decide your transition strategy then.

  Bottom line QuickBooks Desktop is not dead… but it’s definitely a subscription model these days.  You have until December 10th to grab on to a one time purchase version of QuickBooks before we’re all on a subscription model.

  * * * * *

  A message from Ted Callahan

  You are our valued partner, and we are reaching out to provide advance notice of QuickBooks Desktop 2022 product subscriptions and availability, ProAdvisor pricing and support changes.

  For our 2022 Desktop products, we are making 4 changes that we describe in detail below:

  Transitioning to subscription model for our Desktop lineup with the 2022 release.
  Introducing QuickBooks Desktop Mac Plus subscription.
  Extending availability of 2021 Desktop one-time purchase products until December 10, 2021 for accountants.
  Improving support for ProAdvisors.
  Product release expected September 28, 2021

  QuickBooks ProAdvisors will have access to the new QuickBooks Accountant Desktop Plus, Desktop Enterprise Accountant, and Desktop Mac Plus subscriptions around September 28, 2021. These subscriptions will be available through the ProAdvisor Membership portal within QuickBooks Online Accountant.

  The new QuickBooks Desktop Plus and Enterprise subscriptions are scheduled to be released to businesses on October 12, 2021. QuickBooks Desktop subscriptions provide customers with the same locally-installed user interface, with added features and functionality that provides the best value and best-in-class product experience.

  Pro Plus and Premier Plus subscriptions

  QuickBooks Desktop for Windows is updating its product lineup. With our 2022 launch, we will now only be selling our Pro and Premier products as Pro Plus and Premier Plus subscriptions in place of one-time purchase licenses. In making this transition to subscription only, we commit to focusing our investment to deliver greater value and more impactful features for you and your clients. This transition will also encourage your clients to be on the most recent versions for easier collaboration with you. To facilitate this transition, sales of QuickBooks Desktop 2021, one-time purchase versions, will be extended until December 10, 2021.

  The 2022 subscription versions will offer you and your clients additional benefits, including:

  Access to the latest version, with the most up-to-date features, security patches, and support for 3rd party operating system changes.
  Up to 38% faster, more reliable QuickBooks computing power (64-bit).
  Unlimited customer support and data recovery at no additional charge.
  Premium time saving and money management features. Increased productivity with the QuickBooks Desktop mobile app.
  Please note that clients on older 32-bit computers will not be able to use the 2022 version, which requires a 64-bit compatible Windows operating system. Check here for more information on how to check for compatibility for your Plus and Enterprise customers.

  New: Mac Plus subscription
  For 2022, we are introducing QuickBooks Desktop Mac Plus, an annual subscription-based license for small businesses. We will now be selling our Mac product subscription in place of one-time purchase licenses.1 QuickBooks Desktop Mac Plus will be available to accounting professionals as part of the ProAdvisor Enterprise Software Bundle.

  The 2022 subscription version will offer you and your clients additional benefits, including:

  Access to the latest version, with the most up-to-date features, security patches, and support for 3rd party operating system changes
  Unlimited customer support and data recovery at no additional charge
  Premium subscription features, like automatically creating and categorizing receipt expense transactions.
  Distribution for QuickBooks Desktop
  Our transition to a subscription-forward lineup will occur at the time of our 2022 product release – scheduled for October 12, 2021.

  We will offer a limited time exception for the purchase of our Desktop Pro, Premier and Mac 2021 one-time purchase licenses (supported through May 2024) to avoid disruption to you and your clients. These products will be available via QuickBooks Solutions Providers (QSPs) and Intuit sales agents until December 10, 2021.

   

  Small Business Computing Patch Lady Posts

• Kaseya VSA has been hit with a ransomware attack

  Posted on July 2, 2021 at 14:25 CDT by Susan Bradley • Comment in the Forums

  https://www.reddit.com/r/msp/comments/ocggbv/crticial_ransomware_incident_in_progress/

  https://twitter.com/markloman/status/1411035534554808331

  “We are monitoring a REvil ‘supply chain’ attack outbreak, which seems to stem from a malicious Kaseya update. REvil binary C:\Windows\mpsvc.dll is side-loaded into a legit Microsoft Defender copy, copied into C:\Windows\MsMpEng.exe to run the encryption from a legit process.”

  This not good for those who rely on consultants who then use common tools. Kaseya is the name of a company that provides various tools for consultants to remotely access and manage networks for their customers.

  Consumer/Home user impact:  You don’t use Kasaya VSA so you are safe.

  Small business impact/Consultant impact:  So far it looks like it’s only 4 MSPs that Huntresslabs are tracking, but you may want to check your networks to be safe.

  Security, Small Business Computing Kaseya, Patch Lady Posts

• Win7 ESU License purchasing now open

  Posted on January 4, 2021 at 13:49 CST by Amy Babinchak • Comment in the Forums

  For the second year Harbor Computer Services has agreed to make the Win7 ESU licenses available for small quantity purchasers. What do you know? Microsoft and the distributors both got their act together this year and opened up Windows 7 – Year 2 Extended Servicing Updates license for sale on time. That means it’s available now! The cost of year two licensing is $142.

  To prepare for your license purchase you will need:

  • Your tenant information from last year. Find that email from Ted. It’s in there and you were instructed to keep it in a safe place.
  • Credit card
  • Number of licenses needed
  • email address

  If you have any Windows 7 computers that do not have year 1 applied, then you will also need to purchase year 1 for that computer. There’s a note section to let Ted know that you need one of those too. After you submit the form, Ted will process the information, make the purchase and the send you an email response with the license and instructions for installation. Just like last year. Please be a bit patient as we get ramped up to process these.

  Here ‘s the link to the form

  Small Business Computing, Windows 7, Windows Patches/Security Win7, Win7 ESU

• A new way to manage Exchange’s auto-forwarding rules

  Posted on December 6, 2020 at 21:05 CST by Amy Babinchak • Comment in the Forums

  SMALL-BUSINESS COMPUTING

  By Amy Babinchak

  Here’s one never-changing rule for IT pros: Microsoft will always change the way that things get done.

  For example, in September, the company rolled out a new version of the Exchange admin center (EAC). This change and others mean that we’re forever working to keep our system/service settings and configurations up to date.

  A security staple for IT staff is preventing email from auto-forwarding off domains. Recently the transport rule that powered this function stopped working for two of my clients. It’s continued to work for others, but it’s probably just a matter of time before they run into this issue, too. So, my staff is off making changes — proactively.

  Read the full story in AskWoody Plus Newsletter 17.48.0 (2020-12-07).

  AskWoody Plus Newsletter, Small Business Computing AskWoody Plus Newsletter, Custom policies, Email auto-forwarding, Email security, Exchange admin center

• Business cyber insurance: A sea change

  Posted on November 15, 2020 at 21:00 CST by Tracey Capen • Comment in the Forums

  SMALL-BUSINESS COMPUTING

  By Amy Babinchak

  For IT businesses — and by extension, their clients — adapting to a rapidly shifting technology environment has been a challenge.

  Not the least of those changes is insuring for data-related privacy and security losses.

  Not that long ago, insuring my business was relatively simple. We were covered primarily for liability and errors/omissions. Today, the array of events covered by my policy is mind-boggling — much of it focused on data security and privacy.

  Read the full story in AskWoody Plus Newsletter 17.45.0 (2020-11-16).

  AskWoody Plus Newsletter, Small Business Computing AskWoody Plus Newsletter, Business insurance, IT changes, Privacy, Security

• Online presence: Currency, continuity, and commitment

  Posted on October 25, 2020 at 21:05 CDT by Will Fastie • Comment in the Forums

  Small-Business Websites

  By Will Fastie

  So your website is now up and open for business? That doesn’t mean you can just walk away.

  In previous installments of this series on small-business websites, I stressed the important basics of ensuring your site can be easily found. For example, in the September 21 article, “Web presence: Working with search engines,” I discussed understanding the Google search engine. What I didn’t mention was that search engines take into account a site’s age.

  In short, if your site isn’t considered current, its perceived value will drop, and it’ll fall lower in search-result lists.

  Read the full story in AskWoody Plus Newsletter 17.42.0 (2020-10-26).

  AskWoody Plus Newsletter, Small Business Computing AskWoody Plus Newsletter, Google searches, Web presence, Website content
• « Older Entries