Newsletter Archives

• Microsoft email zero day

  Posted on September 30, 2022 at 11:05 CDT by Susan Bradley • Comment in the Forums

  What is it?  Microsoft is investigating targeted attacks on their on premises Email servers.  Attackers have found a way into servers that are already fully patched.

  If we have online email with Microsoft, are we at risk?  No.

  Is this disturbing that EVERY time there is a zero day in Microsoft on premises email servers, Microsoft can conveniently scramble and get their online servers patched and meanwhile those that purchase on premises software are stuck holding the bag.

  If you are an Exchange admin and need help, pile on here

  (note I am sending this out as a defcon text alert but not an email alert)

  Follow the guidance in the MSRC post to protect your on premise email servers:

  The current mitigation is to add a blocking rule in “IIS Manager -> Default Web Site -> URL Rewrite -> Actions” to block the known attack patterns

  Note:

  If you don’t run Microsoft Exchange on premise, and don’t have Outlook Web App facing the internet, you are not impacted.

  MS-DEFCON AskWoody Alert, AskWoody Plus Alerts, Master Patch List, Patch Lady Posts

• MS-DEFCON 2: Printing issues, again

  Posted on August 4, 2022 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 19.31.1 • 2022-08-04

  

  By Susan Bradley

  This time we’re forewarned, and the problem probably won’t affect many.

  Here we go again. Month after month this year, updates have affected printing in some way, and the side effects have ranged from minor to major (such as printers being completely disabled).

  Fasten your seatbelts anyway, although chances are that many of us won’t notice this side effect at all. In fact, the security fix causing this side effect has actually been installed on our systems for over a year. Starting with the July and August updates, “hardening” is finally being enabled. Still, prudence demands raising the MS-DEFCON level to 2.

  Anyone can read the full MS-DEFCON Alert (19.31.1, 2022-08-04).

  AskWoody Plus Alert, MS-DEFCON AskWoody Plus Alerts, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, Print Spooler, Printing

• MS-DEFCON 4: July updates make some hot and bothered

  Posted on July 26, 2022 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 19.30.1 • 2022-07-26

  

  By Susan Bradley

  Access bugs ruin a quiet July, but we can still lower MS-DEFCON to 4.

  To any reader of this alert who is sweltering in a heat wave, my sincere condolences. I can slightly relate, as I’m having the normal July heat wave in my neck of the woods.

  The big difference is that my area of the country is used to this weather. Thus I’m inside an air-conditioned home, remotely accessing office workstations and servers to perform the monthly maintenance tasks while some of you are … well … just really hot and really uncomfortable. Fortunately for us, this month’s Windows and Office updates were mostly well behaved.

  Anyone can read the full MS-DEFCON Alert (19.30.1, 2022-07-25).

  AskWoody Plus Alert, MS-DEFCON AskWoody Plus Alerts, AskWoody Plus Newsletter, MS-DEFCON, MS-DEFCON 4, Patch Lady Posts, Print Spooler

• MS-DEFCON 2: Pause to review

  Posted on July 7, 2022 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 19.27.1 • 2022-07-07

  

  By Susan Bradley

  We’re halfway through the patching year.

  It seems like just yesterday when I lowered the MS-DEFCON level to allow a cautious breather so we could apply critical patches. Oh, wait — that’s right, it was just last week.

  In June, Patch Tuesday fell on the latest day of the month possible: the 14th. It takes all of us patch watchers a little bit of time to assess the safety of the last round of updates — and before you know it, the next Tuesday is upon us. So after little more than a week, it’s time to pause updates again. Accordingly, I am raising the MS-DEFCON level to 2.

  Anyone can read the full MS-DEFCON Alert (19.27.1, 2022-07-07).

  AskWoody Plus Alert, MS-DEFCON AskWoody Plus Alerts, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts

• MS-DEFCON 2: Zero days unpatched

  Posted on June 9, 2022 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 19.23.1 • 2022-06-09

  

  By Susan Bradley

  Once again, we are faced with several zero days that are plaguing Office and Windows.

  Accordingly, I am raising the MS-DEFCON alert level to 2.

  At this time, the vulnerabilities are being used in targeted attacks and ones that are more probing in nature (probes test the ability of the attack to get in but don’t take action). So far, we have not seen widespread attacks, but there are some ways you can proactively protect yourself.

  Anyone can read the full MS-DEFCON Alert (19.23.1, 2022-06-09).

  AskWoody Plus Alert, MS-DEFCON AskWoody Plus Alerts, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts

• MS-DEFCON 2: 2004 is out of support

  Posted on May 5, 2022 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 19.18.1 • 2022-05-05

  

  By Susan Bradley

  Check your Windows version, then update accordingly.

  I regularly come across PCs that are running old, out-of-support versions of Windows because they aren’t on the Web long enough to be “serviced” by Windows Update. For example, there are two Surface laptops in my office that are used by people on cellular connections. As a result of sporadic use, they never get a feature update.

  Just the other day, I realized they were running Windows 10 2004 and thus no longer were getting security updates, a serious matter.

  Anyone can read the full MS-DEFCON Alert (19.18.1, 2022-05-05).

  AskWoody Plus Alert AskWoody Plus Alerts, AskWoody Plus Newsletter, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts

• MS-DEFCON 2: Deferring April

  Posted on April 7, 2022 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 19.14.2 • 2022-04-07

  

  By Susan Bradley

  Don’t let April showers rain on your PCs.

  I love April. It’s the end of the busy tax season at the office, and it’s spring where I live — the tulips are in bloom. But what I don’t love is updates disrupting my business before the end of the busy season. So I urge you to do what I do at the office: defer those updates.

  Anyone can read the full Plus Alert (19.14.2, 2022-04-07).

  AskWoody Plus Alert, MS-DEFCON AskWoody Plus Alerts, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts

• MS-DEFCON 5: A very quiet February

  Posted on February 22, 2022 at 02:45 CST by Susan Bradley • Comment in the Forums

  

  ISSUE 19.08.1 • 2022-02-22

  

  By Susan Bradley

  For the first time in an extremely long time, this month of patching has been so quiet that I’m changing the patching status to the magical level of 5.

  All’s clear. Patch while it’s safe!

  Don’t blink, because it may not happen again. There are so few issues that it feels too quiet, like the calm before the storm. The only thing I’m tracking is a few reports on issues with the 2012 R2 print server, because it broke printing on DataMax label and badge printers. However, I’m not tracking any issues with standalone printers.

  Anyone can read the full AskWoody Plus Alert 19.08.1 (2022-02-22).

  AskWoody Plus Alert AskWoody Plus Alerts, MS-DEFCON, MS-DEFCON 5, Patch Lady Posts
• « Older Entries