Newsletter Archives

• MS-DEFCON 4: Holiday patching

  Posted on November 26, 2024 at 02:45 CST by Susan Bradley • Comment in the Forums

  

  ISSUE 21.48.1 • 2024-11-26

  

  By Susan Bradley

  Thanksgiving in America is a mere two days away. I often use the holiday to multitask while the turkey is roasting.

  One task for you is applying updates. I’m lowering the MS-DEFCON level to 4; other than my recommendation to avoid Windows 11 24H2 for now, patching should be safe.

  Thanksgiving signals the approaching end of year. For both home and office, it’s a great time to reflect on the challenges of the past year and develop a technology plan for the upcoming year. In my case, I’ll be looking at retiring some devices that I no longer need or use, upgrading some existing equipment, replacing aging devices with new ones, and looking for simplifications wherever I can find them.

  Anyone can read the full MS-DEFCON Alert (21.48.1, 2024-11-26).

  AskWoody Plus Alert, MS-DEFCON Alerts, Copilot+ PCs, CVE-2024-44308, CVE-2024-44309, Email, iOS, KB5046613, KB5046633, KB5046714, macOS Sequoia, MS-DEFCON, MS-DEFCON 4, Outlook (new), Patch Lady Posts, Recall, Windows Server 2022

• MS-DEFCON 2: ESU plans announced for Windows 10

  Posted on November 7, 2024 at 02:45 CST by Susan Bradley • Comment in the Forums

  

  ISSUE 21.45.1 • 2024-11-07

  

  By Susan Bradley

  In the midst of Microsoft’s pushing Windows 11 24H2 and updates for Windows 10, caution is in order.

  As a result, I’m raising the MS-DEFCON level to 2. Keep 24H2 at bay, and give me a few weeks to understand and fully vet next week’s updates.

  We’ve known for some time that Extended Security Update (ESU) plans would be offered for Windows 10 in October 2025, when regular support ends. What we did not know until recently was the cost for consumers. Last week, on Halloween, Microsoft gave us a treat by announcing a price of $30 for one year. Exact details about obtaining these ESU plans will be disclosed later next year.

  Anyone can read the full MS-DEFCON Alert (21.45.1, 2024-11-07).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38094, iOS 18, KB5002606, KB5002615, KB5002618, macOS Sequoia, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, Windows 10, Windows 10 ESU, Windows 11 24H2, Windows Server 2025

• MS-DEFCON 4: 24H2 is a work in progress

  Posted on October 22, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.43.1 • 2024-10-22

  

  By Susan Bradley

  Every month, I look back at the issues and oddities I’ve been tracking to see whether they are merely corner cases or something more widespread.

  One thing is certain: I am not recommending the installation of Windows 11 24H2 now, especially for consumers and small businesses. I am testing and evaluating the release, and I will continue to keep you informed about bugs and problems. For everything else, I’m lowering the MS-DEFCON level to 4.

  Anyone can read the full MS-DEFCON Alert (21.43.1, 2024-10-22).

  AskWoody Plus Alert, MS-DEFCON Alerts, Always On VPN, KB5043950, MS-DEFCON, MS-DEFCON 4, Outlook (classic), Outlook (new), Patch Lady Posts, SSDs, Windows 11 24H2

• MS-DEFCON 2: Windows 11 24H2 is out!

  Posted on October 1, 2024 at 20:03 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.40.1 • 2024-10-01

  

  By Susan Bradley

  It’s not that 24H2 was unexpected — but we had very, very little notice.

  You won’t be surprised by this advice: Don’t take the 24H2 update just yet. Nobody has had time to react to today’s announcement — much less examine the changes, check out the new features, and assess the effects of the update on existing systems.

  I considered raising the MS-DEFCON level to 1 because of the suddenness of the news, but 24H2 is not exactly an emergency. So I’m raising the level to 2. I recommend that you use your preferred delaying tactic to prevent 24H2’s installation until we’ve gone through our testing and you reach your own comfort level. As usual, I suggest Steve Gibson’s easy InControl app.

  Anyone can read the full MS-DEFCON Alert (21.40.1, 2024-10-01).

  AskWoody Plus Alert, MS-DEFCON Alerts, KB5042207, KB5042209, KB5042211, KB5042214, KB5042215, KB5042217, KB5042749, KB5043145, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, Windows 11 24H2

• MS-DEFCON 4: Dual-boot computers now safe to patch

  Posted on September 24, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.39.1 • 2024-09-24

  

  By Susan Bradley

  In the August updates, Microsoft introduced a bug that impacted Windows users who dual-booted into Windows and Linux.

  At first it was thought the bug had not been fixed in the September updates, but upon further investigation, I learned that it had been addressed. Because it is now fixed, I find no reason to delay updates further and am therefore lowering the MS-DEFCON level to 4.

  Anyone can read the full MS-DEFCON Alert (21.39.1, 2024-09-24).

  AskWoody Plus Alert, MS-DEFCON Alerts, Dual Boot, Intune, iOS 17, iOS 18, KB5043064, KB5043076, MS-DEFCON, MS-DEFCON 4, Patch Lady Posts, Repair Install, Windows Autopatch, WSUS, WSUS Automated Maintenance

• MS-DEFCON 2: 24H2 is around the corner

  Posted on September 5, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.36.1 • 2024-09-05

  

  By Susan Bradley

  I can always tell when fall is in the air.

  No, it’s not a decrease in temperatures — we’re still very hot here in Central California. No, it’s not that pumpkin-spice aroma around coffee shops.

  It’s the technology headlines about imminent updates from Redmond and Cupertino. Naturally, that means I’m raising the MS-DEFCON level to 2. Here are a few things you should consider.

  Anyone can read the full MS-DEFCON Alert (21.36.1, 2024-09-05).

  AskWoody Plus Alert, MS-DEFCON Alerts, Apple, CVE-2024-26248, CVE-2024-29056, InControl, KB5014754, KB5025885, KB5037754, MS-DEFCON, MS-DEFCON 2, Patch Lady Posts, RSA, TLS, Windows 11 23H2, Windows 11 24H2

• MS-DEFCON 4: Side effects for dual booters

  Posted on August 27, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.35.1 • 2024-08-27

  

  By Susan Bradley

  Secure Boot is causing — once again — side effects for Windows patchers.

  The August updates are triggering issues for those who dual-boot into Linux. Because this is unlikely to affect very many users, and because the IPv6 bug I alerted you to ten days ago is now well understood, I feel that lowering the MS-DEFCON level to 4 is safe.

  That assumes you do not ignore the IPv6 matter.

  Anyone can read the full MS-DEFCON Alert (21.35.1, 2024-08-27).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38063, KB5041578, KB5041580, KB5041585, MS-DEFCON, MS-DEFCON 4, Patch Lady Posts, Secure Boot, Server 2019

• MS-DEFCON 3: Blocking a potential wormable event

  Posted on August 16, 2024 at 21:22 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.33.1 • 2024-08-16

  

  By Susan Bradley

  It’s been a long time since we’ve had a Microsoft worm event.

  Last week’s patches contained a fix for the Windows TCP/IP Remote Code Execution Vulnerability identified as CVE-2024-38063. This one affects all supported Windows versions and extends back to Windows 7 and Windows 8, including older servers.

  This CVE has a very high danger rating. Because of that, I am lowering the MS-DEFCON level earlier than I normally would, setting it to 3. That sounds backward, but this advisory is conditional, based upon the type of user you are and how you decide to deal with the update.

  Although the danger is real, I believe the risk is somewhat less. In this alert, I’ll explain why.

  Anyone can read the full MS-DEFCON Alert (21.33.1, 2024-08-16).

  AskWoody Plus Alert, MS-DEFCON Alerts, CVE-2024-38063, IPv6, MS-DEFCON, MS-DEFCON 3, Patch Lady Posts, Windows, Windows Server, wormable
• « Older Entries

  Newer Entries »