Technology PSA

[imwjl]

We (IT) have been seeing a lot of users issues in past few weeks fixed in the latest Microsoft patching and yesterday's Apple mobile and desktop updates. You should run those for security in addition to the fixes.

The Windows 10 and Windows 11 fixes should have solved VPN issues but I see a few of our work from home staff still have the issue. If you still have L2TP VPN or connection issues run these commands via an administrator rights command prompt or PowerShell prompt. If you've upgraded to Windows 11 you might need to update your PowerShell version. If you do that choose the option to update it with Windows Update during the installation.

Windows 10
wusa /uninstall /kb:5009543

Windows 11
wusa /uninstall /kb:5009566

Don't listen to the crap from some to never update. There are a lot of active exploits. The tools we have show that, and the way we support nearly 1000 employees personal tech for HR and WFH has shown us (IT) the sort of trouble people can have.

The Apple updates seem to fix the sync issues some apps have been having. We have several dozen of Apple and Android mobile. One app using iCloud sync that was inconsistent seems to be fixed.

[Street Glider]

My head just exploded...

[imwjl]

Quote:

Originally Posted by Street Glider

My head just exploded...

Run the software updates available to the technology devices and programs you use. Stop using Windows 7 if that's the case.

Your head might explode same time stuff like your bank account could implode not doing that.

Beyond what we manage in the enterprise, we monitor guest networks that get around 300 - 900 people using them daily. In that we see more exploits going on lately. Exploits where the users probably don't know until too late.

A lot of people work from home these days. The commands to uninstall a recent problematic Windows Update might not apply to you but it applies to a lot of people and I can tell many are clueless to the fix.

On the whole it's a poor time to have and display willful ignorance with technology. The getting up to speed and in good shape is a sort of insurance.

Good luck!

[Chipotle]

Quote:

Originally Posted by imwjl

Run the software updates available to the technology devices and programs you use.

This is the tl;dr.

It's a very rare circumstance where you do not want to keep your systems updated, and in those cases you need to know why and what you are doing.

[tbeltrans]

Quote:

Originally Posted by imwjl

Run the software updates available to the technology devices and programs you use. Stop using Windows 7 if that's the case.

Your head might explode same time stuff like your bank account could implode not doing that.

Beyond what we manage in the enterprise, we monitor guest networks that get around 300 - 900 people using them daily. In that we see more exploits going on lately. Exploits where the users probably don't know until too late.

A lot of people work from home these days. The commands to uninstall a recent problematic Windows Update might not apply to you but it applies to a lot of people and I can tell many are clueless to the fix.

On the whole it's a poor time to have and display willful ignorance with technology. The getting up to speed and in good shape is a sort of insurance.

Good luck!

I am glad to finally read/hear somebody saying this. I read your posts with interest because you clearly know of what you speak.

Tony

[FLRon]

I always keep my devices updated and I appreciate you sharing your knowledge with the group.
One question I would like to ask is what antivirus software do you recommend for Win 10? Is Defender enough on it’s own?

[imwjl]

Quote:

Originally Posted by FLRon

I always keep my devices updated and I appreciate you sharing your knowledge with the group.
One question I would like to ask is what antivirus software do you recommend for Win 10? Is Defender enough on it’s own?

A very good and loaded question.

Part of my defense is using DNS and network based security. One's browsing habits and interests can get a lot of blocks that way. What used to be OpenDNS is Cisco Umbrella where they have a free version. The huge TALOS database a few products use has known bad addresses. That can mean you never reach them.

I do not use the router/AP units ISPs provide and like Ubiquiti Amplify for home use. Cisco products for larger spaces and budgets. Ubiquiti is an enterprise product maker who has an Amplifi line for home and small office. Their radio performance and patching is good. Their WiFi has band-steering some popular home stuff doesn't have. That lets you use older and newer WiFi devices at same time.

Defender is good but in recent times I tend towards a Bitdefender purchase for commercial home and small office and Bitdefender is a component in the tremendous Cisco AMP product. Cisco AMP is likely too expensive and complicated for personal users.

Once or twice a year I go to reviews of the endpoint protection software. There Bitdefender first stood out as a good Mac solution and I saw it is a component Cisco uses. It's been fast, not problematic and affordable.

You can't just depend on technology. You need to know about spoofed links and in email, spoofed addresses. Use web-base email client as your first defense. In a lot of cases that will let you delete malicious content and attachments without them sitting in a directory (folder) on your own computer.

Mac computers are not immune to security issues but they do have fewer. These days they have some performance and price characteristics that are untouchable by others via their "M" systems. Using a Mac laptop more has been a combo of speed, value and utility that adds some security advantages but you can't think it makes you immune to issues.

Windows users need to remember updating more than the OS. The system firmware and utilities will make a computer show up with vulnerabilities. Other devices are attack vectors.

Everyone should definitely do some training on the human elements - basics of not being spoofed and fooled.

[Dirk Hofman]

I didn’t realize people don’t run updates. I mean I get waiting on a new full version of any OS until you read about any issues associated with that version, but patch releases? Why is that a thing?

[FLRon]

Most definitely one needs to be vigilant in updating all of their systems components. As for email, I don’t open any email that I don’t know the sender or I’m not expecting. And I never open unsolicited attachments. Ever.
I am of the belief that technology is at its best when coupled with human due diligence, the more the better.

[Gitfiddlemann]

Quote:

Originally Posted by imwjl

A very good and loaded question.

Part of my defense is using DNS and network based security. One's browsing habits and interests can get a lot of blocks that way. What used to be OpenDNS is Cisco Umbrella where they have a free version. The huge TALOS database a few products use has known bad addresses. That can mean you never reach them.

I do not use the router/AP units ISPs provide and like Ubiquiti Amplify for home use. Cisco products for larger spaces and budgets. Ubiquiti is an enterprise product maker who has an Amplifi line for home and small office. Their radio performance and patching is good. Their WiFi has band-steering some popular home stuff doesn't have. That lets you use older and newer WiFi devices at same time.

Defender is good but in recent times I tend towards a Bitdefender purchase for commercial home and small office and Bitdefender is a component in the tremendous Cisco AMP product. Cisco AMP is likely too expensive and complicated for personal users.

Once or twice a year I go to reviews of the endpoint protection software. There Bitdefender first stood out as a good Mac solution and I saw it is a component Cisco uses. It's been fast, not problematic and affordable.

You can't just depend on technology. You need to know about spoofed links and in email, spoofed addresses. Use web-base email client as your first defense. In a lot of cases that will let you delete malicious content and attachments without them sitting in a directory (folder) on your own computer.

Mac computers are not immune to security issues but they do have fewer. These days they have some performance and price characteristics that are untouchable by others via their "M" systems. Using a Mac laptop more has been a combo of speed, value and utility that adds some security advantages but you can't think it makes you immune to issues.

Windows users need to remember updating more than the OS. The system firmware and utilities will make a computer show up with vulnerabilities. Other devices are attack vectors.

Everyone should definitely do some training on the human elements - basics of not being spoofed and fooled.

I emboldened that for you.
There are still so many people out there (like my neighbor) who sit at their computer thinking that their anti-virus software like Norton, McAffee etc...will protect them against all threats.
Bad actors prey upon that.
I have a Mac, and am super cautious, but a few years ago I still almost fell for what looked like a fully legitimate email from Apple in a moment of carelessness. What saved me was 2FA.
It was so well done. Scary.
I never felt the need for any kind of additional protection on my Mac devices, but have since installed Malwarebytes. It's never detected anything, but I think it's still worth the additional security.

[imwjl]

Quote:

Originally Posted by AndreF

I emboldened that for you.
There are still so many people out there (like my neighbor) who sit at their computer thinking that their anti-virus software like Norton, McAffee etc...will protect them against all threats.
Bad actors prey upon that.
I have a Mac, and am super cautious, but a few years ago I still almost fell for what looked like a fully legitimate email from Apple in a moment of carelessness. What saved me was 2FA.
It was so well done. Scary.
I never felt the need for any kind of additional protection on my Mac devices, but have since installed Malwarebytes. It's never detected anything, but I think it's still worth the additional security.

Thank you for pointing out MFA/2FA that is SO important. Here and elsewhere there have been complaints on Google and Apple requiring it but it makes very common compromises near impossible.

FWIW, it seems Bitdefender finds malicious files on a Mac better even though most are aimed to infect Windows. Of course another product can always get improved and be the new top dog.

I don't want suggestions here taken like a bible. Products we use in the enterprise and supporting staff at home often changes with time. The really important stuff has been highlighted by a few year - that human training, your patching, MFA/2FA etc....

A benefit to a good home router and firewall discussed is also superior WiFi performance.

[Street Glider]

Quote:

Originally Posted by imwjl

Run the software updates available to the technology devices and programs you use. Stop using Windows 7 if that's the case.

Your head might explode same time stuff like your bank account could implode not doing that.

Beyond what we manage in the enterprise, we monitor guest networks that get around 300 - 900 people using them daily. In that we see more exploits going on lately. Exploits where the users probably don't know until too late.

A lot of people work from home these days. The commands to uninstall a recent problematic Windows Update might not apply to you but it applies to a lot of people and I can tell many are clueless to the fix.

On the whole it's a poor time to have and display willful ignorance with technology. The getting up to speed and in good shape is a sort of insurance.

Good luck!

Huh.

I don't do much of any consequence on line. I don't do book keeping, taxes, banking or any of that stuff. If someone wants to hack into my AGF account, well, then I guess I'm screwed.

I have gotten pretty good at online backgammon, though...

[imwjl]

Quote:

Originally Posted by Street Glider

Huh.

I don't do much of any consequence on line. I don't do book keeping, taxes, banking or any of that stuff. If someone wants to hack into my AGF account, well, then I guess I'm screwed.

I have gotten pretty good at online backgammon, though...

Free online game sites are notorious attack vectors.

Many don't realize the exposure or risk they have. You may think you don't do much online but my guess is you have accounts like banks, cell phone, credit cards etc where someone could masquerade as you or set up an account as you. It's how many get robbed without knowing it.

The other thing that happens when you're daft to these precautions is the criminals just use your computer to attack someone else.