Teams of software experts have discovered a bug in both Intel and AMD processors that can allow malicious code access to confidential information.  Some patches are currently available, but not all aspects are fixable at the moment.  This issue is serious and effects Microsoft Windows, Apple MacOS and Linux as well as as mobile devices Apple iOS and Google ChromeBooks.  Basically anything with an Intel or AMD effected CPU. Keep up to date on your patches, Retire old Out of Service Operating systems.  Yes people are still using XP, 2003, etc. It’s time for them to go away finally.  No patches will come out for older OS making them just huge targets. Keep your OS and AV up to date or just ask us about RMM and WebRoot. Read more in the links below. https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/  

You may already have heard about this.  If not, read more below.  In Any event, get ready for some serious/critical patches in the near future. Adobe Flash has a significant number of Vulnerabilities so bottom line, if you don’t need it on your computer Don’t Install it or Uninstall it and you have one less source of stress.  Unless you are one of the fortunate (#Sarcasm) that needs it for some mission critical software you use.  In that case.  My heart felt condolences and contact us about keeping up to date.

Adobe is working on an emergency patch for its Flash Player after attackers are reportedly exploiting a critical flaw.

Source: Adobe to issue emergency patch for Flash vulnerability

I have experienced many woes with Windows Updates.  Including server updates corrupting systems.  This is not a good trend and rolling back the damage done by a failed server update often requires Repair or reinstallation of Windows.  NOT FUN! Remember this before you just click Ok on that windows server update.

Read about some of the more infamous failures below. 20 epic Microsoft Windows Automatic Update meltdowns | Network World.

I’ve had more than one complaint about the past Patch Tuesday.  One client had their server BSOD, a relative just had their system hang on updating do not shutdown (for 16+hrs) before I ignored and rebooted it. These issues could be tiny in comparison to the single bit change that allows Admin access.  Read more on Network World Below:

Researchers bypass protections on all Window versions.

Another flaw in the infamously buggy Internet Explorer (IE for short).  This one may let a hacker steal your credentials and more. This is no trivial thing and Microsoft is working hard to resolve it. It currently effects IE 11 on Windows 7 and 8.1 even with patches applied.  Use an alternate Browser until this is resolved (FireFox, Crome, Safari). Read More Below on ZDNet.

Universal XSS flaw in fully patched Microsoft Internet Explorer exposed | ZDNet.

Microsoft was notified over 90 days ago about a vulnerability that would allow a user with local credentials to elevate their rights to that of admin.  Google’s Project Zero policy is to give 90 day for the vendor to fix the issue then disclose it to the public.  Wether fixed or not.

I approve of this practice.  90 days is ample time for a fix.  The more time a system is vulnerable the more likely someone will exploit it.

So what do you think?  Should Google continue the practice of disclosure after 90 days or just wait until the vendor fixes it regardless of how long that takes?

Google posts Windows 8.1 vulnerability before Microsoft can patch it.

I just read the attached article and got to thinking. I would have to say that over the years MS has lost a lot.  I really like some of it’s products, but like this guy, 2014 has seen me give up most of what I used to do daily in the MS world. I write this on a 27″ iMac (one at the office and at home), my notebook a MacBook Pro, my tablet an iPad, my phone an iPhone 6.  All synced nicely via iCloud.  I do have Parallels and a Win7 image loaded.  But mostly just use the Terminal server from any of my Macs. No, I’m not an Apple fan boy.  I’m a consultant.  I like the technology not the brand.  I will tell you the things I like better on each platform.  But right now on a daily basis I spend most of my time on in the Apple environment.  I use a PC for QuickBooks and vSphere (a utility).  There is a Mac and a Cloud based of QB, but missing features of the PC version. Support wise, this year alone we have had at least 3 clients that MS just gave up on, or rather when MS could not solve the clients issues we chose other (non-MS) solutions that worked for them.  This is a bad practice even for a Giant like MS. Windows 8.x was a really bad move and I have not met another tech that actually likes it.  It seems like MS puts our a crap version to draw in some revenue then a better version.  It’s like watching a trilogy knowing that the really good one won’t be out till next summer.  lol Don’t get me wrong.  I have been a Microsoft partner for about 20 years and will continue to sell and support their products.  I’m just saying that there are many other options where this is concerned.  I am also an Apple Consultants Network Member.  😉 Anyway, the article below  made me think about how far I have moved away from a strictly MS environment over the years.  I wonder what the future will bring.

2014: The year Microsoft lost my loyalty | ZDNet.

This illustrates the importance of doing windows updates and keeping an up to date OS (XP is dead!) BUT… Even doing this, some things can still slip through the cracks.  Some for well over a decade!  Read more below. Microsoft fixes security flaw in Windows that existed for 19 years | Hack Read.

Do you manage your updates/patches?  Do you know if you are secure? If not you might want to contact us. Microsoft Patches 3 Critical vulnerabilities in Windows. But you definitely want to check out this article below.

Fixes for three zero-day vulnerabilities in Patch Tuesday update.

Finally listening to the people that complained about the missing start menu (Everyone), but possibly taking it a step farther.  This would be a welcome change.

Microsoft teases a classic Start Menu for Windows 8.1 with built-in Live Tiles.