microsoft

ComputerWorldIndependent

Microsoft Patch Alert: Welcome to the Upside Down

Credit to Author: Woody Leonhard| Date: Tue, 30 Jul 2019 09:33:00 -0700

This month, Microsoft Patch Land looks like a stranger Stranger Things Upside Down, where Security-only patches carry loads of telemetry, Visual Studio patches appear for the wrong versions… and we still can’t figure out how to keep the Win10 1903 upgrade demogorgon from swallowing established drivers.

As we end the month, we’ve seen the second “optional” monthly cumulative updates for all Win10 versions — the 1903 patch was released, pulled, then re-released — and fixes for Visual Studio’s transgressions. There’s a kludge for getting the Win10 1903 upgrade to work. And BlueKeep still looms like a gorging Mind Flayer.

Win7 Security-only patch brings telemetry

Those of you who have been dodging Windows 7 telemetry by using the monthly Security-only patches — a process I described as “Group B” three years ago — have reached the end of the road. The July 2019 Win7 “Security-only” patch, KB4507456, includes a full array of telemetry/snooping, uh, enhancements.

To read this article in full, please click here

Read More
MalwareBytesSecurity

Changing California’s privacy law: A snapshot at the support and opposition

Credit to Author: David Ruiz| Date: Thu, 25 Jul 2019 15:59:59 +0000

Before the California Senate returns from its summer recess, we look at the authors, supporters, opponents, and donors involved in an extended fight to change California’s privacy law, the California Consumer Privacy Act.

Categories:

Tags:

(Read more…)

The post Changing California’s privacy law: A snapshot at the support and opposition appeared first on Malwarebytes Labs.

Read More
ComputerWorldIndependent

New Windows 7 'security-only' update installs telemetry/snooping, uh, feature

Credit to Author: Woody Leonhard| Date: Thu, 11 Jul 2019 03:16:00 -0700

Back in October 2016, Microsoft divided the Win7 and 8.1 patching worlds into two parts.

Those who got their patches through Windows Update received so-called Monthly Rollups, which included security patches, bug fixes – and we frankly don’t know what else – rolled out in a cumulative stream.

The folks who were willing to download and manually install patches were also given the option of installing “security-only” patches, not cumulative; these were meant to address just the security holes.

To read this article in full, please click here

Read More
ComputerWorldIndependent

Microsoft Patch Alert: The Windows patching heavens buzz with silver bullets

Credit to Author: Woody Leonhard| Date: Mon, 01 Jul 2019 04:36:00 -0700

How many bugs could a WinPatcher patch, if a WinPatcher could patch bugs?

Ends up that June’s one of the buggiest patching months in recent memory – lots of pesky little critters, and the ones acknowledged by Microsoft led to even more patches later in the month.

In June, we saw eight single-purpose Windows patches whose sole mission is to fix bugs introduced in earlier Windows patches. I call them silver bullets – all they do is fix earlier screw-ups. If you install security patches only, these eight have to be installed manually to fix the bugs introduced earlier. It’s a congenital defect in the patching regimen – bugs introduced by security patches get fixed by non-security “optional” patches, while waiting for the next month’s cumulative updates to roll around.

To read this article in full, please click here

Read More
ComputerWorldIndependent

Microsoft beefs up OneDrive security

Credit to Author: Gregg Keizer| Date: Wed, 26 Jun 2019 11:49:00 -0700

Microsoft today announced changes to its OneDrive storage service that will let consumers protect some or even all of their cloud-stored documents with an additional layer of security.

The new feature – dubbed OneDrive Personal Vault – was trumpeted as a special protected partition of OneDrive where users could lock their “most sensitive and important files.” They would access that area only after a second step of identity verification, ranging from a fingerprint or face scan to a self-made PIN, a one-time code texted to the user’s smartphone or the use of the Microsoft Authenticator mobile app. (The process is often labeled as two-factor security to differentiate it from the username/password that typically secures an account.)

To read this article in full, please click here

Read More