Computerworld Security
How IT can keep remote workers’ Windows 7 PCs safe
Tue, 22 Sep 2020 03:00:00 -0700

In the time of COVID-19, with so many people working from home, it’s inevitable that many will be using Windows 7 devices. And that’s a big security problem for IT. As of January 2020, Windows 7 is no longer supported by Microsoft. That means no security patches — particularly dangerous at a time when many people are connecting to enterprise networks from their Windows 7 PCs.

It adds up to one of the biggest security risks many companies have seen for some time. Unpatched systems can be more easily hacked than ones that regularly receive security patches. Hackers go after low-hanging fruit — and right now Windows 7 is the lowest fruit there is. As the FBI stated in an August 2020 warning to businesses:

To read this article in full, please click here

Why you need Apple support to secure the C-suite
Thu, 17 Sep 2020 06:27:00 -0700

I get it. You’re one of those enterprises that doesn’t (yet) support Apple products among employees, but does that moratorium extend to the C-suite? I’m willing to bet it does not, and that’s why even Windows-only IT shops must learn how to secure Apple’s products.

Ignore the fantasy, this is reality

The reality is that Apple’s products are popular at work. And while there are many businesses that don’t officially support them, one section of civil society that pretty much always does their own thing no matter what are the boys and girls in the C-suite. I can still recall the number of CFOs I spoke with early on in the iPad days who were deeply interested in trying the Apple tablet. Many did. At a time when no one else could.

To read this article in full, please click here

Windows 10 upgrades are rarely useful, say IT admins
Thu, 17 Sep 2020 03:00:00 -0700

A majority of IT administrators polled this summer said that the twice-a-year Windows 10 feature upgrades are not useful – or rarely so – a stunning stance considering how much effort Microsoft puts into building the updates.

About 58% of nearly 500 business professionals who are responsible for servicing Windows at their workplaces said that Windows 10 feature upgrades – two annually, one each in the spring and fall – were either not useful (24%) or rarely useful (34%).

Only 20% contended that the upgrades were useful in some fashion, while a slightly larger chunk – 22% – choose a noncommittal neutral as a response, claiming that the operating system's updates were neither useful nor not useful. (It might be best to consider this answer as undecided since in this binary world if something is not not useful, that must mean it is useful.)

To read this article in full, please click here

How COVID-19 has changed IT’s focus and plans for 2021
Tue, 15 Sep 2020 07:00:00 -0700

The COVID-19 pandemic – and the lockdowns that followed last spring – wrought changes across IT operations and strategy as businesses and employees adjusted to a new environment. But what changes were made, and which ones are likely to last?

Spiceworks Ziff Davis, a B2B tech marketplace, polled 1,073 IT buyers in North America and Europe in June and July 2020 to find out. The results in its 2021 State of IT report, released today, show that the pandemic-fueled transformation will continue, affecting both planning and budgets for the long term.

The survey shows that 76% of businesses envision long-term IT changes, with more than half planning to retain flexible work policies (such as remote work); 64% of companies enabled remote work in 2020 due to the pandemic.

To read this article in full, please click here

Why you need Apple support to secure the C-suite
Thu, 17 Sep 2020 06:27:00 -0700

I get it. You’re one of those enterprises that doesn’t (yet) support Apple products among employees, but does that moratorium extend to the C-suite? I’m willing to bet it does not, and that’s why even Windows-only IT shops must learn how to secure Apple’s products.

Ignore the fantasy, this is reality

The reality is that Apple’s products are popular at work. And while there are many businesses that don’t officially support them, one section of civil society that pretty much always does their own thing no matter what are the boys and girls in the C-suite. I can still recall the number of CFOs I spoke with early on in the iPad days who were deeply interested in trying the Apple tablet. Many did. At a time when no one else could.

To read this article in full, please click here

Windows 10 upgrades are rarely useful, say IT admins
Thu, 17 Sep 2020 03:00:00 -0700

A majority of IT administrators polled this summer said that the twice-a-year Windows 10 feature upgrades are not useful – or rarely so – a stunning stance considering how much effort Microsoft puts into building the updates.

About 58% of nearly 500 business professionals who are responsible for servicing Windows at their workplaces said that Windows 10 feature upgrades – two annually, one each in the spring and fall – were either not useful (24%) or rarely useful (34%).

Only 20% contended that the upgrades were useful in some fashion, while a slightly larger chunk – 22% – choose a noncommittal neutral as a response, claiming that the operating system's updates were neither useful nor not useful. (It might be best to consider this answer as undecided since in this binary world if something is not not useful, that must mean it is useful.)

To read this article in full, please click here

How COVID-19 has changed IT’s focus and plans for 2021
Tue, 15 Sep 2020 07:00:00 -0700

The COVID-19 pandemic – and the lockdowns that followed last spring – wrought changes across IT operations and strategy as businesses and employees adjusted to a new environment. But what changes were made, and which ones are likely to last?

Spiceworks Ziff Davis, a B2B tech marketplace, polled 1,073 IT buyers in North America and Europe in June and July 2020 to find out. The results in its 2021 State of IT report, released today, show that the pandemic-fueled transformation will continue, affecting both planning and budgets for the long term.

The survey shows that 76% of businesses envision long-term IT changes, with more than half planning to retain flexible work policies (such as remote work); 64% of companies enabled remote work in 2020 due to the pandemic.

To read this article in full, please click here

A fat Windows Update for September's Patch Tuesday
Fri, 11 Sep 2020 10:50:00 -0700

Microsoft has released 129 updates to its Windows ecosystem, but the good news  this month is that we are not responding to any zero-days or publicly reported vulnerabilities. Microsoft appears to be getting serious about removing Adobe Flash Player (a good thing) and we see a very broad update to Windows desktops and servers. Unusually, Microsoft’s browsers are not a huge focus this month, and both the Microsoft Office (excluding SharePoint) and development platform have received only a few, lower profile patches.

We have included a helpful infographic, which this month looks a little lopsided as all of the attention should be on Windows components.

To read this article in full, please click here

Beaucoup bugs beset this month’s Windows patches
Thu, 10 Sep 2020 06:42:00 -0700

Someday, you’ll tell your grandkids about the halcyon days of July and August 2020, when Microsoft took pity on us poor patching souls and introduced few bugs in its stew of Patch Tuesday patches.

Now, it looks like we’re well on our way to another mess.

Although it’s still too early to throw up your hands and peremptorily pass on the September crop, I assure you that there is no joy in Patchville.

To read this article in full, please click here

Microsoft puts Application Guard for Office into public preview
Wed, 09 Sep 2020 13:34:00 -0700

Microsoft has launched a public preview of "Microsoft Defender Application Guard for Office," a defensive technology that quarantines untrusted Office documents so that attack code carried by malicious files can't reach the operating system or its applications.

On Monday, a senior cybersecurity engineer with the Redmond, Wash. company explained how Application Guard for Office worked and more importantly, walked customers through its operation – something that existing documentation omitted when the public preview was launched late last month.

"Microsoft Office will open files from potentially unsafe locations in Microsoft Defender Application Guard, a secure container, that is isolated from the device through hardware-based virtualization," John Barbare wrote in a post to a Microsoft blog. "When Microsoft Office opens files in Microsoft Defender Application Guard, a user can then securely read, edit, print, and save the files without having to re-open files outside of the container."

To read this article in full, please click here

Yes, you can install the August Windows and Office patches now
Fri, 04 Sep 2020 09:04:00 -0700
Apple strengthens commitment to human rights with new policy
Fri, 04 Sep 2020 05:42:00 -0700

Apple has once again responded to critics with the publication of a human rights policy it says commits the company to “freedom of information and expression.”

Freedom of expression

“At Apple, we are optimistic about technology’s awesome potential for good,” says CEO Tim Cook. “But we know that it won’t happen on its own. Every day, we work to infuse the devices we make with the humanity that makes us.”

However, the document also points out that Apple is required to obey the law.

To read this article in full, please click here

Microsoft Patch Alert: August 2020
Mon, 31 Aug 2020 17:23:00 -0700

With Windows 10 2004 gradually creeping (I use the term intentionally) onto more machines, faults and foibles are coming out of the woodwork. It looks like a fix for the long-lamented version 2004 defrag bugs is on the way, but we aren’t there yet. Lenovo isn’t too happy with the August version 2004 cumulative update. It’s still too early to move to 2004, in my opinion — and those problems ensure I’ll keep 2004 off my machines for a while.

Meanwhile, Microsoft extended the end of support date for Win10 version 1803 — a move that’ll interest exactly nobody except for admins with aging Win10 machines. Windows 8.1 patchers got left out in the Remote Access cold for a week. The .NET security updates have an odd, acknowledged bug with a manual registry workaround.

To read this article in full, please click here

TikTok sues the Trump administration, responding to potential U.S. ban
Thu, 27 Aug 2020 06:45:00 -0700
TikTok, the popular short form video app, has filed a lawsuit against the U.S. government, calling the potential U.S. ban an extreme action. At first glance, this lawsuit may mirror another one filed by a different tech company, Huawei. While both Huawei and ByteDance, the owner of TikTok, are Chinese tech companies, the proposed U.S. bans of each of these companies are different. Juliet breaks down why TikTok may fare better in the face of a potential ban than Huawei. More on TikTok’s alleged security threats: https://youtu.be/LzeIOH2U8-8 Check out my latest video about the Huawei ban: https://youtu.be/bDXc7xeS5OE Sources-- https://www.nytimes.com/2020/08/24/technology/tiktok-sues-trump-administration.html https://newsroom.tiktok.com/en-us/tiktok-files-lawsuit Follow Juliet on Twitter: https://twitter.com/julietbeauchamp
Microsoft adds 6 months support to Windows 10 1803, again cites pandemic
Wed, 26 Aug 2020 14:10:00 -0700

Microsoft on Wednesday stretched support for a third version of Windows 10, again citing the coronavirus pandemic and its impact on business.

The Redmond, Wash. developer extended security support for Windows 10 Enterprise 1803 and Windows 10 Education 1803 by six months, to May 11, 2021. The original end-of-support date was to be Nov. 10.

"We have heard your feedback and understand your need to focus on business continuity in the midst of the global pandemic," Chris Morrissey, who leads the communications team for Windows' servicing group, wrote in a post to a company blog. "As a result, we have decided to delay the scheduled end-of-service date for the Enterprise, Education, and IoT Enterprise editions of Windows 10, version 1803."

To read this article in full, please click here

Did Microsoft just solve a big business iPad problem
Fri, 21 Aug 2020 03:00:00 -0700
One of the most disappointing things about iOS devices as business devices, and one of the things that keeps the iPad from being a true computing solution, is that there is no support for multiple-user accounts. An unlikely ally is determined to solve the problem for Apple. A future version of Microsoft Authenticator will allow for a multi-user iPad experience.
Google to trial drastically truncated URLs in Chrome in anti-phishing move
Thu, 20 Aug 2020 04:33:00 -0700

Google will run a trial with Chrome 86, the browser set to release in October, that will hide much of a site's URL as a way to foil phishing attacks.

"We're ... going to experiment with how URLs are shown in the address bar on desktop platforms," Emily Stark, Eric Mill and Shweta Panditrao, all members of Chrome's security team, wrote in an Aug. 12 post to a company blog. "Our goal is to understand -- through real-world usage -- whether showing URLs this way helps users realize they're visiting a malicious website, and protects them from phishing and social engineering attacks."

To read this article in full, please click here

Xcode becomes vector for new Mac malware attack
Mon, 17 Aug 2020 07:39:00 -0700

Trend Micro has identified an insidious new form of Mac malware that is propagated by injecting itself into Xcode projects before they are compiled as apps.

So good they tried it twice

We’ve seen a similar attack before. The so-called "XCode Ghost" was a malware-infested version of Apple’s developer environment that was distributed outside of Apple’s channels. Apps built using the software were preinstalled with malware.

To read this article in full, please click here

A zero-day and testing of key printing features will drive August Windows updates
Fri, 14 Aug 2020 10:49:00 -0700

Though a DNS spoofing vulnerability in Windows (CVE-2020-1464) has been rated as a zero-day due to reports of exploitation in the wild, the focus for this month’s updates should be on testing key Windows features prior to deployment. Primarily, printing and back-up scenarios will require your attention. You will also need to work with multiple and potentially overlapping updates to Window and the .NET development platform and, in some cases, Windows Store updates to your application portfolio.

Given the number and nature of changes we have seen in the update testing cycle during the past month, we advise a “Patch Now” approach to Windows 10, but with an extended test cycle on printing and more attention to the Windows 8.x platforms.

To read this article in full, please click here

Managing Windows 7 security risks
Thu, 13 Aug 2020 03:00:00 -0700
We’ve heard security experts warn that remote employees working on personal devices running old operating systems, like Windows 7, pose a huge security risk to enterprises. With some work from home regulations extending into 2021, IT teams will continue to manage employee devices and mitigate security risks remotely. Computerworld contributing editor and Windows expert Preston Gralla joins Juliet to discuss why Windows 7 is a security risk and what IT teams can do to manage that risk as employees continue to work off of unsecure personal and company devices.

rssfeedwidget.com