remote-support

Home

Digitalwelcomemat industry news, PC hints, IT tips and more

Microsoft won't release Windows 11 non-security updates...

4sysops is reporting that Microsoft won't release Windows 11 non-security updates until 2025

Microsoft has announced that there will be no non-security updates for Windows 11 in December due to the holiday season, focusing only on security fixes. Normal servicing, including both security and non-security updates, will resume in January 2025. This decision aligns with past practices where Microsoft reduces operations during the holidays. Additionally, a recent error message regarding "end of service" was identified as a bug linked to the KB5046633 security update, which Microsoft acknowledged. Improvements were made in the November update for Task Manager and connectivity issues in the 24H2 version, alongside support for Windows 11 23H2 until November 2025.

(Which means less to break in December, Rex)

  18 Hits
  0 Comments
18 Hits
0 Comments

'New version of Outlook', no thanks

If your using Microsoft Outlook, (i.e. the ~$250 value product that comes with Microsoft office) and you get an option to 'Try the new Outlook' I strongly suggest you don't do that, if you do you you will possibly lose a LOT of functionality and go from the business grade $250 value product to essentially the free web based version that everyone with a Hotmail or outlook.com email account gets for free. A lot of features will disappear including Outlook add-in utility's and any secondary emails you may have setup. 

You can see more detail here on this email from a Microsoft outlook add-in developer.

  2299 Hits
  0 Comments
2299 Hits
0 Comments

Phishing "review document" scam email

A number of people have reported receiving a "review document" email.

This email looks like a scam from my perspective and several organisations are reporting that this is the case. (Example https://us.norton.com/blog/online-scams/docusign-phishing-scams)

Don't click on the links in this email, just delete it

  2221 Hits
  0 Comments
2221 Hits
0 Comments

Office 2013 no longer 'supported' by Microsoft

Microsoft Office 2013 has moved out of being officially supported this month. That means no more security updates and eventually, Outlook will stop working with office 365 at some point (no indication of when that will be). 

If your still running Office 2013 (or older) you need to make a plan to move to a supported version for security sake at least.

Office 2016 is no longer supported after October 2025

  2439 Hits
  0 Comments
2439 Hits
0 Comments

 LastPass Data Breach

People who know about these things are getting a bit worried about the LastPass data breach. If you use LastPass you need to evaluate what action to take.

Late last year a hacker broke into LastPass and stole their entire data vault, that included all your logons and passwords if you use LastPass (or even have an old account that you don't use anymore).

LastPass say that they, and consequently the hackers, don't have access to your logon data because its encrypted and protected by the master password that only you know. They have advised that it would take 'millions of years' to crack open the vaults and get access to your data.

However, as time has gone on, we have been hearing that there are caveats to this and it depends on the length of the master password and some of the default settings that you had setup in LastPass, some of those settings have changed their defaults over time so If you have an older account, you may have less protection. The end result of that is that some online security sites are saying in reference to the 'millions of years' claim that in actuality "it may be a lot less than that!"

Advice is extremely varied about what to do, here are some examples:

  • LastPass are saying 'millions of years' to crack open, assuming you have a 12 digit complex password, your PBKDF2 iterations is set to 100,100 or more and [OBVIOUSLY] you never reuse your master password on other websites
  • Almost all are saying change the LastPass master vault password
  • Some are saying change all your passwords for any accounts that are stored in LastPass and change the LastPass master vault password
  • Some are saying dump LastPass altogether and move to another password manager, plus changing all your passwords as above


Whatever action you decide on, do it soon as the clock is ticking if the hackers are trying to brute force crack the data. Some sites are reporting that LastPass have been very coy about the details including when the data was even stolen and as such how long the hackers may have been working on the data, and some say that general communication about the whole event has been poor which brings about a loss of confidence in the service.

The LastPass notice:
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

Some other sites information:
https://www.wired.com/story/lastpass-breach-vaults-password-managers/

https://www.bostonglobe.com/2023/01/09/business/lastpass-security-breach-was-worse-than-youve-heard-heres-what-do/

https://blog.1password.com/not-in-a-million-years/

Finally, almost all security experts still recommend a password manager for managing your passwords. The general consensus is that having strong complex passwords for all your sites and services that you don't have to remember, all stored within a very secure service, protected by a single unique, strong password still provides the best protection compared to the alternatives.

This blog post has been provided for the benefit of digitalwelcomemat IT customers. Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.

  2620 Hits
  0 Comments
2620 Hits
0 Comments

New .au domain names and advice from ACSC

ACSC (Australian [Government] cyber security centre) are recommending that all business purchase their equivalent domain name to prevent "...to help protect your business from opportunistic cybercriminals" before 20 September 2022.

To help protect your business from opportunistic cybercriminals, the Australian Cyber Security Centre (ACSC) recommends that all Australian businesses with existing domain names register their .au equivalents before 20 September 2022. If a business does not reserve their .au equivalent direct domain name during this six-month period, that name will become available to the public on a first come, first served basis. 

https://www.cyber.gov.au/acsc/view-all-content/alerts/new-domain-name-changes-could-leave-your-business-or-organisation-risk

  3249 Hits
  0 Comments
3249 Hits
0 Comments

Pre-order for new .au domains now open

Digital pacific is reporting that the pre-order process for new .au domains now open now go here: https://digitalpacificdomains.com.au for details.

If you have reallylongdomainname.com.au this may be your opportunity to purchase imshort.au instead or to secure your business identity and reputation by purchasing mydomainname.au as well as your existing mydomainname.com.au (before your competitors do) I don't know what the allocation process is but I strongly suggest you act quickly if your interested.

  3088 Hits
  0 Comments
3088 Hits
0 Comments

Older Office apps accessing 365 services

In the continuing saga of older "perpetual license" MS office apps accessing Microsoft 365 services here is a good article:

https://www.computerworld.com/article/3569435/microsoft-points-to-october-end-of-support-for-older-office-apps-accessing-365-services.html

Some points from the article:

"Microsoft has long played with the support of Office applications connecting to Office 365 services. Three years ago, the company said that perpetual-license versions of Office would be able to connect to Microsoft's cloud-based services only during the first half of their 10-year support lifecycle. It set Oct. 13, 2020 as the date when the new policy would take effect."....

......Mcrosoft softened the blow considerably. "We won't take any active measures to block other versions of the Office client, such as Office 2013, from connecting to Office 365 services, but these older clients may encounter performance or reliability issues over time," the Redmond, Wash. developer stated in the support document."

  3263 Hits
  0 Comments
3263 Hits
0 Comments

Office 64 bit version

MS is pushing Office *64 bit* version as the default install now for office 365 installs and its creating havoc with many customers. A major software update is meant to be carefully planned and not just forced on us by Microsoft.. 

If you are looking for maximum compatibility install the 32 bit version of Office (regardless of your Windows version) details here https://digitalwelcomemat.com/index.php/how-to-guides/51-how-to-install-microsoft-office-from-the-web-office-365-version


  4842 Hits
  0 Comments
4842 Hits
0 Comments

"Microsoft is readying multi-session support for Windows 10"

 Tech journalists have been reporting in the last few days that:

"Microsoft is readying multi-session support for Windows 10 [for remote desktop/remote access]
Microsoft looks poised to add a new Multi Session option to Windows 10, likely this fall, which will allow IT to provide multiple users with remote access to desktops/apps without relying on Windows Server [for that role]…"

http://www.zdnet.com/article/microsoft-is-readying-multi-session-support-for-windows-10/

More information as it comes to hand later in the year, at the end of the day its really all about the total licensing cost so we will have to see if there is any real change for business.

  5566 Hits
  0 Comments
5566 Hits
0 Comments

Migrate to the NBN then... snip

Take away message: Find out when your traditional phone services are being cut off due to the NBN and take some action well before then.

NBN Co which is (from my understanding) the new owner of the Australian cabling network that once was owned by Telstra have been saying as follows since the rollout of NBN has begun:

"Homes and business have 18 months to migrate to the NBN once it is available to them, after which traditional copper and cable services in the area are severed — cutting off fixed-line phone and internet access."
https://www.nbnco.com.au/learn-about-the-nbn/device-compatibility/services-that-will-be-switched-off.html

You can check your address here (https://www.nbnco.com.au/connect-home.html) and you may see advice similar to as follows:
"The disconnection process for the old phone and internet network in this area is scheduled to begin on July 2018"

You can also find additional information about timing via the Telstra wholesale website which has some downloadable spreadsheets searchable by suburb.
https://www.telstrawholesale.com.au/nbn/nbn-rollout-schedule.html

For some information on what will be turned off the following web sites list services that will be cut of or need to be considered:
https://www.acma.gov.au/Citizen/Phones/Landlines/The-NBN-and-you/phone-and-internet-disconnection-schedule
https://www.finder.com.au/nbn-copper-cut-off

What will be turned off?

  • Home/business PSTN landline phone services
  • All ADSL, ADSL2 and ADSL2+ Internet services from all providers
  • Telstra BigPond cable Internet services
  • Optus cable Internet and cable phone services


"As well as phone and Internet, it's important to consider other services running off the old copper-based network that will be affected after the switch-off date. These include:"

  • Medical alarms, auto diallers or emergency call buttons
  • Security alarms
  • EFTPOS or health-claim terminals
  • Monitored fire alarms
  • Lift emergency phones
  • Fax and teletypewriter devices


Of most concern for most businesses is the phone lines and existing phone system. Note that you almost universally do NOT need to purchase a new phone system or sign a new contract with Telstra to maintain your lines regardless of what Telstra the sales people may tell you. In fact with the Telstra demotion from network owner and maintainer to "Just another player in the marketplace" I would suggest that Telstra may not be the best provider for phone line services going forward (mobile services excluded from that statement).

Once the NBN has rolled out and your phone lines have been converted, phone calls will be made over the internet. In reality you should not notice any difference you can typically use the same phones or phone system that you have now.

For your existing phone system (PABX) you will need to look at getting a SIP gateway device, which is similar to a set-top box when we moved from analogue to digital TV. Once you have this in place, the new phone lines connected, and the number(s) transferred over. Your old phone system should be able to make and receive calls just as you always have but using SIP or Voice Over IP (VoIP) as the underlying technology.

If you do need or want a new phone system for whatever reason a more sensible approach to replacing a system where the concept hasn't really changed much since the 1970's, is a virtual PABX. There are a number of significant benefits to this and it will probably work out a *lot* less expensive upfront and ongoing.

I will be contacting all of my customers individually to discuss this further.



This blog post has been provided for the benefit of digitalwelcomemat IT customers.
Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.

  6287 Hits
  0 Comments
6287 Hits
0 Comments

Windows 10 Fall creators update available now

The Windows 10 Fall creators update is available now if you don't want to wait for the staged automated install .

For a single PC just go to the following web site and click "update now". If you have multiple PCs you can also create an install disk either on USB or ready to burn to DVD.

https://www.microsoft.com/en-us/software-download/windows10

This will need to be done from an administrative account and I suggest you plan to let it run overnight. As always make sure you have good backups if you store data on the PC that's getting updated.

  5647 Hits
  0 Comments
Tags:
5647 Hits
0 Comments

NBN 100/40

 When you log on to work remotely and your connection speed is 34 times faster than it was yesterday you know its going to be  a good day...

Good quality 100/40 speed FTTN NBN is a wonderful thing even if you are a long way out of a metro area. (Exetel in this case)

  5436 Hits
  0 Comments
5436 Hits
0 Comments

WannaCryptor Ransomware

Over the weekend, news broke of a new ransomware threat called WannaCryptor. 

WannaCryptor is a worm that was developed thanks to the release of a hacking tool developed by the US NSA in the called EternalBlue. 

If you PC becomes infected, normally by one of the common methods, opening an infected email, an infected USB disk, or an infected website the worm will infect any PC on the network that does not have the appropriate security patch installed. The end result is that all your files will be encrypted and you will have to undertake a massive clean-up and restore from backup or consider dealing with the ransomware creator (with no guarantee of getting your files back). 

Microsoft patched that vulnerability in March this year in supported systems. But PC's and servers that are not patched either automatically or manually will be vulnerable including (and of particular concern) is always those operating systems that are no longer supported. Microsoft has released a one-time update for Windows XP, Server 2003, and Windows 8 even though these operating systems are no longer supported and are in most cases well over 10 years old: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ 

Nod32/Eset antivirus provider have provided this brief statement: "ESET products can detect and block this malware" (http://support.eset.com/alert6442/) However, there will be new variants released over the coming weeks so you should have multiple layers of protection. 

The usual security precautions apply to try to prevent getting this (or any other) virus or malware: 

  • Don't open attachments from email where you don't know and trust the sender and be careful what links you click on 
  • Have a good antivirus product and make sure its up to date
  • Be carefully when browsing the web and don't browse to unscrupulous websites 
  • Ensure that your PC's and servers are patched/updated (normally PC updates should be automated and servers are manually updated on a schedule) 
  • Don't be an administrator on your own PC for everyday use
  • Have a good backup that is rotated off the PC or server so that there is always a backup not connected to your server or PC 
  • Don't use outdated and unsupported versions of Windows 
  • Have a disaster recovery strategy
  6514 Hits
  0 Comments
6514 Hits
0 Comments

Microsoft product launch

Microsoft had a big product launch in the US overnight I haven't had time to fully digest it yet but here are some of the highlights: 

  • MS is doing a big push on the education market 
  • A new [additional] version of Windows 10 will be available, Windows 10 "S", its normal windows that is locked to only Windows store apps only, (I'll be checking the fine print!). However, this can be upgraded to Windows Pro which will run all apps. https://tinyurl.com/kos5hmb 
  • MS Office will soon be available as a Windows store app (as well as current options) to suit the scenario above. 
  • MS has released a Surface laptop in a traditional "clamshell" design, 13.5" screen, very slim and excellent battery life (Up to 14.5 hours of video playback!). https://tinyurl.com/ldkbgnn. This fits in alongside the surface tablet (with magnetic clip-on keyboard and kickstand) and the surface book (similar thing but with a "hard" connection between the 2 removable parts) and the surface studio an all in one desktop PC. Note that all of these products are *premium* products incredibly sleek sexy and expensive.
  • No new Windows phone release this time, this is expected next year. Rumour has it that this will be very close to a full PC in your pocket that acts like a phone when it's handheld but acts like a full PC running all PC apps when docked with your keyboard mouse and big monitor.
  5718 Hits
  0 Comments
5718 Hits
0 Comments

Win7 - Win10 free upgrade... still (?)

[Updated 26/05/17 this still works]

Reportedly you can still get a Windows 7 (or 8) - Windows 10 free upgrade the following way: 

(Requires **erasing your PC** and some advanced knowledge of boot selection and install procedures, only for power users and make your own investigations before attempting this) 

  • Ensure that you have your Windows 7 install product key, normally on a sticker on your PC or laptop case 
  • Download the Windows 10 Creators edition install disk image here: https://www.microsoft.com/en-au/software-download/windows10 (make sure you get the correct version based on the version that you are upgrading from Pro or Home for example) 
  • Make the DVD or USB boot device using the tool that you downloaded above 
  • Boot from the DVD or USB Erase the drive and Install Windows entering your Windows 7 product key when prompted 
  • When windows finishes installing Windows 10 should activate with the windows 7 key 

I expect this opportunity will only be for a limited time MAKE YOUR OWN INVESTIGATIONS BEFORE ATTEMPTING THIS. 

THIS INFORMATION PROVIDED WITHOUT WARRANTY OR OFFER OF FREE SUPPORT.

  5196 Hits
  0 Comments
5196 Hits
0 Comments

LastPass now free on mobile

From LastPass...

Get LastPass everywhere, for free!

We know you're a person on the go. That's why, starting today, you can use LastPass on any device, from anywhere, for free.

For convenient access to your passwords on all your devices, download LastPass to any computer and get our app for your phones and tablets:

  5335 Hits
  0 Comments
5335 Hits
0 Comments

“AGL Energy” malware

A number of sources in the media are reporting a bogus email purporting to come from AGL Energy that contains malware. This malware typically installs some type of ransomware on your computer that will encrypt all the data files that it has access to (including network shares) and demand a ransom before they [promise to] unlock them.

It's been reported that this has affected over 10,000 Australians in a week. Here are some links for more information:

smh.com.au

heraldsun.com.au

www.yourlifechoices.com.au


So "I guess", be on the lookout for this one however that's in some ways a bad approach. Being on the lookout for an AGL email when the same thing has been coming from emails purporting to be from Australia post, DHL, Telstra and others for some time now isn't very effective. A better approach is to be careful with ALL emails and have the proper prevention and mitigation strategies in place. 

Here are three things you can do as a starting point: 

  • DON'T BE AN ADMINISTRATOR ON YOUR OWN COMPUTER (I may have mentioned that before)
  • Have good backups in pace that are isolated from the system (a single USB drive plugged in to the system isn't adequate)
  • Be thoughtful and careful with what you open or what links you follow, if it doubt don't open it 

Bonus point: 

  • Have a really good quality antispam service that will; 
  1. Identify most bogus messages as being not legitimately from the company in question 
  2. Prevent casual access to suspect emails, suspect emails should be quarantined by default 

(for your information I can recommend that dedicated antispam product for about $3.50 per user per month)


This blog post has been provided for the benefit of digitalwelcomemat IT customers. Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.

  5977 Hits
  0 Comments
5977 Hits
0 Comments

Windows 10 updates

Q: Now that I have Windows 10 can I stop it from updating at the most inopportune times? 

A: Yes and no, go to start -> settings -> "update & security" -> "Windows update" -> advanced options -> defer updates

This will defer them for a while but does not affect security updates:

"Defer upgrades in Windows 10 - Some Windows 10 editions let you defer upgrades to your PC. When you defer upgrades, new Windows features won't be downloaded or installed for several months. Deferring upgrades doesn't affect security updates. Note that deferring upgrades will prevent you from getting the latest Windows features as soon as they're available.

http://windows.microsoft.com/en-au/windows-10/defer-upgrades-in-windows-10

However that's probably not want you are after. The intended approach is to leave the PC *on* overnight but *not* logged in same way Windows has handled updates for years. That way it will handle all that stuff overnight when you are not using it and restart around 3am - 4am if needed. This would require sleep setting to be set appropriately (I always recommend that sleep is turned off on PC's and laptops anyway), bear in mind that with a Windows tablet that's probably not feasible. 

One of the big changes that Microsoft made in windows 10 is that it WILL do its updates eventually regardless, its created a bit of angst within the industry but the problem they were facing is that people never allowed Windows to update (mostly by turning the PC off overnight every night) and as such Windows didn't get the security fixes and PC's were often vulnerable to the bad guys long after Microsoft had released the patch. 

There are a couple of ways of "hacking" this so that it won't do updates unless you manually force it, but for the reasons above it's not recommend because you really want to get the security fixes without manual intervention. 

Consider leaving your laptops and desktop PC's on overnight (and logged out) or at least over "a" night during the week.

  5211 Hits
  0 Comments
5211 Hits
0 Comments

Passwords...

Interesting article from ZDNet. This is why I prefer a company specified and IT retained password for small organizations. It also means that IT support work can be done outside business hours so as not to impact on staff productivity:

Forcing users to change their passwords may do more harm than good: (ZDNet) http://www.zdnet.com/article/forcing-users-to-change-their-passwords-may-do-more-harm-than-good/

Further, Cranor notes that "There is also evidence from interview and survey studies to suggest that users who know they will have to change their password do not choose strong passwords to begin with and are more likely to write their passwords down."

  5924 Hits
  0 Comments
5924 Hits
0 Comments

Welcome:

digitalwelcomemat now has a blog!

Subscribe for the news as it happens, call me for support on 0404 493 770 or access my remote support solution here: http://help.digitalwelcomemat.com/

Digitalwelcomemat provides IT consultancy and services for business customers on the NSW Central Coast in Australia.

Search

Articles

Contact:

Give me a call: 0404 493770

Go to top