Posts under tag: Windows
Please update Windows computers by 5:00pm today (Tuesday, May 16). Restart your machine to have updates take effect.
Windows computers that are not up to date on Microsoft security update MS17-010 at that time will be temporarily disconnected from the UO network by the UO Information Security Office.
Windows has a vulnerability
For specific information as to the worldwide impact of this vulnerability, check out The New York Times article on the WannaCry ransomware exploit.
The Microsoft Security blog has more information for Windows consumers here as well.
Action items for you
- Deploy Microsoft Windows Updates immediately, and no later than 5:00pm today (Tuesday, May 16).
- Restart your machine following the update process.
What we are doing
CASIT is working on a small list of specific, known, vulnerable hosts and contacting those customers where possible and having them update their machines. If we don’t contact you, run updates and restart your machine as this is the best way to ensure your machine/device is not vulnerable.
The Information Security Office continues notifying departmental IT staff of machines in their departments that are vulnerable to network propagation of this threat, and will notify them again today before 5:00pm.
If you have any questions, please contact us by email: firstname.lastname@example.org or by phone at x6-2388.
TechCrunch reporting from the Microsoft Build conference this week has reported that the Bash shell–commonly found in Mac OS X and Linux operating systems–is going to be on Windows 10. Bash runs natively within Ubuntu on Windows and it will be included as part of the Windows 10 Anniversary Update this summer but it will be available to Windows Insiders before that and on the Windows Store soon. Bash also could be the beginning of more shells coming according to Microsoft VP Terry Myerson.
Under its new CEO Satya Nadella, the company has embraced the idea that it wants to target all developers and platforms and not just its own. Recently, Linux was embraced to run on their cloud service, Azure and they are also looking to make SQL Server available for Linux in return.
For more on this announcement, check out the article from TechCrunch.
Scott Hanselman’s blog delves deeper into how Bash will interact with Windows. Click here for more.
In 2014, prior to the advent of Windows 10, Microsoft announced that Internet Explorer will only be supported on each supported version of Windows. It was announced this week that Windows 8 will no longer be supported. This means Internet Explorer versions 7, 8, 9, and 10 will be severed from future updates. Users who would like to continue receiving software security updates will have to upgrade to at least Windows 8.1 (or the free Windows 10 upgrade thereafter; Windows 7 is still receiving technical support as well).
This change in support is not unilateral. Windows Server 2012 and Server 2012 R2–the server equivalents–will continue to have support for Internet Explorer 10 since version 11 was never made available to them. Microsoft states that these operating system will still receive support through their full 10 year life cycle.
Peter Bright from ArsTechnica explains further:
In other words, all the same patching and updating that Windows 8 and Internet Explorer 10 need will continue to be performed. Across the full range of supported platforms—including the Windows XP with Internet Explorer 7-based Windows Embedded for Point of Service—Microsoft is stuck continuing to produce patches for Internet Explorer 7, 8, 9, and 10, along with Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 8.1. The patches just won’t be readily available, so upgrading will be strongly recommended.
Microsoft did issue a notice for this change allowing for upgrade times but it is inevitable that some organizations waited to update things due to compatibility reasons. Internet Explorer 11 does support some legacy features like ActiveX controls if you still want.
For the breakdown from ArsTechnica, check out this article.
CASIT Desktop services inventories a lot of computers and to help I had written a Java app that pulls a computer’s information and sends the data to the CASIT inventory site. With Java suffering from major exploits, I decided to convert the app from Java to AppleScript for Macs and PowerShell for Windows. The coding for the scripts was pretty easy to write after I figured out the syntax, and I also found some helper functions from online sources that helped quite a bit. The scripts run really fast and are also easy to edit by just opening them in AppleScript Editor or Windows PowerShell ISE on any computer.
Here is the code. To execute it, just open it in AppleScript Editor and hit ‘Run’.
Here is the code. To execute the script either right+click and select ‘Run with PowerShell’. To execute the script you might need to set PowerShell execution to unrestricted with this command:
Set-ExecutionPolicy -ExecutionPolicy Unrestricted
Review of Windows 8 is here.
CASIT recommends that you wait a while before upgrading your computer so serious bugs with Windows 8 and other software can be ironed out. CASIT is currently working on testing Windows 8 as well as other software that is used at the University.
McAfee VirusScan Enterprise is the university’s antivirus software of choice.
If you installed McAfee VirusScan prior to July, 2012, your computer may not be properly protected if you chose to install the software in unmanaged mode.
Learn if this issue affects you and how to fix it at Installing McAfee Management Agent.
For help, please contact the Information Services Help Desk.
Hundreds of applications you use may need fixing because of a quirk in the way Windows looks for missing programs
Microsoft just released Security Advisory 2269637 , warning of an entire class of new zero-day attacks that take advantage of the way many popular Windows programs are written. Perpetrators — likely to appear in the next few days — won’t take on Windows directly. Rather, they’ll rely on how Windows finds and assembles pieces of programs to get their nefarious code to run. (more…)
‘Most every Windows application’ at risk, says Slovenian security firm that’s working with Microsoft on fix
An unpatched problem with Windows applications is much worse than first thought, with hundreds of programs, not just 40, vulnerable to attack, a Slovenian security company said today. (more…)