Computer News & Safety tips  – Harry Waldron MVP Rotating Header Image

Windows 10 – Advanced Desktop Customization techniques

This Guiding Tech guide offers advanced desktop customization techniques for Windows 10

http://www.guidingtech.com/61212/windows-10-desktop-cool-look/

Windows 10 undeniably looks very cool. The minimalistic approach for the design has contributed to its success. The recent anniversary update has brought in some good customizations. But, you still don’t get enough options to customize it at the desktop level. Yes, you can get those fancy windows 7 gadgets and cool themes to revamp its look. But, they don’t fit well with Windows 10’s minimal design. So, here I’m going to show you how I customized my Windows 10 desktop that not only looks cool but also complements the minimal design of Windows 10.

What is Rainmeter?  — Rainmeter is a desktop customization tool through which you can create and apply various customizable skins to your desktop. Skins for hardware monitors, clock, weather forecast, RSS Feeds and more. If you don’t like picking specific skins and customizing them for your desktop or you don’t have enough time, go for the Rainmeter suites.  The Rainmeter suites are fully packed and customized skins based on a specific theme. This Star Wars-themed suite will give you a good overview.

How I Customized My Desktop — So, I wanted it to look minimal but informative at the same time. Hardware monitors, a date/time widget, to-do list and few customized desktop icons were all I wanted. I thought of an RSS feed reader but then it would take up more space, depleting the beauty of the background wallpaper. So decided to not have that.  Circle Launcher is what I used for Program Launchers. You can use the Polygon shaped buttons called Honeycomb if you want. Well, just installing them won’t make them work. You’ll have to set the target location of the program manually by editing the skin.

Background Wallpaper — The background wallpaper automatically changes based on the submissions on the Spaceporn subreddit. Space wallpapers mostly have darker backgrounds and they look cool at the same time. I achieved this by using a simple tool called Reddit Wallpaper Changer specifically developed for this task.

Windows 10 – New Defender Security Center will centralize controls

The forthcoming “Windows 10 Creators Update” will centralize security controls within the new Defender Security Center.  This will provide easier capabilities for users to tune privacy and security settings on their computers and devices.

https://blogs.windows.com/windowsexperience/2017/01/23/introducing-windows-defender-security-center/

http://www.forbes.com/sites/leemathews/2017/01/24/windows-10-is-getting-smarter-easier-security-controls/

The Windows Defender Security Center includes five pillars that give you control and visibility of your device security, health and online safety experiences.

1. Virus & threat protection — provides a new view of your antivirus protection whether it’s Windows Defender Antivirus that comes free with Windows 10 or AV software from one of our ecosystem partners. If you’ve chosen Windows Defender Antivirus, your scan results and threat history will be displayed here, or you will be able to launch your 3rd party AV protection app directly from this screen.

2. Device performance & health — provides a single view of your latest Windows updates, drivers, battery life and storage capacity. Additionally, you have the option to start fresh with a clean install of Windows using the Refresh Windows feature. This option will keep your personal files and some Windows settings, and remove most of your apps for a fresh start that can help with performance improvements should your device need them.

3. Firewall & network protection — provides information on the network connections and active Windows Firewall settings, as well as links to network troubleshooting information.

4. App & browser control — allows you to adjust settings for SmartScreen for apps and browsers helping you be more informed and stay safer online by warning you of potential malicious sites, downloads and unrecognized apps and files from the Internet.

5. Family options — gives you an easy way to connect to the family options available online. This page can link you to information about parental controls, options for setting up good screen time habits, setting up activity reports of your kids’ online activity and managing controls for purchasing apps and games. You can also view the health and safety of your family’s devices from this centralized location.

Oracle – Huge January 2017 quarterly security update

In the latest quarterly security updates, Oracle has patched 270 Vulnerabilities within it’s product base

http://www.eweek.com/security/oracle-patches-270-vulnerabilities-in-january-update.html

http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html

Oracle is out with its first Critical Patch Update (CPU) for 2017 and it’s a big one. In total, Oracle is patching a staggering 270 different vulnerabilities across its software portfolio, with 121 patches in Oracle’s E-Business Suite alone. In its security advisory for the January 2017 CPU, Oracle strongly recommends that organizations patch quickly.

The largest set of patches in the new CPU are for Oracle’s E-Business suite, which accounted for 42 percent of the entire CPU. Of the 121 security issues in the E-Business suite, 118 are remotely exploitable without the need for a user to enter credentials.  Oracle’s open-source MySQL database is being patched for 27 different security issues, though only 5 of them are remotely exploitable without authentication. The Fusion Middleware suite is being updated for 18 different vulnerabilities, with 16 of the issues being remotely exploitable without user authentication.    Java, which in the past has typically been among the Oracle software components with the most vulnerabilities, is being patched for 17 issues in the January CPU.

Ransomware – New Sage 2.0 variant circulating in-the-wild

The Internet Storm center documents a new ransonware variant circulating in-the-wild

https://isc.sans.edu/forums/diary/Sage+20+Ransomware/21959/

https://www.pcrisk.com/removal-guides/10732-sage-ransomware

On Friday 2017-01-20, I checked a malicious spam (malspam) campaign that normally distributes Cerber ransomware.  That Friday it delivered ransomware I’d never seen before called “Sage.”  More specifically, it was “Sage 2.0.”  Sage is yet another family of ransomware in an already crowded field.  It was noted on BleepingComputer forums back in December 2016, and Sage is a variant of CryLocker. 

Emails from this particular campaign generally have no subject lines, and they always have no message text.  The only content is a zip attachment containing a Word document with a malicious macro that downloads and installs ransomware.  Sometimes, I’ll see a .js file instead of a Word document, but it does the same thing. The Word document macros or .js files are designed to download and install ransomware

The infected Windows host has an image of the decryption instructions as the desktop background.  There’s also an HTML file with the same instructions dropped to the desktop.  The same HTML file is also dropped to any directory with encrypted files.  “.sage” is the suffix for all encrypted files.

Ransomware – Petya variant targets Human Resources users via Job applications

Ransomware dangers continue to circulate in-the-wild.  SHRM is a major Human Resources professional networking site.  It shares the risks associated with a new Petya variant, this is targeting companies via infected job applications.

https://www.shrm.org/resourcesandtools/hr-topics/employee-relations/pages/hackers-infect-job-applications-with-ransomware.aspx

HR departments are being targeted by a new ransomware attack that comes disguised as a job application.  The cybercriminals behind the attacks demand about $1,000 in digital currency called bitcoin to restore data on infected computers, according to a recent blog post by Check Point Software.   One bitcoin is worth roughly $894, according to Coindesk, a site that tracks news and information about digital currencies.

Once an applicant applies for a job by filling out the online application, they may be asked to e-mail additional files. The malware arrives in an e-mail with two attachments—a benign PDF that appears to be an applicant’s cover letter and an Excel file containing infected macros—reported Check Point, a San Carlos, Calif.-based malware-protection firm. This ransomware is a variant of one called Petya, which was developed by a cybercriminal who goes by the name Janus, according to Check Point.

Victims receive a ransom message on their screen telling them that their hard disk has been “infected with a military grade encryption algorithm. There is no way to restore your data without a special key” that only the cybercriminals can provide.

Petya and other malware are sold as ransomware-as-a-service products, so it’s “very likely” that more than one cybercriminal is using this type of malware, Check Point said.  To avoid a malware infection, ZDNet advises, don’t enable macros on Microsoft Office documents and watch for unanticipated or notably generic e-mails.  “The most effective solution revolves around security awareness training, specifically utilizing phishing simulation training”

Microsoft Security – Revamped Security Updates portal coming in FEB 2017

Microsoft will be revising their Security Bulletins Portal in February to use CVEs and other changes as described below: 

https://mcpmag.com/articles/2017/01/17/replacing-security-bulletin-portal-in-february.aspx

https://technet.microsoft.com/en-us/mt791750.aspx

Microsoft will be going live with its new “Security Updates Guide” portal — which will replace the older “Security Bulletins” portal — next month.  The Security Updates Guide is currently accessible as a preview. However, on Jan. 10, 2017, Microsoft will stop publishing the Security Bulletins portal. The Security Bulletin numbering system, using formats like “MS17-00x” to label security bulletin groups, also will be going away next month. Instead of using those bulletin numbers, Microsoft plans to identify its patches using “vulnerability ID numbers and KB [Knowledge Base] Article ID numbers,” the company explained, in a Security Updates Guide FAQ.

Microsoft Security Updates – JANUARY 2017

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release:

https://technet.microsoft.com/en-us/library/security/ms17-jan.aspx

https://isc.sans.edu/mspatchdays.html

http://blog.talosintel.com/2017/01/mstues.html

Happy New Year to our readers! Today marks the first Patch Tuesday of 2017 with Microsoft releasing their monthly set of bulletins designed to address security vulnerabilities. This month’s release is relatively light with 4 bulletins addressing 3 vulnerabilities. Two bulletins are rated critical and address vulnerabilities in Office and Adobe Flash Player while the other two are rated important and address vulnerabilities Edge and the Local Security Authority Subsystem Service.

Windows 10 – Security updates for original version 1507 end on MARCH 26th

The Windows 10 versioning uses a YYMM format and version 1507 reflects the original JULY 2015 release.  After March 26, 2017, the original release will no longer be updated, as reflected below.  This issue will primarily impact corporate WIN10 versions — as this is the only eligible version, where users can easily turn off updates

http://www.zdnet.com/article/reminder-microsoft-to-no-longer-update-original-windows-10-release-after-march-26/

IT pros running Windows 10: Update your engines.  As Microsoft noted last year, the company plans to update only two Current Branch for Business versions of Windows 10 at any given time.  Now that Microsoft has released the media for its Windows 10 Anniversary Update — the Windows 10 bits that it released in August 2016, plus a Cumulative Update to it from late last year — the time is winding down for the original version of Windows 10 released in July 2015.

The first release of Windows 10, known as 1507, is the version that Microsoft will no longer update after March 26, 2017. The other two versions of the product in market — the November update (1511) from November 2015 and the Anniversary Update (1607) — will continue to get regular security and feature fixes and updates.

Windows 10 – Overall usage reaches 25 percent

WIN10 usage continues to grow, especially as it comes preloaded on new computers.  However corporate enterprise users are more locked into legacy devices, applications, and desktop management software continue to use WIN7 more extensively. 

http://www.zdnet.com/article/the-biggest-barrier-to-windows-10-success-is-still-windows-7/

Windows 10 has made some decent inroads thus far: it now accounts for somewhere around a quarter of PCs accessing the internet as measured by NetMarketShare. All data like this needs to be looked at in terms of trends rather than details, of course, but in December 2016 – the most current data available, Windows 7 stood at 48 percent, Windows 10 had 24 percent, Windows 8.1 held seven percent, Windows XP nine percent, and Windows 8 had just two percent.

In Windows 7, Microsoft built a good product that companies like. It’s now tried and tested, works with their existing infrastructure and their users are confident using it. And they worry about how big a leap it is to Windows 10, though more will no doubt consider the upgrade as Windows 7 heads towards the end of its lifecycle (Microsoft’s extended support, which included security updates, ends in January 2020).

Mobile Phones – Bad Batteries root cause for Galaxy Note 7 issues

Some of manufacturing techniques created a short in both the original and replacement batteries leading to a loss of over $5 billion as the entire product line had to shutdown and recalled.  A new 8 point safety program was instituted to prevent future issues.  

http://www.pcmag.com/news/351205/samsung-blames-bad-batteries-for-galaxy-note-7-disaster

The Galaxy Note 7 counts as the worst smartphone launch on record. The handsets were all faulty, even the models Samsung claimed were fixed after an initial recall. In the end, not only were all Note 7 recalled, Samsung took action to disable any remaining handsets so as to avoid having any still in use exploding and causing more harm.

When metal is machined it can be left with sharp protrusions known as burrs. Battery B suffered from “high welding burrs” which penetrated the insulation tape and separator inside the battery and caused a “direct contact between the positive tab with the negative electrode.” Additionally, some of these B batteries did not include the required insulation tape. The end result was the same: a catastrophic failure of the battery.

So ultimately, Samsung shipped a bad battery, quickly replaced it, but did so with another bad battery.  Unsurprisingly, Samsung is introducing a new 8-point battery safety check going forward. It will ensure all batteries undergo a durability test, visual inspection, X-Ray, charge and discharge test, Total Volatile Organic Compound (TVOC) test, disassembling test, accelerated usage test, and Delta Open Circuit Voltage test.