Computer News & Safety – Harry Waldron Rotating Header Image

January 23rd, 2017:

Microsoft Security – Revamped Security Updates portal coming in FEB 2017

Microsoft will be revising their Security Bulletins Portal in February to use CVEs and other changes as described below: 

https://mcpmag.com/articles/2017/01/17/replacing-security-bulletin-portal-in-february.aspx

https://technet.microsoft.com/en-us/mt791750.aspx

Microsoft will be going live with its new “Security Updates Guide” portal — which will replace the older “Security Bulletins” portal — next month.  The Security Updates Guide is currently accessible as a preview. However, on Jan. 10, 2017, Microsoft will stop publishing the Security Bulletins portal. The Security Bulletin numbering system, using formats like “MS17-00x” to label security bulletin groups, also will be going away next month. Instead of using those bulletin numbers, Microsoft plans to identify its patches using “vulnerability ID numbers and KB [Knowledge Base] Article ID numbers,” the company explained, in a Security Updates Guide FAQ.

Microsoft Security Updates – JANUARY 2017

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release:

https://technet.microsoft.com/en-us/library/security/ms17-jan.aspx

https://isc.sans.edu/mspatchdays.html

http://blog.talosintel.com/2017/01/mstues.html

Happy New Year to our readers! Today marks the first Patch Tuesday of 2017 with Microsoft releasing their monthly set of bulletins designed to address security vulnerabilities. This month’s release is relatively light with 4 bulletins addressing 3 vulnerabilities. Two bulletins are rated critical and address vulnerabilities in Office and Adobe Flash Player while the other two are rated important and address vulnerabilities Edge and the Local Security Authority Subsystem Service.

Windows 10 – Security updates for original version 1507 end on MARCH 26th

The Windows 10 versioning uses a YYMM format and version 1507 reflects the original JULY 2015 release.  After March 26, 2017, the original release will no longer be updated, as reflected below.  This issue will primarily impact corporate WIN10 versions — as this is the only eligible version, where users can easily turn off updates

http://www.zdnet.com/article/reminder-microsoft-to-no-longer-update-original-windows-10-release-after-march-26/

IT pros running Windows 10: Update your engines.  As Microsoft noted last year, the company plans to update only two Current Branch for Business versions of Windows 10 at any given time.  Now that Microsoft has released the media for its Windows 10 Anniversary Update — the Windows 10 bits that it released in August 2016, plus a Cumulative Update to it from late last year — the time is winding down for the original version of Windows 10 released in July 2015.

The first release of Windows 10, known as 1507, is the version that Microsoft will no longer update after March 26, 2017. The other two versions of the product in market — the November update (1511) from November 2015 and the Anniversary Update (1607) — will continue to get regular security and feature fixes and updates.

Windows 10 – Overall usage reaches 25 percent

WIN10 usage continues to grow, especially as it comes preloaded on new computers.  However corporate enterprise users are more locked into legacy devices, applications, and desktop management software continue to use WIN7 more extensively. 

http://www.zdnet.com/article/the-biggest-barrier-to-windows-10-success-is-still-windows-7/

Windows 10 has made some decent inroads thus far: it now accounts for somewhere around a quarter of PCs accessing the internet as measured by NetMarketShare. All data like this needs to be looked at in terms of trends rather than details, of course, but in December 2016 – the most current data available, Windows 7 stood at 48 percent, Windows 10 had 24 percent, Windows 8.1 held seven percent, Windows XP nine percent, and Windows 8 had just two percent.

In Windows 7, Microsoft built a good product that companies like. It’s now tried and tested, works with their existing infrastructure and their users are confident using it. And they worry about how big a leap it is to Windows 10, though more will no doubt consider the upgrade as Windows 7 heads towards the end of its lifecycle (Microsoft’s extended support, which included security updates, ends in January 2020).

Mobile Phones – Bad Batteries root cause for Galaxy Note 7 issues

Some of manufacturing techniques created a short in both the original and replacement batteries leading to a loss of over $5 billion as the entire product line had to shutdown and recalled.  A new 8 point safety program was instituted to prevent future issues.  

http://www.pcmag.com/news/351205/samsung-blames-bad-batteries-for-galaxy-note-7-disaster

The Galaxy Note 7 counts as the worst smartphone launch on record. The handsets were all faulty, even the models Samsung claimed were fixed after an initial recall. In the end, not only were all Note 7 recalled, Samsung took action to disable any remaining handsets so as to avoid having any still in use exploding and causing more harm.

When metal is machined it can be left with sharp protrusions known as burrs. Battery B suffered from “high welding burrs” which penetrated the insulation tape and separator inside the battery and caused a “direct contact between the positive tab with the negative electrode.” Additionally, some of these B batteries did not include the required insulation tape. The end result was the same: a catastrophic failure of the battery.

So ultimately, Samsung shipped a bad battery, quickly replaced it, but did so with another bad battery.  Unsurprisingly, Samsung is introducing a new 8-point battery safety check going forward. It will ensure all batteries undergo a durability test, visual inspection, X-Ray, charge and discharge test, Total Volatile Organic Compound (TVOC) test, disassembling test, accelerated usage test, and Delta Open Circuit Voltage test.