Tag Archives: Microsoft

Posted on Author Atlantic Computer Services Categories Blog

Password Policies Getting Update From Microsoft

Industry experts have been predicting the death of the humble password for decades.  To date, those predictions have amounted to nothing.

Passwords are still with us, and still serve as the cornerstone of security, even as other measures have arisen alongside them to help better secure your all-important data.

 

Even though passwords aren’t gone, the security landscape is changing. Recently, Microsoft has announced another step down that path of change.  They’re doing away with the notion of forced password changes.

The logic is hard to argue with.  The policy of forced password changes really doesn’t offer all that much in the way of protection. It often creates as many headaches and problems as it solves, because users tend to make small, virtually meaningless and easy to predict changes to their passwords. Or, they often forget their new ones anyway.

While Microsoft is no longer forcing password changes at periodic intervals, they are leaving the option available for Enterprise users to establish their own forced password change thresholds if they choose to do so.  In tandem with the coming change, they’re also recommending that security professionals perform a periodic review of passwords to ensure that the passwords in use aren’t on the list of the UK National Cyber Security Centre’s list of the 100,000 worst passwords.

One important thing to note is the fact that the company isn’t making any changes to its requirements for minimum password length, complexity, or history. That is essential in terms of keeping users from simply recycling the same two or three passwords, switching endlessly back and forth between them.

It’s also worth mentioning that these changes could benefit companies that are currently under audit. That is if the auditing agency is using Microsoft’s security baseline as a guideline. That makes this seem like a small , but it is more significant than it may first appear.

0
Posted on Author Atlantic Computer Services Categories Blog

Windows Update May Fail With External Storage Devices

Microsoft recently issued an important support document that your IT staff needs to be aware of.

In part, their notice reads as follows:

“Inappropriate drive reassignment can occur on eligible computers that have an external USB device or SD memory card attached during the installation of the May 2019 update.  For this reason, these computers are currently blocked from receiving the May 2019 update.”

If you have one or more machines on your company network with USB-connected drives or SD cards attached, you’ll get an error message explaining this as a reminder, and you will not be able to proceed until those devices have been unplugged.  The company has also assured users that the inappropriate drive reassignment issue will be addressed in a future build.

By and large, this isn’t a major issue because few (if any) machines actually run their OS’s from such a drive. So, the workaround is a fairly simple one, but there is an added wrinkle to consider.  The blocking mechanism only works if you’re running the April 2018 or October 2018 builds (versions 1803 and 1809, respectively).  If you’re running an older version of Windows 10, even if you have a USB-connected drive, you won’t be blocked from receiving the update.

At this time, it is unclear what exactly caused the issue in the first place and the company has not established a firm time frame for when it will be addressed. Again, it’s not something that is especially difficult to get around, although it will add slightly to the overhead needed to keep the machines on your company’s network completely up to date.

Note that as the name implies, the updated is slated for release in May 2019, and Windows 10 users can delay the company’s semi-annual update if they wish to do so.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Is Keeping Paint Program For Now

Back in July 2017, Microsoft created a bit of an uproar when they released a build of Windows 10 that promoted their new Paint 3D app.

Paired with the new arrival was an announcement that the classic Windows Paint program would be deprecated and ultimately removed from the OS in subsequent versions.

Paint has been part of the Windows ecosystem and landscape since the very beginning.  It has little to recommend it, featuring only the most basic of functionality and a skimpy set of features.  Given that, the company was amazed at the outcry from the user community when the announcement was made.

Despite its many shortcomings, it turns out that the little program was much loved, and its diehard core of users rabidly defended it.  As a result, the company gave MS Paint a stay of execution, but insisted that the day would inevitably come when the program would be no more.

The company’s stay of execution took the form of leaving paint, but each time a user opened it, they’d receive a message in the form of a pop-up box that read:  “Product alert:  Paint will soon be moving to the Microsoft Store.  Don’t worry; it will still be free to download once it moves there.”

That was the situation for more than a year, but then, the message suddenly vanished. This renewed concerns that the aging program might be back on the chopping block.

Microsoft recently confirmed, however, that for the time being, Paint isn’t going anywhere. They reaffirmed that if and when it is removed from the OS, it will still be freely available as a download.  If you’re a fan or even an occasional user of MS Paint, that’s good news.  Say what you will, but the venerable program certainly has staying power.

0
Posted on Author Atlantic Computer Services Categories Blog

Recent Data Breach May Affect Hotmail And Outlook Users

Microsoft recently confirmed that the login credentials of one of its customer support agents was compromised.

This allows unknown third parties to log in and gain access to data contained in an unspecified number of users’ Hotmail and Outlook email accounts. The exposure occurred between January 1 and March 28 of this year (2019).

When news of the breach first emerged, the company issued a statement that read, in part, as follows:

“We have identified that a Microsoft support agent’s credentials were compromised, enabling individuals outside Microsoft to access information within your Microsoft email account. This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your email address, folder names, the subject lines of emails, and the names of other email addresses you communicate with), but not the content of any emails or attachments…it is important to note that your login credentials were not directly impacted by this incident.”

In our view, the last line is the most important in the formal statement.  The hackers were able to glean some information from an unknown number of accounts, but they did so by proxy through the lens of a compromised support account, and not by stealing actual login credentials of users.

Since the company’s announcement, there have been conflicting reports that suggest the breach may have been more serious than Microsoft is currently claiming.  As such, our recommendation is that if you have a Hotmail or an Outlook.com account, the best course of action would be to exercise an abundance of caution and change your password right away.  It’s far better to be safe than sorry.

Also be aware that since hackers may have gleaned your email address as a result of their snooping, you are somewhat more likely to be on the receiving end of phishing emails in the weeks and months ahead.  Be on your guard against that.

0
Posted on Author Atlantic Computer Services Categories Blog

Removing USB Gets Easier In Windows 10 Update

Microsoft has recently rolled out a small but important change where USB connected devices are concerned.  The changes have been heralded as an improvement by some and seen as a step backward by others.

In particular, the company has tweaked the way Windows 10 handles the process of disconnecting a USB or Thunderbolt storage device.

These devices include USB-connected hard drives, flash drives and even data transfer cables between PCs and smartphones. There are two options users can select from where removing these devices is concerned:  Quick Removal and Better Performance.

Previous versions of Windows 10 automatically defaulted to the “Better Performance” setting.  The latest release of the OS has changed the default to “Quick Removal” which results in a significant change.

Under the Better Performance setting, your USB device (as the name indicates) is optimized for maximum performance, which allows you to make the most of data transfer speeds.  By defaulting to “Quick Removal” the process of disconnecting a USB device is faster and more convenient because it bypasses the “safe removal” process, but at a notable sacrifice in data transfer speed.

The good news is that it is still possible change the default back to the Better Performance setting. Of course, doing so will mean that you’ll have to follow the “Safely Remove Hardware” process you’ve probably grown quite accustomed to.

To change your default setting back to Better Performance, just follow these steps:

  • Connect the USB device
  • Right Click the “Start” button and select “File Explorer.”
  • Identify the drive letter associated with the device whose settings you wish to change.
  • Right click the start button again, then select “Disk Management”
  • Locate the drive and click “Properties”
  • Select the “Policies” tab and set the policy for that device, choosing between Quick Removal and Better performance.

Once you do that and click “Ok,” you’re all set.

0
1 45 46 47 48 49