Tag Archives: Windows

Posted on Author Atlantic Computer Services Categories Blog

Prepare For Windows Server 2012 End Of Support

Another week, another Microsoft “End of Life” reminder to write about.

This time, it’s Windows Server 2012 R2.  If you’re a user, then you’re probably already aware of the looming deadline. If you’ve blocked it out of your mind, or if you’ve missed the notifications that Microsoft has been sending out, here’s what you need to know.

The End-of-Life deadline for Windows Server 2012 R2 is October 10, 2023.  If you have not begun making transition plans, now is the time to do so.  Beyond that date, you’ll no longer receive regular patches or security updates which will put your company at risk.

To minimize that risk, Microsoft recommends updating to Windows Server 2019 at your earliest convenience.

It’s also worth mentioning that Server 2012 R2 will follow Microsoft’s “Fixed Lifecycle Policy,” which means it has 5 years of mainstream support plus an additional five years of extended support.

During the mainstream support period, the product receives all updates and support.  During the extended support period, users stop getting non-security-related updates.  Once the extended support period ends, all updates cease. Thus, End of Support.

If you’re evaluating the October 10th 2023 deadline with a pit in your stomach, it’s worth mentioning that customers who need more time can opt-in for a paid plan called “Extended Security Update” that gives you another three years, but that’s a hard deadline.  After that, there is no more support no matter how much you offer to pay.

The cost of the “Extended Security Update” gets more expensive in each of the three years it’s offered. It amounts to 75 percent of License Cost for year one, 100 percent for year 2, and 125 percent for year three. If you need the extra time to transition away from Server 2012 R2, you may consider that to be money well spent.

In any case, the time to start making plans is now.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Is Phasing Out Windows 8.1

If you are still using Windows 8.1 and if you’ve somehow managed to avoid seeing the parade of notices Microsoft has been sending out, you should know that the end is nigh.

Support for the aging OS will end on January 10, 2023.  If you have not already done so, you should begin making plans now to migrate away from that OS, and to something more modern.

This is a similar track the company adopted where the end of Windows 7 support was concerned, and the current deadline should not be a surprise to anyone.

After all, Windows 8 itself reached the end of support back in 2016. Although users of version 8.1 got a considerable extension from that point.

It’s worth mentioning that Microsoft has decided not to offer an Extended Security Update (ESU) program for Windows 8.1, so when the date arrives, that’s it.  No matter how much you may want one, you won’t be able to pay for an extension. That means you’ll lose the benefit of ongoing security patches from that point forward.

Although Windows 10 gets the lion’s share of the press for being the most widely used version of the OS of all time, Windows 8.1 was significant for the Redmond Giant.

Windows 8’s initial release was not well received, and the company worked hard to address the (often legitimate) concerns that the OS’s massive user base had.  Windows 8.1 was the culmination of those efforts and the Windows 8.1 era of the company’s history saw steady improvements in both aesthetics and functionality.

In fact, it’s fair to say that without the gains made during the Windows 8.1 era, the current OS would still look dated and many of the components that are integral to all of Microsoft’s operating systems might not have yet been overhauled.

In any case, the sun is indeed setting on Windows 8.1.  Be sure you’re ready when it goes full dark.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Uses Word Documents To Get On Your System

Researchers at HP have discovered a new malware loader that they’ve dubbed SVCReady.  While new malware strains are common, this one is distinct for a couple of different reasons.

Like many malicious programs, this spreads primarily via phishing email campaigns.  One way that this new strain differs however, is the fact that the malware is loaded onto the target machine via specially crafted Word documents attached to the email.

The idea is that these Word documents leverage VBGA macro code to execute shellcode that’s stored in the properties of the Word document.  That’s both new and dangerous.

The HP researchers found evidence that tracks the malicious code back to its origin in April of 2022, with the developers releasing several updates just one month later in May.  The number of updates is suggestive of a large, well-organized team that is committed to continued development of their new toy.

Currently, SVCReady boasts the following capabilities:

  • Download a file to the infected client
  • Take a screenshot
  • Run a shell command
  • Check if it is running in a virtual machine
  • Collect system information (a short and a “normal” version)
  • Check the USB status, i.e., the number of devices plugged-in
  • Establish persistence through a scheduled task
  • Run a file
  • And run a file using RunPeNative in memory

In addition to these capabilities, SVCReady can also fetch additional payloads from the command-and-control server.  While the bullet points above are dangerous in their way, it is the last, recently added capability that makes the new malware strain especially dangerous.  It enables the hackers to tailor the level of destruction for each infected target.

Worse, the new strain contains bits of code that lead the HP researchers to conclude that the threat actor TA551 may be behind it.  This is a large, well-organized group with ties to multiple other hacking organizations and ransomware affiliates. That implies that SVCReady may soon become much more widely available than it is now.

You will want to be sure this one stays on your radar.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Adding Restore Apps Feature To Make Reinstalling Easier

Are you excited about Windows 11?  Many people are and in fact there are legions of beta users who are in the Windows Insiders group so they can get a sneak peek at some of the features on deck as updates are released.

One of the coolest new features making its way through the development pipeline is the “Restore Apps” feature the company is working on.

Its development came about from the realization that one of the most time-consuming tasks associated with setting up a new PC with a fresh Windows installation is the process of restoring all your previously installed apps.

This new feature aims to shortcut the process. Unfortunately, it doesn’t work with desktop applications, but any app you’ve downloaded and installed from the Microsoft Store can be put back in place via a single click, and that’s amazing.

Microsoft had this to say about the new feature:

“To make it easier for customers to transition to their new PCs quickly and seamlessly, we will soon test a new feature in the Windows Insider channel that helps customers automatically restore their apps, previously installed from the Microsoft Store, to their new Windows device.  This will also help developers retain their customers without having to remind customers to re-download their app.”

In addition to the “Restore Apps” feature, Microsoft will soon be adding the ability to install apps directly from a search in the Windows 11 Start Menu. Given that many people use the Start Menu’s search function to find new apps, this is a natural fit. By not having to access the Microsoft Store directly, it saves a step while offering a bit of added convenience.

While neither of these are available just yet, they will be soon. So if you’re a Windows Insider, be on the lookout for them.

0
Posted on Author Atlantic Computer Services Categories Blog

Beware New Windows Vulnerability With Remote Search Window Access

You may not know the name Matthew Hickey, but you should thank him for a recent discovery that could save you a lot of grief.

Hickey is the co-founder of a company called Hacker House.  He recently discovered a flaw that could allow for the opening of a remote search window simply by opening a Word or RTF document.

This newly discovered zero-day vulnerability is about as serious as it gets.

Here’s how it works:

A specially crafted Word Document or RTF is created which, when launched, will automatically launch a “search-MS” command, which opens a Windows Search window.

This window lists executable files on a remote share and the share can be given any name the attacker desires such as “Critical Updates” and the like. That would naturally prompt an unsuspecting user to click the file name to run that file.

Naturally, clicking the file name wouldn’t do anything other than install malware, which is exactly what the hackers are trying to do.

Although not quite as dangerous as the MS-MSDT remote code execution security flaw, this one is still incredibly serious. Even worse, there is not currently a patch that will make your system safer.

The good news however, is that there are steps you can take to minimize your risks.

If you’re worried about this security flaw, here’s what you can do:

  • Run Command Prompt as Administrator.
  • To back up the registry key, execute the command “reg export HKEY_CLASSES_ROOTsearch-ms search-ms.reg”
  • Execute the command “reg delete HKEY_CLASSES_ROOTsearch-ms /f”

Kudos to the sharp eyes of Matthew Hickey for first spotting this flaw.  We can only hope when the next zero-day rears its head, researchers like Mr. Hickey will be there to help point them out and show us how to defeat them.

0
1 2 3 4 27