Category: Security

Windows Update in September causes printing issues in IT Support

Paul

Support Key

Print Nightmare Patch

Microsoft released an update for Windows (KB5005565 , KB5005566, and  KB5005652) that is causing quite some problems with Printers and networking.   There have been reports that I’ve seen of this affecting business and all around.   I’ve seen this in my Job also, Drivers not installing and Windows updates not installing because the drivers isn’t being able to be installed.   Paper sizes and even POS printers not printing due to the Printer spooler being patched by Microsoft.   Bleeping Computers even says that it broke the point to a network printer and is causing issues with people being able to print on the network.

Significant problems

Even I’ve seen the problems that came along with the new update.   The real problem is how to protect the business who need to use their network for business purposes.   What are some ways to do it and keep the business safe?  These are all the questions that need to be answered but as of yet no one knows what the really way to patch the problem associated with the Print Spooler and Print Network.

IT admins have said as much as uninstalling the update resolves most if not all the printer issues they’ve seen the last week or two but that isn’t really suggested by Microsoft due to the Print Nightmare issues and ransomware issues that might arise from it.   All I know is IT admins are left on the side of the road as to how to fix the issue without the patch or if there will be a hotfix now the road to fix the September update.  Either way there isn’t much we can do but wait and see.

Possible ways to Mitigate this issue:

Change your Group Policy Object (GPO) in Active Directory on the target computers on the network to “RestrictDriverInstallationToAdministrators = 0” but than again we are just opening up that hole that Microsoft is trying to close.

Registry add:

reg add “HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint” /v RestrictDriverInstallationToAdministrators /t REG_DWORD /d 0 /f

Again this will only bypass what Microsoft is trying to close with the vulnerability in Windows point and print issue on the network.   You should be able to start printing after you reboot.   This however isn’t suggested by me or anyone who is looking to keep the printer from being used in a ransomware attack.

Installing V4 drivers instead of V3 Drivers will solve this issue also but some  vendors don’t even have V4 drivers available to install as of yet.  Until they make those drivers available, there isn’t really much we can do about it or even suggest to the business that are having difficulty with the printing issue at hand.

Resources:

Getting the interview and how I will be ready for those questions

Paul

Young Man on a Job Interview

Getting that interview

I talked about the job market and how that will be more difficult to find a job. That seems to be changing for me.  If you didn’t read my post about Tuesday’s call, I will go back and say it was quite a surprise to get a call 30 mins after I applied a a technical support specialist job.   Fast forward two days, they call me and setup an interview time for Next Day.  This would be the Thursday after the call on Tuesday and my Interview is Friday.  So that’s been my week this week.   I am not sure what to think, but I thought it would be a good idea to at least talk about how to know what questions they might ask me or what even if I should have questions to ask them.

Questions and Answers

Some of the questions I saw and looked over came from Indeed and other hiring sites but I compressed them into a small subset of questions and you can go back and see what they might want to ask you in your interview if you ever have one for a technical support specialist.  Although this won’t be exactly what they might ask you but you should at least be somewhat prepared for the questions they ask you and have a few good answers waiting to give back to them.   I am sure what you do is going to be a little bit different from company to company but you should at least have a few good answers ready.

  • What made you get into technical support?
  • What is your troubleshooting process? (see some of how I troubleshoot motherboards post issues)
  • Where do you see yourself in five years?
  • Why are you interested in Technical Support?
  • Why should we hire you?
  • What do you feel your strong Points are?
  • What do you feel your week points are?
  • What’s your strength
  • Why do you want to work here?
  • Why did you apply to our company?

These are just a few of the questions that they might ask you for a technical support job.  I’ve went through as many sites as I could just to see what they might ask you but every site including Glassdoor has many different questions that might be relevant or not.   No matter how well we prepare, there will be that questions that might be a surprise to you and you should approach it with the best intentions.   Always remember that you are there for a reason.

Tell me about yourself?

That’s either where it begins or it ends depending on the interviewers point or if they need to know a lot about you.  The one thing I can tell you and know it works is being yourself and always smiling.  If they are going to hire you, that because they see potential in you.   That’s pretty much how I see it.   They are looking for the ideal employee but in life we rarely find that perfect person to fit the job description.   This is why you should always apply for jobs that might not seem like your a good fit.   You’ll know when they call you, take the ques from how they communicate with you.  Are they trying to be helpful?  are they trying to learn more about you?  are they open to your questions?  Sure you’ll have questions and that is a good sign that you want to know more about the company.  Also do some research on the company and be prepared to know more about it and that way you could be ready for those types of questions.

As you can see it is a whole new world for people to hire employees but most of the time it’s just takes a little bit of effort to do the job right and nothing we say or do will ever make the greatest impact that knowing we are making a difference each and every day in someone’s life.   What’s your experience been with interviews?  How’d that go for you?  why not leave a comment and talk about it with others who might want to know what to expect.

How virtual desktop infrastructure will help us in the IT field

Paul

BGinfo Group Policy

 

What’s is VDI and why do we need it in IT?

Virtual Desktop Infrastructures (VDI) are just that Virtual desktops that anyone can use on any given system around the world.   According to Citrix each VDI “includes an operating system image, typically Microsoft Windows“.  So what does that really mean?  The real question we should be asking ourselves is what does it do or how can we use that in virtualization.   The answer is quite simple, the truth of the matter is that VDI will help servers move a desktop from one server or even allow the user to do what they would normally do in the office and be able to do it anywhere the world.    The company could also give them really cheap or maybe even Chromebooks to do their work from home.   Ever since the start of virtual machines this has been something that was readily deployed because it kept the information in a centralized server and the user wouldn’t need to worry about any sensitive information leaks by someone stealing a laptop or a desktop.

Persistent and non-Persistent

Each VDI can allow a user to make changes to the desktop or not make changes depending on the settings the administrator decides to use.   Although this has not been a major point to people to try to get around the need to make the desktop a more personable environment.   It does help to prevent unwanted programs and people making changes to the OS which could make it even harder to prevent malware and viruses from getting onto the VDI.  Administrator’s have the option to allow users to change the desktop or keep the desktop as it is and you have to use it like it is.   If you have several users that are using the same exact desktop than this would be my option to keep all the users happy.

Considerations of VDI

Even I know the power of Virtualization but some users will not know what they are missing or getting when they are using a VDI.  According to IT Pro Today, We should consider a multitude of things when we deploy a VDI.   Security is always going to be a big issue when it comes to how the user will interact with the virtual desktop, which could bring even more problems but most of time it will help keep the problems away.  They even go as far as to make a point of how important it is to control the BYOD or even know the level of the user who is using the Virtual Desktop.   Each one of these is important to keep the user safe and secure.   It just depends on how well we control what they do and how they do it on it.   We should be able to monitor the VM and know that it is safe in our hands as we can control the group policies of it and keep the user from going to sites or installing software that isn’t approved to be used on the system.   Yet, I am sure we will see more users try to get around those restrictions because of one reason or another.  Time will always be against the administrator because someone is bound to test the limits.

Do you agree or disagree, or do you think it will help us or hinder us to have to be watchful of the users and how they use the VDI?

 

Why I uninstalled Microsoft Windows 11 Preview build?

Paul
Windows 11 — Isn’t the great!

I reinstalled Windows 10 and Deleted Windows 11!

I don’t know about everyone else but after my week long expedition into Windows 11, I just couldn’t handle the speed issues of the Windows 11 and the encryption.   I know it isn’t worth my time after all that to down grade to Windows 10 but I I felt it wasn’t going to get any smoother than that.  I also would of had to have deleted the partition anyways since it was locked to secure boot and UEFI.  I really didn’t want to try to convert it back to MBR.   I got my trust Windows 10 DVD and started it up and found the partitions I wanted to delete and then I reinstall Windows 10.   I will say that after wiping the hard drive and reinstalling Windows 10, and turning off all the Encryption crap and just booting into Windows has seen my load times go back to normal.

Windows 11 Problems

First off the main problem I had with Windows was the need to encrypt the Hard drive and I was using a NVME which should of been way faster than a standard SSD or Hard drive to boot up.   That wasn’t the case, I’d see the swirling load screen on my system for several seconds and then it would finally boot.  Due to the encryption that Microsoft says is required to run Windows 11, it just doesn’t cut it for me.   Even playing games like Minecraft was screwy and that isn’t even taking up that much memory at the most 2 GB or if you know how to do it 4 GB.   I’d play with Minecraft and the system would take forever to load up the next part of the map or even play Microsoft Flight Simulator 2020 and It wouldn’t be sluggish there also.

The Start Menu

This was something that was just annoying, I think Microsoft wanted to look like an Apple device and bring the apple guys over because of the look.  I can’t understand why you would prevent people from reverting back to the old Windows 10 setup.  I can only wonder what people will do to find out what they are running and if it will actually be a good idea to keep the start menu in the middle of the screen.  Some people have these really long screens and it might help them.  I personally would like to move the taskbar anywhere on the outside of the screen, top or maybe right or left of the screen.  You wouldn’t be able to do that either.   Which will make people really mad.

I can’t see this being all about security

It just can’t be about viruses and malware or even the recent months of ransomware attacks that have been happening in the past year, due to the Covid19 situation around the world.  I have talked about how Windows will ultimately fail and we will see virus writers come up with some good viruses and malwares to compromise the Secure boot and even the TPM that is trying to be forced to be used by Windows.   I am sure it isn’t over, and if Microsoft isn’t going to change, we’ll see people leaving left and right to go to operating system that are much less restrictive and more open such as Linux.  In the end, I went back to Windows 10 because of the speed and performance, and I am not even thinking about Windows 11 until I find out what they will require when the system is finally released.   This will be a big deal to some but me, I am not interested in the so called security features of Windows 11.

 

Gigabyte Hit with RansomEXX attack and could be big problems for the Motherboard manufacturer

Paul
Blame the Broker

Bleeping Computer

It seems bleeping computer is the one who is first reporting but as you can see if you go to the Gigabyte homepage. You’ll find that there homepage has been changed a little with the about us graphic being changed to this little blame the broker gif.   It is a reference to the BlackMatter that was recently been reborn from REvil and Darkmatter.  So this is definitely a sign that they have been hacked and attacked.  According to Bleleping Computers the attack was done by the RansomEXX gang but I have my own thoughts on this that it was also part of the BlackMatter group who also helped out in this hack.

Gigabyte Support

According to all sources I could find, the esupport website is currently down.  There have been reports that RansomEXX will release 112gb of data to the public that involves customers and business relationships such as Intel, AMD, and even American Megatrends.  I’ve not seen to much other than that right.   I can only imagine that all this data is NDA.   Gigabyte even confirmed this in the Chinese media outlet to have been attacked by hackers.

Customer Data

I don’t know what data the hackers actually have or what they intend to do about it.   I’ve not even heard what type of data the hackers have.   We just know that they have some serious data that is about the relationships between Gigabyte and other manufacturers that is startling to say the least and we don’t even know everything that is behind this attack.  We just know that it will be interesting to see what will happen in the coming weeks.  I’ve still seen people on twitter and other places complaining they can’t get to the esuppport websites on twitter.  Hopefully someone will talk about this in the coming weeks.  I know I want to find out what actually happened.