Category: Windows Update

Security News for this Month and How that affects you!

Paul

tpm chip on imac.png

Hackers get around TPM

According to Arstechnica, a hacker was able to get around TPM in under 30 minutes.  It seems impressive for someone to be able get around something that Microsoft thinks helps secure your operating system.  I’ve been doing some major research into how secure is the TPM and secure boot.

Getting around the TPM in this manner is akin to ignoring Fort Knox and focusing on the not-so-armored car coming out of it.  — Arstechnica

Fort Knox is way better than a TPM, it just means that people don’t realize the vulnerabilities of the the TPM.   It is still relatively new and people just haven’t had the chance to thoroughly test the trusted platform module.

BlackMatter is Reborn

With Revil and DarkSide getting shut down, we now see that BlackMatter could really be just a simple name change from Darkside.

And sure enough, a recent detailed forensic analysis of the cryptographic algorithms being employed by an apparent newcomer named “BlackMatter” suggests that BlackMatter is actually DarkSide 2.0. — Steve Gibson

It seems that they have left the affiliate model and now are looking for the IAB(initial Access Brokers) to be able to infect computers and networks that might bring them some great revenue from ransomware.  Ransomware is getting more and more common and I can guess that they will start to use something like this to infect companies computers.   I doubt they will infect targets that are going to be bring them to much attention.

Print Nightmare is a feature not a bug!

I keep saying this but the Print nightmare that is being talked about last month will probably never truly be fix because Microsoft created this issue in the early days so people could easily print to any system.   Microsoft has been trying to fix some of the issues but I doubt they will ever fix them all.  The idea that it is a zero day, is something that Microsoft didn’t expect but most researchers would have said it was probably possible for several years at the least.  I am sure this will be used with a number of other things such as the Boothole exploit.  Although this has already be patched by most Linux distro, there are some that just won’t update due to not being able to or wanting to.  So there are going always have people who will not see a need to update their systems.  .

The First 6 months

Most researchers have said this but in the past 6 months there has already been more attacks than last year.   Although most of malware and ransomware writers were all just like everyone else watching what is going on in the world and covid19.  They probably weren’t very busy last year and now they need to fix that by showing us how much more they can do.   I am sure it will even be better the next 6 months but I am also hopeful the Russians government will keep putting pressure on the virus writers to keep their acts clean and leave companies alone.  I doubt it but I can only hope.

What’s your thoughts on all that has happened this year?  Do you think it will slow down or get even faster?  Do you think we will see more computers getting compromised even with TPM and Secure boot enabled?  Let me hear your thoughts.

My Initial thoughts on Windows 11!

Paul
Windows 11 — Just is!

It’s like pulling teeth!

I finally installed Windows 11 Windows Preview build into my system. Later last week I was wondering what they had done with Windows 11 and requirements. So I thought it would be a great idea to try to install Windows 11 with my current system that I built last year. Thanks to building this system just last year and thinking ahead, I got everything I could to prepare for the future needs. I even made sure it had TPM 2.0 just in case, I thought I’d not need this. I guess I was completely and most definitely wrong. I will say after talking about how to update Windows 10 to GPT and Secure Boot, that part went rather smoothly. I did find that if you have a Linux partition and a Windows partition then the converter will not be able to work. I had to erase the Linux Mint Distro partition to be able to convert it to GPT. I however divided the size to possibly install Linux mint along side Windows 11. I am curious to see just how well that will happen. That’s my next step in the next few days.

I didn’t like the setup

After converting the partitions and joining the Windows insiders program, I was able after a few attempts and fixing the CMOS.  It seems strange that I had to keep going into CMOS to enable even more things than I initially thought.   I had to enable secure boot, UEFI, and PTT (For those on Gigabyte Motherboards).   It wasn’t easy to say the least, I’d update one and the other and find out I had to enable more in the bios so Microsoft would see I met the requirements to download and install Windows 11.

Privacy is a Real concern!

I know on my Windows 10 system, I didn’t have my account linked to Microsoft but when I installed Windows 11.  It automatically linked my account to Microsoft.  I’d think if I am upgrading to Windows 11and it sees that it was a local account it would not link it to the Microsoft account.  The Bad news was I had to delete that account and remove all the data so Microsoft wouldn’t be watching me.  I had to re-install all my apps and loose some of my personally files but it was worth it to keep the information safe.  I wish I could of had an easy way to go back to my local account without having to jump through so many hoops.

It’s Just isn’t that good!

So far, after only using this for so many hours.  I can’t see any major differences that I will like.  The Start button will be an issue because I just don’t like it in the middle.   Also finding what I might need in the Settings is a little bit more interesting and difficult for me because they looked like they buried some of that.  I have also noticed the Windows 11 hack to revert my Windows start menu doesn’t work.  I’m going to try the Windows 11 preview builds some more but I am not that impressed with them and I might just go Windows 10 when Windows 11 finally get’s released unless they allow the users to use windows there own way, like No TPM, Or Secure boot.  I hope Linux will hurry up and make it easier for people to install Linux along side Windows 11.  I am almost sure there is a way just haven’t had time to explore the possibility.

Boot Times

After install Windows 11 and using my NVME drive, I have found the boot times to be a bit longer.  That was to expected because of the encryptions that is being used to quote “Secure” windows from any virus tampering.   I can’t see this being an extreme issue but I don’t  like the fact that it takes several more seconds on my NVME to boot up Windows when it would just boot almost instantly with my NVME.   They better fix that problem also because I don’t care about their so call security if I am sitting there waiting for the system boot.   All in All the Windows 11 experience isn’t as much a good thing as a bad thing.   I already know Virus writers are creating viruses to get around the so called security and I have done some research on the topic.  I can’t wait to say to Microsoft “I told you so“.

What’s your thoughts on Windows 11?  Have you tried it?  Will you install it even with the TPM and Secure boot requirements?  I’d like to hear your thoughts on the issue.  Why not leave a comment and tell me what you think about Windows 11.

 

How to problem solve a motherboard post issue

Paul

Motherboard

Motherboards are all different

Anyone who has been working with motherboards for years, probably will say this also.   Motherboard manufacturers all create their own unique motherboards to try to be different from the other.  That is the first thing for those who have issues with your motherboard and having difficulty trying to figure out what is causing your motherboard not to post or even show any signs of booting.   It can be a multitude of things that might be the cause of the issue and we’ll talk about each and every one that might be the reason for the problem.   Each issue might be a little bit different and that can bring on some more issues or concerns.  Don’t get discouraged because you can’t figure it out or know where to start.

Loose wires

This is the first place I look when I have this issue of nothing showing up or even looking like it is even going to boot.   Even a loose wire might prevent the system from starting up or even getting into the bios.   I’ve seen this at least once or twice that there was a SATA cable that was partially not plugged in and the system was just stuck and not trying to boot.   It’s usually the first place I’d look if the user says they just moved their system and now the system won’t boot because some wire somewhere came loose.   It’s usually the easiest fix for some problems.  It however isn’t the only reasons that the system might not boot.

Memory Modules

The memory modules which can be anything from DDR1 to DDR4 depending on the motherboard.  Memory sticks can go bad over time and this is usually what causes a lot of issues.  I usually just pull out all modules and start booting with just one until you find the culprit.   If it boots replace that module with the next module and see if the system still boots.  If it doesn’t then you have the issue the module is bad but if all of them boot or the problem persists than the modules aren’t the problem.  Then you will need to check other areas.

Check GPU

If the system has a GPU than this might also be the issue.  You can try to remove it and see if you can get the system to post by using the systems graphics processors if it has one.  If not you might try a cheap gpu to see if the system will post after you swap the GPU.  It’s usually not the GPU but you never know and that is where I find the problem can be sometimes.   Also if the GPU is getting to hot the motherboard might not post to protect itself and that might be the issue.   You can always redo the GPU and put new thermal paste down to help it keep cool.  I’ve found the thermal paste sometimes goes bad.

Check Hard drives

This is where I usually go next.  It can be as simple as a hard drive issue that is causing the system not post or boot into bios.   Strange as this might seem the issue can actual cause this to happen and the system will just not boot.  unplug all SATA cables and pull any NVME drives and try booting.  If it was the issues the system will at least boot to bios after that.  If it is the problem just slowly start with operating system boot drive (NVME or SATA) and see what happens until you get back to a no post issue.  When you do this you might find it is time to replace the SATA or NVME if it is that.

Reset Bios

This is usually where I go next when the problem persists and nothing seems to work.  It can be a problem in the bios and you’ll need to reset it or clear the bios memory,  to see if the problem persists.  Sometimes the bios has issues of its own and you will need to clear the bios and see if you can get the system to post.   Also if it does post, it might be time to update the bios to see if that will also help resolve the issue later on.  Sometimes even updating the bios seems to resolve the issue even better than just resetting the bios.

CPU or Motherboard

If you have done all that and the system still doesn’t boot, you know it is either the CPU or motherboard that is bad and that is where it gets interesting.  If you have another CPU that you know works, and you can put it in there to see if the system boots.  Also check the thermal paste on the cpu, if it is getting too hot on the cpu that might cause the system not to boot.  That would be my first thing to try to see if this will resolve the issue.   If not it might be time to buy another CPU or Motherboard.   It can happen that the mother just goes bad for whatever reason.   I’ve not seen it but I’ve heard about it that the motherboard can go bad.   If you can’t get the system post that is the final thing you can do to get your system running again.  Replace the Motherboard and RMA the motherboard.

Want to say thank you?  Why not buy something from my Affiliate links to say thanks.  Anything you buy with my affiliates helps me with my blog and what I love to talk about.  Thanks.

 

5 portable Apps that will save your time on your computer!

Paul
Picture by Gerd Altmann on Pixabay

Give it a chance

So you have a client who has some computer problems, and you don’t know what to do?  I am here to help you with that problem.  It can’t be easy for some to know exactly what you might need for those uncertain times.   There are multitude of problems that you’ll see in your computer technician job that will need to be resolved.   Here is a little bit of a list of apps that I use on a daily or weekly process to repair and upgrade systems.  Some of these will help me fix problems or even problem solve the answer.

Sysinternals Suite

Process Explorer

This bag of applications brought to you by Microsoft is the cream of the crop.   If you haven’t downloaded the who suite of tools from sysinternals.  You really should  do it now.   I really like the process monitor and process monitoring tools to help me see what might be wrong with a system.   It’s got a whole lot of apps to use when you need to either kill an app.   I could go on and on about this pack of apps from Microsoft but it is definitely a grab bag for me.  This is something that I have on my USB for when I might need it.

CloneZilla

Clonzilla Live CD/USB

Another great app that you can load on your USB and use it when you need to copy partitions or even whole drives from one drive to another.   It is a free utility that you can use on any system.  You’ll just need to create a bootable USB.   I use the app call YUMI to create a multiboot usb and put all my favorite and important ISO on the USB for when I need them.

Portable Apps

Portable Apps

This is another one that I put on my USB just to be cautious and know that I don’t have to use anything on a system that I might not trust. They’ve got a slew of apps that you can use for everything that you might need. What I like about portable apps is they even have antivirus and password generators. They have a lot of what I will use from time to time because they just make it easy to scan an infected system from my usb without having to load the antivirus before boot. They have some great tools all around and You should check them out.

RevoUninstaller Portable

This is great utility to remove all the crap that any system that you buy from a store or even from Amazon will be removed without much effort from you.  You can run this off a USB or even install it and remove all the stuff that gets loaded on from the Acer, Dell, or other OEMS.   It helps me out really well because I have seen clients systems speed up by removing all the annoying programs that aren’t even being used.

Windows Offline update (WSUS)

Windows offline Update (WSUS)

Let’s face it, if your client hasn’t updated their system for quite some time or the system in question doesn’t have a way to update because of no internet this is the best solution for you.   Download the updates and put it on a USB.   Most of the time, it will be a good around 20gb or 30gb depending on which windows updates you get from Windows 7 to Windows 10, you will have each one being like 3gb or 4gb a piece.   It actually helps me when it comes to updating a client’s computer without having to wait for it to download the updates.   I can just update and reboot.  This has been a great time saver for me when it comes to being a computer technician.

What’s your favorite portable app or even just an app that you use on a regular basis.  I’d like to hear what yours is and why.  Why not leave a comment and tell others and help others who might not know of a good app to use.

How to Convert your Windows 10 from MBR to GPT

Paul

Securing Windows 10

It’s complicated is what I’ve heard from people all around the world. The idea that We have to figure how to turn our Windows 10 into a secure boot, can seem difficult at best. Just like Unified Extensible Firmware Interface (UEFI) isn’t always labeled right in the bios and that can be hard to find.   It seems that all the motherboard manufacturers wanted to make it extremely difficult for anyone who might want to enable or disable UEFI to be able to do it.   Then add on to the fact that the Motherboard manufacturers also made it hard to figure out how to turn on TPM in the bios also.   Can seem quite maddening to most because each manufacturer didn’t just call it TPM or UEFI.   Some of them Call it PTT (The intel Platform Trusted Technology) or even the AMD which is called fTPM(Firmware Trusted Platform Module).   Although the AMD version is a whole lot easier to understand since it does say TPM.  Intel on the other hand can be hard to find or even know what PTT stands for unless you google it.

Checking your system

The first step you should always do is make sure you can do this in the first place.   If you haven’t read my other post about this, I’d go over there and check to make sure you can do this in the first place.   As of currently Microsoft has stated that the requirements are the same for the previous few weeks.   So I don’t know if they will change when the final release comes out but it could very well change.

Have backups

Before I talk about the upgrading or updating your boot system to allow you to boot into Windows 10 Secure boot.  I’ll make this statement, please consider backing up all your important files that you might want to keep to a USB Flash Drive or even portable HDD or a HD that you can unplug from the bios to keep your important files safe while the upgrading of Windows 10 is being done.    What you do after this is on yourself and no one else.

can you upgrade to secure boot?

If you have checked the previous post and turned on what you can besides secure boot, but you know you have it.  You’re pretty much set to upgrade Windows 10 from Master Boot Record (MBR) to GPT(GUID Partition Table).  The process for converting your Master Boot record is relatively simple but will require you to boot into a Windows 10 on a USB!  Once you have done that you will then want to get to the command prompt the easiest way is to hit Windows+S and type in cmd then right click run as administrator.  Now you’re at the command problem.  Now is where the fun starts.

Type in :  mbr2gpt.exe  /allowFullOS /convert

Let it do it’s conversion and once done you’ll need to reboot but before you try to log into Windows again, you’ll need to go into the bios and enable secure boot.   Depending on how much Windows 10 needs to go through a new startup process will depend on the way GPT was converted.  It may take a few minutes even on the fastest system for Windows 10 to fully boot or it could be just as quick as before.   Once Windows 10 is booted, I suggest verify all your files are there and that everything is working correctly.   You might need to update software but that shouldn’t be to much a problem.   After That if you are on the Windows Insider Program than go check for updates and Windows 11 should be able to install.  If it still says you can’t upgrade I’d go back and check Whynotwin11 and Find out if you haven’t enabled TPM or what version of the TPM it is.   Other than that you should be set to go.

Enjoy Windows 11 Preview builds.