Patch Tuesday September 2022: lots of security update labour for your small business this month. Be sure to back up your devices before updating.
Last week Apple released iOS 16 for newer phones and 15.7 for older phones. Today (September 13th) Apple patched two zero day vulnerabilities for affecting most MacOS and iOS users. Hackers are exploiting these vulnerabilities right now. Patch now.
More details on the Apple Zero Day vulnerabilities here.
I really wish Microsoft would spend less time on putting junk into their operating system and more time on security. In the last few months of updates Microsoft has broken sound cards, boot processes, printers, and power management while putting on Search pretty pictures, more crap on the News tab, and their Store Content, Your Phone, Microsoft Account login which no one wanted and make the operating system slow. End of rant.
Today Microsoft released patches for over 64 vulnerabilities over all the products.
The most worrying vulnerability is a privilege escalation flaw in the Windows Common Log File System Driver. This flaw makes it easy for hackers to take control of the operating system. Antivirus and/or firewalls do not protect you from this vulnerability. Patch now.
This is the second time this year Microsoft has patched this driver.
I still don’t recommend you upgrade to Windows 11 for your business machines. It’s been almost a year since Microsoft rushed out this operating system to sell laptops at Christmas time. There are still a lot of problems.
The problem I am seeing frequently is with File Explorer freezing or not updating the view.
That’s on top of the Windows 11 visual redesign that makes it difficult to find settings.
The only improvement on Windows 10 is the ease of changing and adding Microsoft 365 accounts. Given that Microsoft forces the use of those accounts instead of local computer accounts in Windows 11 it’s nice they made the effort. I would prefer being able to use a local computer account. It makes it easier when switching over employees and also when there’s no Internet.
September 2nd and Snapdragon roars with vulnerabilities. Qualcomm Snapdragon is a chip used primarily in smartphones and tablets and primarily for video and music. Snapdragon is in a lot of Samsung Galaxy phones and tablets, Sony Experia products and Lenovo tablets. Expect snappy updates from your phone or tablet maker soon.
Snapdragon has a history of wicked vulnerabilities. In 2020 there were over 400 alone many of which allowed hackers to take over the device.
This month Adobe patched InDesign, Photoshop, Illustrator and some other products. Windows users can expect nagging from the Adobe Creative Cloud program. Adobe updates can mess with Windows updates so run these updates before Windows updates.
The WordPress folks released updates August 30th which fixed three security problems. Your web site should be on WordPress version 6.0.2.
This update invoked updates for most of the popular plugins.
An ounce of patching is cheaper than a pound of hacking.