Skip to main content
Please wait...

Pandemic gives VDI a new lease on life

1 day 14 hours ago

The COVID-19 pandemic and subsequent shift to working from home have brought about numerous technological disruptions, many centered around how organizations deliver IT services to their workforce. Technologies that were dabbled in before, like videoconferencing, have suddenly become standard practice.

Such is the case with Virtual Desktop Infrastructure (VDI), also known as desktop virtualization or thin-client computing. Led by vendors such as Citrix, Microsoft, Cisco, and VMware, it has been around for decades and hasn’t changed much in that time. But with companies’ entire workforces now connecting to corporate networks from home, sometimes without a company-issued laptop with a VPN and all the necessary settings for secure access, VDI is getting a second look.

To read this article in full, please click here

(Insider Story)
Andy Patrizio

How IT can keep remote workers’ Windows 7 PCs safe

2 days 14 hours ago

In the time of COVID-19, with so many people working from home, it’s inevitable that many will be using Windows 7 devices. And that’s a big security problem for IT. As of January 2020, Windows 7 is no longer supported by Microsoft. That means no security patches — particularly dangerous at a time when many people are connecting to enterprise networks from their Windows 7 PCs.

It adds up to one of the biggest security risks many companies have seen for some time. Unpatched systems can be more easily hacked than ones that regularly receive security patches. Hackers go after low-hanging fruit — and right now Windows 7 is the lowest fruit there is. As the FBI stated in an August 2020 warning to businesses:

To read this article in full, please click here

(Insider Story)
Preston Gralla

Why you need Apple support to secure the C-suite

1 week ago

I get it. You’re one of those enterprises that doesn’t (yet) support Apple products among employees, but does that moratorium extend to the C-suite? I’m willing to bet it does not, and that’s why even Windows-only IT shops must learn how to secure Apple’s products.

Ignore the fantasy, this is reality

The reality is that Apple’s products are popular at work. And while there are many businesses that don’t officially support them, one section of civil society that pretty much always does their own thing no matter what are the boys and girls in the C-suite. I can still recall the number of CFOs I spoke with early on in the iPad days who were deeply interested in trying the Apple tablet. Many did. At a time when no one else could.

To read this article in full, please click here

Jonny Evans

Windows 10 upgrades are rarely useful, say IT admins

1 week ago

A majority of IT administrators polled this summer said that the twice-a-year Windows 10 feature upgrades are not useful – or rarely so – a stunning stance considering how much effort Microsoft puts into building the updates.

About 58% of nearly 500 business professionals who are responsible for servicing Windows at their workplaces said that Windows 10 feature upgrades – two annually, one each in the spring and fall – were either not useful (24%) or rarely useful (34%).

[ Related: Windows 10 version 2004: Key enterprise features ]

Only 20% contended that the upgrades were useful in some fashion, while a slightly larger chunk – 22% – choose a noncommittal neutral as a response, claiming that the operating system's updates were neither useful nor not useful. (It might be best to consider this answer as undecided since in this binary world if something is not not useful, that must mean it is useful.)

To read this article in full, please click here

Gregg Keizer

How COVID-19 has changed IT’s focus and plans for 2021

1 week 2 days ago

The COVID-19 pandemic – and the lockdowns that followed last spring – wrought changes across IT operations and strategy as businesses and employees adjusted to a new environment. But what changes were made, and which ones are likely to last?

Spiceworks Ziff Davis, a B2B tech marketplace, polled 1,073 IT buyers in North America and Europe in June and July 2020 to find out. The results in its 2021 State of IT report, released today, show that the pandemic-fueled transformation will continue, affecting both planning and budgets for the long term.

[ Keep up on the latest thought leadership, insights, how-to, and analysis on IT through Computerworld’s newsletters. ]

The survey shows that 76% of businesses envision long-term IT changes, with more than half planning to retain flexible work policies (such as remote work); 64% of companies enabled remote work in 2020 due to the pandemic.

To read this article in full, please click here

Galen Gruman

A fat Windows Update for September's Patch Tuesday

1 week 6 days ago

Microsoft has released 129 updates to its Windows ecosystem, but the good news  this month is that we are not responding to any zero-days or publicly reported vulnerabilities. Microsoft appears to be getting serious about removing Adobe Flash Player (a good thing) and we see a very broad update to Windows desktops and servers. Unusually, Microsoft’s browsers are not a huge focus this month, and both the Microsoft Office (excluding SharePoint) and development platform have received only a few, lower profile patches.

[ Related: Microsoft revamps Windows Insider release vernacular ]

We have included a helpful infographic, which this month looks a little lopsided as all of the attention should be on Windows components.

To read this article in full, please click here

Greg Lambert

Beaucoup bugs beset this month’s Windows patches

2 weeks ago

Someday, you’ll tell your grandkids about the halcyon days of July and August 2020, when Microsoft took pity on us poor patching souls and introduced few bugs in its stew of Patch Tuesday patches.

Now, it looks like we’re well on our way to another mess.

[ Related: Microsoft makes 'major-minor' Windows 10 release cadence the new normal ]

Although it’s still too early to throw up your hands and peremptorily pass on the September crop, I assure you that there is no joy in Patchville.

To read this article in full, please click here

Woody Leonhard

Microsoft puts Application Guard for Office into public preview

2 weeks 1 day ago

Microsoft has launched a public preview of "Microsoft Defender Application Guard for Office," a defensive technology that quarantines untrusted Office documents so that attack code carried by malicious files can't reach the operating system or its applications.

On Monday, a senior cybersecurity engineer with the Redmond, Wash. company explained how Application Guard for Office worked and more importantly, walked customers through its operation – something that existing documentation omitted when the public preview was launched late last month.

[ Related: 10 productivity-boosting apps for Microsoft Teams ]

"Microsoft Office will open files from potentially unsafe locations in Microsoft Defender Application Guard, a secure container, that is isolated from the device through hardware-based virtualization," John Barbare wrote in a post to a Microsoft blog. "When Microsoft Office opens files in Microsoft Defender Application Guard, a user can then securely read, edit, print, and save the files without having to re-open files outside of the container."

To read this article in full, please click here

Gregg Keizer

With Patch Tuesday here, get Windows Update locked down

2 weeks 3 days ago

Every month we see the same pattern: Microsoft releases its Patch Tuesday regimen; the blogosphere flies into a frenzy about security holes that have to be patched right this minute; some patches have bugs; Microsoft fixes many of them in a week or two, warns about others, and stays mum on far too many.

Normal Windows users are left in the lurch. On the one hand, you have the threat of imminent malware mayhem. On the other, you have the threat of poorly tested patches. Wash. Rinse. Repeat.

[ Related: Windows 10 version 2004: Key enterprise features ]

It’s been like that for years. Don’t believe it? Computerworld has month-by-month details for the past three years here.

To read this article in full, please click here

Woody Leonhard

With Patch Tuesday near, get Windows Update locked down

2 weeks 3 days ago

Every month we see the same pattern: Microsoft releases its Patch Tuesday regimen; the blogosphere flies into a frenzy about security holes that have to be patched right this minute; some patches have bugs; Microsoft fixes many of them in a week or two, warns about others, and stays mum on far too many.

Normal Windows users are left in the lurch. On the one hand, you have the threat of imminent malware mayhem. On the other, you have the threat of poorly tested patches. Wash. Rinse. Repeat.

[ Related: Windows 10 version 2004: Key enterprise features ]

It’s been like that for years. Don’t believe it? Computerworld has month-by-month details for the past three years here.

To read this article in full, please click here

Woody Leonhard

Yes, you can install the August Windows and Office patches now

2 weeks 6 days ago

It looks like we’re good to go with Microsoft's August Windows and Office patches. The second cumulative update for Windows 8.1, KB 4578013, throws some Virtual Private Networks out of kilter, and the Win7 patches may knock out your printers (for those of you paying for Win7 Extended Security Updates). But most of the other bugs appear to be squashed.

To read this article in full, please click here

Woody Leonhard

Apple strengthens commitment to human rights with new policy

2 weeks 6 days ago

Apple has once again responded to critics with the publication of a human rights policy it says commits the company to “freedom of information and expression.”

Freedom of expression

“At Apple, we are optimistic about technology’s awesome potential for good,” says CEO Tim Cook. “But we know that it won’t happen on its own. Every day, we work to infuse the devices we make with the humanity that makes us.”

However, the document also points out that Apple is required to obey the law.

To read this article in full, please click here

Jonny Evans

Microsoft Patch Alert: August 2020

3 weeks 2 days ago

With Windows 10 2004 gradually creeping (I use the term intentionally) onto more machines, faults and foibles are coming out of the woodwork. It looks like a fix for the long-lamented version 2004 defrag bugs is on the way, but we aren’t there yet. Lenovo isn’t too happy with the August version 2004 cumulative update. It’s still too early to move to 2004, in my opinion — and those problems ensure I’ll keep 2004 off my machines for a while.

Meanwhile, Microsoft extended the end of support date for Win10 version 1803 — a move that’ll interest exactly nobody except for admins with aging Win10 machines. Windows 8.1 patchers got left out in the Remote Access cold for a week. The .NET security updates have an odd, acknowledged bug with a manual registry workaround.

To read this article in full, please click here

Woody Leonhard

TikTok sues the Trump administration, responding to potential U.S. ban

4 weeks ago
TikTok, the popular short form video app, has filed a lawsuit against the U.S. government, calling the potential U.S. ban an extreme action. At first glance, this lawsuit may mirror another one filed by a different tech company, Huawei. While both Huawei and ByteDance, the owner of TikTok, are Chinese tech companies, the proposed U.S. bans of each of these companies are different. Juliet breaks down why TikTok may fare better in the face of a potential ban than Huawei. More on TikTok’s alleged security threats: https://youtu.be/LzeIOH2U8-8 Check out my latest video about the Huawei ban: https://youtu.be/bDXc7xeS5OE Sources-- https://www.nytimes.com/2020/08/24/technology/tiktok-sues-trump-administration.html https://newsroom.tiktok.com/en-us/tiktok-files-lawsuit Follow Juliet on Twitter: https://twitter.com/julietbeauchamp

Microsoft adds 6 months support to Windows 10 1803, again cites pandemic

4 weeks 1 day ago

Microsoft on Wednesday stretched support for a third version of Windows 10, again citing the coronavirus pandemic and its impact on business.

The Redmond, Wash. developer extended security support for Windows 10 Enterprise 1803 and Windows 10 Education 1803 by six months, to May 11, 2021. The original end-of-support date was to be Nov. 10.

[ Related: Microsoft makes 'major-minor' Windows 10 release cadence the new normal ]

"We have heard your feedback and understand your need to focus on business continuity in the midst of the global pandemic," Chris Morrissey, who leads the communications team for Windows' servicing group, wrote in a post to a company blog. "As a result, we have decided to delay the scheduled end-of-service date for the Enterprise, Education, and IoT Enterprise editions of Windows 10, version 1803."

To read this article in full, please click here

Gregg Keizer

Did Microsoft just solve a big business iPad problem

1 month ago
One of the most disappointing things about iOS devices as business devices, and one of the things that keeps the iPad from being a true computing solution, is that there is no support for multiple-user accounts. An unlikely ally is determined to solve the problem for Apple. A future version of Microsoft Authenticator will allow for a multi-user iPad experience.
Ryan Faas

Google to trial drastically truncated URLs in Chrome in anti-phishing move

1 month ago

Google will run a trial with Chrome 86, the browser set to release in October, that will hide much of a site's URL as a way to foil phishing attacks.

"We're ... going to experiment with how URLs are shown in the address bar on desktop platforms," Emily Stark, Eric Mill and Shweta Panditrao, all members of Chrome's security team, wrote in an Aug. 12 post to a company blog. "Our goal is to understand -- through real-world usage -- whether showing URLs this way helps users realize they're visiting a malicious website, and protects them from phishing and social engineering attacks."

To read this article in full, please click here

Gregg Keizer

Xcode becomes vector for new Mac malware attack

1 month 1 week ago

Trend Micro has identified an insidious new form of Mac malware that is propagated by injecting itself into Xcode projects before they are compiled as apps.

So good they tried it twice

We’ve seen a similar attack before. The so-called "XCode Ghost" was a malware-infested version of Apple’s developer environment that was distributed outside of Apple’s channels. Apps built using the software were preinstalled with malware.

To read this article in full, please click here

Jonny Evans

A zero-day and testing of key printing features will drive August Windows updates

1 month 1 week ago

Though a DNS spoofing vulnerability in Windows (CVE-2020-1464) has been rated as a zero-day due to reports of exploitation in the wild, the focus for this month’s updates should be on testing key Windows features prior to deployment. Primarily, printing and back-up scenarios will require your attention. You will also need to work with multiple and potentially overlapping updates to Window and the .NET development platform and, in some cases, Windows Store updates to your application portfolio.

Given the number and nature of changes we have seen in the update testing cycle during the past month, we advise a “Patch Now” approach to Windows 10, but with an extended test cycle on printing and more attention to the Windows 8.x platforms.

To read this article in full, please click here

Greg Lambert

Managing Windows 7 security risks

1 month 1 week ago
We’ve heard security experts warn that remote employees working on personal devices running old operating systems, like Windows 7, pose a huge security risk to enterprises. With some work from home regulations extending into 2021, IT teams will continue to manage employee devices and mitigate security risks remotely. Computerworld contributing editor and Windows expert Preston Gralla joins Juliet to discuss why Windows 7 is a security risk and what IT teams can do to manage that risk as employees continue to work off of unsecure personal and company devices.
Checked
22 minutes 23 seconds ago
Computer World Security
Subscribe to Computer World Security feed

About SecurityFeeds

SecurityFeeds Logo

Tim Weil is a Security Architect/IT Security Manager with over twenty five years of IT management, consulting and engineering experience in the U.S. Government and Communications Industry.  Mr. Weil's technical areas of expertise include IT Security Management, Enterprise Security Architecture, FISMA Compliance, Identity Management, and Network Engineering. Mr. Weil is a Senior Member of the IEEE and has served in several IEEE positions.