Per Microsoft: June security update might fail to install with error code 0x80070002 Status Resolved Affected platforms Server VersionsMessage IDOriginating KBResolved KB Windows Server 2016 WI1395301 KB5094122 – Microsoft received reports that the June 2026 security update (the Originating KBs listed above) might fail to install on some devices running Windows Server 2016. This issue […]

I’ve updated the master patch list here.  Please note I am not recommending installing updates at this time, we are just testing and reporting. I’ll be updating that page and monitoring for issues. As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much […]

This month Microsoft released a record number of vulnerabilities.  208 in fact. We are on track to have a bumper crop of vulnerabilities. Is the reason we are having so many identified due to artificial intelligence? There’s no detail as to how the vulnerabilities were identified. The currently exploited bug in the form of CVE-2026-41091 […]

Chrome has had a zero day patched yesterday.  We had Microsoft Build last week (gee golly AI agents I can hardly wait), and Apple is also having their developer conference this week where AI is now in the search on Safari. Meanwhile in the real world of real users using actual operating systems, just a […]

ON SECURITY By Susan Bradley Normally, I like to give actionable information. This article won’t do that. Sure, I’ll give you a few tips here and there, but for the vast majority of this week’s column, I’ll be pointing out instances of vendor arrogance. I’m going to begin with Microsoft (of course, and deservedly so), […]

ON SECURITY By Susan Bradley Passwords. We’ve had them for a long time. They’ve served us well. But they are also subject to attacks — phishing and spoofing. Microsoft and many other vendors want us to move to passkeys. Unfortunately, the transition has not been easy or clear. Passwords are what we are used to. […]

ON SECURITY By Susan Bradley The “edge,” by which I mean the network hardware standing between the Internet and the PCs and devices on your network, is a first line of defense against attackers. What’s on your edge? At any point during the day, attackers are out to get someone. You may not be the […]

Microsoft has a post geared towards businesses setting the expectations regarding an expected bumper crop of vulnerability disclosures that are expected as a result of AI tools. We’ve already seen the impact on Apple. We will see more CVE’s (or vulnerability counts) per month, but I don’t foresee that we will get more patches. Mind […]

I’ve updated the master patch list here.  Please note I am not recommending installing updates at this time, we are just testing and reporting. As I wrote on that page: Too early to tell if there are issues this month.  So far the most interesting thing is seeing some folks report seeing two extra updates on […]

We’ve already had Apple release their deluge of updates yesterday, today is Microsoft’s turn. Just a reminder we are still on our journey of getting secure boot updates — but don’t worry if your machine doesn’t have secure boot enabled or doesn’t have the latest in secure boot patches, it will still boot. Up first […]

I was reading the post of Mikael Nystrom, who regularly consults and assists with businesses and deployment. One of his comments caught my eye — the boring but important stuff. He offers up a PowerShell script to review UEFI & Secure Boot TPM & BitLocker VBS, Credential Guard, HVCI LSA protection / LSASS PPL Defender […]

Many days ago, Microsoft posted an IT pro-focused post on patching and a Windows Autopatch report. What caught my eye was the recommendation to install the latest security updates as follows: Within 3 days to be considered current (and reported as current) Within 7 days to help ensure devices aren’t subject to vulnerabilities (and reported […]

Erland Sommarskog reached out to me regarding a new project: ErrorCodeReference (ECR). If you’ve ever been stumped by the useless and unhelpful Microsoft error codes, check out the site. For example, let’s check out a recent post — which points to error 0x80070643. My two cents regarding reading the suggestions: overall, very good advice. But […]

ON SECURITY By Susan Bradley One thing the World Wide Web has done in recent years is introduce new ways to scam, trick, entice, and generally be a drag on our time — and potentially a hit to our pocketbooks. Here are some threats I’ve seen in recent months. Read the full story in our […]

I’m not yet ready to give my final word on operating system updates, but for sure it’s time to check your browsers. Firefox 150 is out with new features and fixes to 271 vulnerabilities found with AI techniques and the Claude Mythos preview. I expect to see similar bug counts in all of the browsers. […]

I’ve updated the master patch list here.  Please note I am not recommending installing updates at this time, we are just testing and reporting. Too early to tell how the month will be and if we will have any out of band updates to fix issues.. I’ll be updating that page and monitoring for issues. As […]

Public service announcement for April 2026: Today is Patch Tuesday and it’s landing the day before the US Tax filing deadline. If you haven’t filed your income taxes, there is still time to file an extension.  This is also not a good day to be installing updates to your computer you will be using to […]

Spotted an interesting post that discussed how to ensure your health information doesn’t get slurped up by other sites. While this was discussing Covered California, the same is true for other websites. Change browser settings to be more aggressive on blocking things. Install privacy browser extensions (ones that you and the community trust) Have multiple […]

Whenever I hear or see headlines about a “supply chain vulnerability,” I think in terms of big enterprises and delivery of goods and services. You know — supplies. But in technology, the term “supply chain attack” means that an attacker has gotten into something trusted — such as a software vendor, service provider, hardware supplier […]

The attackers are better at understanding and using the cloud than we are. Seriously. Consider this a business post, one to discuss with your technology provider. CISA urges anyone using Intune to control and support workstations to do a better job protecting them. Recently, attackers gained access though Intune – Microsoft’s cloud control offering – […]