- End of Life for Windows Server 2012 – This will be the last month of updates, including bug fixes, security updates, etc., for Microsoft Windows Server 2012. If you still have Windows Server 2012 installed in your environment, Microsoft strongly recommends making plans to decommission it as soon as possible.
- Changes to the MyIT Program – We are in the process of making some changes to the MyIT Program that we’re pretty excited about. The biggest and most visible change for most MyIT Customers will likely be related to communications. There will be some changes to the monthly report as well as some reminders about systems that may need extra attention. More on this to come but we’re excited about the opportunity to provide more value to our MyIT Customers!
2023 Holiday Schedule
It’s hard to believe that the holidays are already upon us once again. We will be closing the office for the Thanksgiving, Christmas and New Year holidays based on the schedule below and, as always, emergency support will be available for our Commercial and MyIT customers at holiday rates. Non-emergency support requests will be addressed based on priority and the order received as the office re-opens. Please see our FAQ page for details on hourly rates, emergency support and our Triage process.
Thanksgiving
- Closed Thursday and Friday, (23 and 24 November 2023) and returning to normal business hours on Monday, 27 November 2023.
Christmas & New Year
- Closed Monday, 25 December 2023 for Christmas Day, returning to normal business hours on Tuesday, 26 December 2023.
- Closed Monday, 1 January 2024 for New Years Day, returning to normal business hours on Tuesday, 2 January 2024.
Apple earned an honorable mention this month, patching their 17th zero day vulnerability this year with emergency updates for iOS 17.0.3 and iPadOS 17.0.3 to patch CVE-2023-42724, which is being actively exploited to give attackers elevated access to the devices.
Microsoft released security patches for more than 100 newly-discovered vulnerabilities in it’s it’s fleet this month, including patches to a number of zero day vulnerabilities that are already being exploited in the wild. One of the vulnerabilities (CVE-2023-44487) is actually a vulnerability in the HTTP/2 protocol and not specific to Microsoft’s products. Another vulnerability (CVE-2023-35349) is a vulnerability in the Message Queuing (MSMQ) service which is specific to Microsoft but it isn’t enabled by default. This vulnerability though is a remote code execution vulnerability and it did score a CVSS score of 9.8 (out of 10).
Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or Critical, it’s important that the updates are installed.
Additional details on this months Microsoft updates are available from the Patch Tuesday Dashboard, Tenable , Bleeping Computer, and Krebs on Security.
Adobe has released multiple security updates and patches that address vulnerabilities in Adobe Bridge, Commerce and Photoshop. We recommend keeping your Acrobat or Reader software up to date, you should be able to check/install updates by going to the “Help” tab, then “Check for updates”.
Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc
Additional details are available from Adobe Here including links to download the update(s) and instructions for installation.
Need IT Support for your Home or Business? We’d love to help!
Are you a small to medium sized business looking to leverage technology and enable your business and workforce to work smarter and more efficiently? Do you already have computers, servers, firewalls, VPNs or other technology that you’re not taking full advantage of? Are you looking for an IT Service Provider who understands small to medium sized businesses needs and the challenges that we face that can work with you to grow your business rather than just sell you time?
Cyber Tech Cafe an IT Service Company with a focus on helping small to medium business get the most out of their technology investment. As a small business ourselves, we understand the challenges you face and have designed our service offerings to help you get the most out of your technology dollar. We offer on-call, as needed support if you just need a quick fix or extra set of hands right now. We also offer maintenance plans that we call “MyIT” that are designed to address the most common concerns (patch management, disaster recovery / backup, log review, etc.) that are based on the number of workstations and servers that you have and have no term contract. We believe that, if you find value in what we’re doing, you’ll find a way to keep us around without contract saying that you have to.
If you have questions about the MyIT plans or have an IT need that you need addressed right now, let us know. We look forward to the opportunity to earn your business.