Microsoft confirms KB5036893 and KB5036892 patches break VPNs

Microsoft’s recent patches, KB5036893 and KB5036892, released April 9th, 2024, has been impacting VPNs for both Windows 10 and Windows 11 machines.

This issue affects all currently supported versions of Windows: Windows 10 21H2 and 22H2; Windows 11 versions 21H2, 22H2, and 23H2; and Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, and 2022.

Microsoft is working on a fix, but it seems to be impacting VPN connections backed by TPM certificates.

To uninstall the update, press the Start button and search for ‘Settings’. On the screen that appears, click on ‘Windows Update’ and find and tap on the ‘Update history’ option. Here, you will see a list of installed updates. If you are on Windows 11, find the KB5036893 update and uninstall it. However, those on Windows 10 will have to find and uninstall the KB5036892 update.

Alternatively, Use the command DISM /online /get-packages to find the name of the April update package (specifically the LCU “cumulative” package) and use the DISM/Remove-Package command line option to begin the uninstall process. Detailed instructions are listed at the bottom of Microsoft’s KB5036893 support page.

VDI infrastructure

Virtual Desktop Infrastructure (VDI) adding security to your organization

Virtual desktop infrastructure (VDI) has many benefits (among them):

  • A scalable infrastructure: Virtual desktops have become more appealing due to the cloud. By using adaptable infrastructure to provide resources as needed, the consolidation of the full VDI desktop infrastructure onto a host server lowers overall costs because businesses don’t have to purchase or maintain the necessary hardware.
  • Management structure: The virtual desktop infrastructure allows administrators to patch, maintain, and modify all virtualized desktops simultaneously. As a result, there is no need to repair and maintain the entire network of desktop computers on an individual basis. Moreover, in the event of a major disruption, the data center has all information backed up and supported.
  • Enhanced Security: VDI desktop services allow organizations to preserve and protect their sensitive information because the data isn’t stored on the users’ individual devices but within the data center. If the employee’s laptop, desktop, or other device is compromised, the hacker cannot access the organization’s data. Of course, the effectiveness of the security will depend upon the IT team’s vigilance regarding system management, and the authentication process for the remote users has to be rigid and scrupulously maintained.
  • Improved user experience. Employees are allowed to use the device of their choice in the manner of their choice, making the remote working experience easier and more convenient.
  • Lower cost. The overheads for maintaining legacy hardware will be lowered considerably due to the reduced need to upgrade and maintain in-office hardware.

Our team, in conjunction with our skilled engineers at GCSIT, can help your organization plan, procure, implement and support your VDI solution.

Microsoft NCE (New Commerce Experience) and how it will impact your organization

Microsoft is releasing the details of the Microsoft NCE (New Commerce Experience) on January 10th, 2022.

This is a price increase for Microsoft 365 and a change in the commitment process.

– January 10, 2022: Microsoft will launch the general availability of NCE for Modern Work and Dynamics 365 for indirect partners to offer to CSP re-sellers. Microsoft will also offer two time-bound promotions to incentivize users via their reseller partners, to migrate to NCE.

These promos are:

 5% off annual subscriptions January through March 2022 

Monthly subscriptions will be available at annual pricing from January through June 2022.  

So, this would require you to sign up with your reseller and change from a month-to-month contract to an annual contract. There is an option to stay month-to-month, but there is a 20% premium fee!

– March 1, 2022: There will be a price increase for the following products: 

Enterprise 
Office 365 E1: $10 (from $8)

Office 365 E3: $23 (from $20) 

Office 365 E5: $38 (from $35) 

Microsoft 365 E3: $36 (from $32) 
 

SMB: 
Microsoft 365 Business Basic: $6 (from $5) 

Microsoft 365 Business Premium: $22 (from$20). 

Please note Microsoft is NOT changing pricing for Microsoft 365 E5, Microsoft Business Standard, or the Frontline SKUs.

– March 10, 2022: All new subscriptions for Modern Work and Dynamics will be required to be procured through the NCE Platform.

  

– July 1, 2022:  All renewal subscriptions for Modern Work and Dynamics will be required to be procured through NCE Platform. Pax8 will no longer allow partners to renew customer subscriptions on CSP legacy. 

October 1, 2022: Incentives only available for NCE transactions (through MCI). 

  

– July 2023:  All non-migrated client subscriptions must be moved to the New Commerce Experience.  

  

What Does This Mean for You?

Moving to the New Commerce Experience will help you prepare for future growth thanks to improved revenue predictability, reduced licensing complexity, multiple term options, and features that enable new sales capabilities and operational efficiencies. You can expect: 

Term Options 

– Monthly term options at 20% premium – if you want to stay on month-to-month, there is a 20% premium in cost.

– Annual term options; upfront or monthly payments 

– Tri-annual term options; upfront, annual, or monthly payments  

Cancelation period is now 3 days, including day of purchase. There will be a full refund issued if canceled on day 1, and a pro-rated refund if cancelled on days 2 and 3. 

Windows 365: Windows 365 subscriptions will only be available via the monthly term offer on NCE. Windows 365 subscriptions will not be subject to the 20% premium for monthly terms at this time.  

Nonprofit and Education: Nonprofit and Education licenses will not be offered on NCE at this time. Non- Profit and Education products will not be affected by the price increases in March.  

secure data center

Cyber-security Training can save the day!

So you have secured your business.

Firewall, VPN for work from home, radius authenticated WiFi or perhaps an RDS gateway for remote desktops.  Anti-virus is up to date, patching is top notch, SaaS applications locked up with two-factor authentication.

What about educating your workforce?  Although Phishing is only the 5th most common primary cause of security incidents (per the Verizon 2020 Data Breach Report), following Denial-of-Service (DoS), data loss, Command and Control, or misdelivery of email/data – when it comes to data breaches Phishing is still number one.

Without a solid training plan for your employees, your business is at greater risk to have data compromised.

Top areas to look out for:

  • Social Engineering
  • Stolen Credentials
  • Malware (usually delivered via email)

According to Verizon, Phishing is the first step in about 20% of security incidents and plays a role in another 30% of secondary steps to gain access to your information.

Highlights by Sector

Financial and Insurance:

  • 1,509 incidents, 448 with confirmed data disclosure
  • What did they target, Web Applications, Miscellaneous Errors and Everything Else
    represent 81% of breaches
  • External to company (64%), Internal (35%), Partner (2%), Multiple (1%) (breaches)
  • Financial motive (91%), Espionage (3%), Grudge (3%) (breaches)
  • What did they get- Personal data (77%), Other (35%), Credentials (35%), Bank (32%)
    (breaches)
  • How do they solve the problem -Implement a Security Awareness and Training Program (CSC 17),
    Boundary Defense (CSC 12), Secure Configurations (CSC 5, CSC 11)

Healthcare:

  • 798 incidents, 521 with confirmed data disclosure
  • Miscellaneous Errors, Web Applications and Everything Else
    represent 72% of breaches.
  • External (51%), Internal (48%), Partner (2%), Multiple (1%) (breaches)
  • Financial motive (88%), Fun (4%), Convenience (3%) (breaches)
  • What did they get – Personal data (77%), Medical (67%), Other (18%), Credentials (18%)
    (breaches)
  • How do they solve the problem – Implement a Security Awareness and Training Program (CSC 17),
    Boundary Defense (CSC 12), Data Protection (CSC 13)

But my company is too small for someone to try and get our data!

While differences between small and medium-sized businesses (SMBs) and large organizations remain, the movement toward the cloud and its myriad web-based tools, along with the continued rise of social attacks, has narrowed the dividing line between the two.

As SMBs have adjusted their business models, the criminals have
adapted their actions to keep in step and select the quickest and easiest path to their victims.

Contact us to get more information on our security practice and how you can have your team trained on cyber-security awareness.

 

Can your small business survive during the Covid crisis?

The management stresses that are pressed upon small business owners during this time of crisis are many fold.  How do you keep your business afloat during the crisis that diminishes your ability to react, with your staff either working from home, or limited in their ability to interact with each other and customers.

hypervisor image

Working from Home has expanded dramatically during the Covid crisis.

Companies need to rethink their operating model based on how their staff work best, including operations and IT.  I know this is old news, but the push to digital tech is accelerating and the skill sets necessary to maintain, plan and grow as well as maintain appropriate security are becoming more and more difficult for small companies that don’t have the resources to employee multiple IT staff and keep their skills up to date.

This provides a new opportunity to review the benefits of a managed IT provider – providing a bench of skilled technology staff as well as a standardized approach to hardware, software management and security for both the endpoints and the overall company.

If you are unfamiliar with the managed IT business model, here is a quick overview: Managed IT services is a subscription based model, usually scoped around the number of devices, with pricing driven by consumption, monitoring, backups and security.   This model helps in several ways, but primarily it aligns the cost structure to drive positive proactive maintenance of both infrastructure as well as planning for future growth and expansion to minimize risk.   Risk management is something that every business understands.  The Managed IT provider assumes and manages much of the risk for the company it serves by applying standardized methodologies to your infrastructure and software systems.

Some questions to ask yourself to determine if your company is ready for a managed IT solution:

  • Do you have sufficiently trained staff or time to formally deal with proper maintenance, updates and repairs/replacement?
  • Did your IT team achieve its goals last year, or were they hampered by lack of time, skills or support?
  • Did your organization have too many outages or downtime?
  • Did you lose data due to lack of a proper disaster recovery plan, malware or ransomware?
  • Were you able to quickly pivot to a remote workforce and have the tools necessary to maintain and support that workforce?

These are all areas that a managed IT solution provider can help your business cope with the stresses and changes happening in the IT requirements due to Covid.

I recommend you reach out to your local providers and get a better understanding on how managed IT can help your business survive and thrive during these trying times.