Monthly Archives: November 2015

AVG

Windows 10 November 2015 Update – What You Need To Know

Microsoft recently rolled out its first big update for Windows 10, or as they call it “November Update/ Version 1511”. While it’s not a massive change, it brings along a couple of new features to the table. This article shows you how to get it, what’s new, and how to solve the top issue that users encountered with this new Windows 10 build.

 

What You Need To Know

 

It’s coming to Xbox, too
If you’ve got an Xbox One, you’ll be getting the entire backend of Windows 10 including all its performance enhancements along with a major UI redesign and backwards compatibility with over 100 Xbox 360 games.


New color schemes
You can now apply the color of your taskbar to all elements (windows, action center etc.) of Windows to make it look not just white, here’s an example:


Edge browser with previews
Microsoft’s much cleaner and leaner “Edge” browser now sports a tab preview if you hover your mouse-over it:

Edge browser with preview

You can also stream any video from within edge to a DLNA or Miracast enabled device, such as an Xbox.


Cortana improvements
Microsoft Cortana, which is similar to Google Now and Apple’s Siri, now tracks movie or event registrations and reminds you two hours before the event starts. It can also track Uber rides to tell you when your driver will be arriving. You can now also use the “Ask Cortana” feature within PDF documents and ask it for specific words and find more about a certain topic.


Find my device
Afraid of your laptop getting stolen? Then you can use the new Windows 10 Update to frequently store the location of your device so you can track it – just in case. You’ll find the new “Find My Device” feature in your settings window under “Update & Devices”.

Windows 10 find my device feature

 

Five Tips To Get You Started

 

Not getting the update? Try this.
If the 1511 November update is not appearing for you, make sure you’ve not upgraded to Windows 10 in the past 31 days, otherwise Microsoft wants to prevent you from losing the ability to revert back to Windows 7 or 8, just in case. But once that month has passed, you’ll be able to upgrade.

Also, you should make sure that you’ve not delayed updates to Windows or that this setting hasn’t been set accidentally: Go to your settings app (click on Start and then on Settings), go to Updates & Security, go to Windows Update and Advanced options. Make sure that Defer upgrades isn’t checked. Go back and click the Check for updates button.

 

Want to clean install? Here’s how.
If you’ve upgraded from 7 to 8 to 10 to this November release and feel your PC has just too much crud left, we recommend trying out AVG PC TuneUp to clean up upgrade leftovers and junk.

In some cases a clean install may be the only solution to get your PC back up to speed. Microsoft originally announced that you could download the DVD files (ISO) from https://www.microsoft.com/en-us/software-download/techbench and create a bootable USB using the Media Creation tool, however, they have since made some changes, as reported here by ZDNet, that you should be aware of.


Got a flickering start menu? Try this.
A lot of people seem to have issues opening up the start menu or getting random flickering. To solve this problem, do this:

  1. Press CTRL+SHIFT+ESC to open task manager. Next, click on File and Run New task.
  2. Check the Create this task with administrative privileges
  3. Type in Powershell and hit OK. Then type the following command (better to copy and paste it):

    $manifest = (Get-AppxPackage Microsoft.WindowsStore).InstallLocation + ‘AppxManifest.xml’; Add-AppxPackage -DisableDevelopmentMode -Register $manifest

  4. Hit Enter, close the window and reboot. This should solve the flickering.


Check the advertising settings
Microsoft now uses the Start menu to show ads for new apps. If you want to turn this off, open up your settings app (Start and then Settings) and go to Personalization. Click on Start and then uncheck the Occasionally show suggestions to Start entry to turn this off.


Sync your Edge settings
Ready to move away from Internet Explorer and over to Edge? The only thing that held me back was the browser synchronization, which is now built-in as of this new update. Open up Edge by clicking on the Edge icon (not to be confused with the purposely similar looking IE icon):

To sync settings and import your IE browser favorites, click on the three dots in the top right and click on Settings. Scroll down and click on Sync to enable it. Go to Favorites and click on Import.

From now on, all your settings will be synced across your laptops, desktops PCs and even Windows Phones if you have one.

Extra tip: In our testing, the new update doesn’t break any AVG products, so you can keep on protecting and tuning your PC.

 

NVD

CVE-2015-6377

Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379.

NVD

CVE-2015-6380

An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622.

AVG

AVG Business strengthens team with new General Manager

With more than 20 years of industry experience and an impressive track record building high-performing SMB sales and marketing teams, Fred will be a valuable asset to our AVG Business team as we accelerate our business to effectively support our channel partners and their SMB customers, in 2016 and beyond.

Through Fred’s vision and direction, we will offer more flexibility, more value and more ways for our partners and their clients to succeed. A core part of this will be building strong relationships with our channel partners and providing a full suite of managed services and security solutions, with simplicity in mind, and with the business, marketing and technical training to deliver excellent service for their SMB customers.

In this role, Fred will be drawing on his extensive channel, solutions selling, cloud computing and managed service experience, while working closely with our partners to respond to their challenges and equip them for success.

Before joining AVG, Fred spent eight years at Cisco Systems, where he held roles as Director of Partner Organization & Commercial Business in the Netherlands and Northern Europe. He has also had leadership positions at Copaco, one of the largest ICT distributors in the Netherlands, and Compaq Computers.

We wish Fred a warm welcome as we continue to stay strong behind our vision and strategy of being the Online Security Company offering integrated and easy-to-use security services for our channel partners and their SMB customers, with the reassurance that their applications and data are protected on any devices anytime, anywhere.

We look forward to sharing updates as we head into this exciting next phase together.

Debian

DSA-3403 libcommons-collections3-java – security update

This update backports changes from the commons-collections 3.2.2 release
which disable the deserialisation of the functors classes unless the
system property org.apache.commons.collections.enableUnsafeSerialization
is set to true. This fixes a vulnerability in unsafe applications
deserialising objects from untrusted sources without sanitising the
input data. Classes considered unsafe are: CloneTransformer, ForClosure,
InstantiateFactory, InstantiateTransformer, InvokerTransformer,
PrototypeCloneFactory, PrototypeSerializationFactory and WhileClosure.

Security

Red Hat Security Advisory 2015-2512-01

Red Hat Security Advisory 2015-2512-01 – Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. A feature in Ceph Object Gateway allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.

Security

Red Hat Security Advisory 2015-2066-01

Red Hat Security Advisory 2015-2066-01 – Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. A feature in Ceph Object Gateway allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.