Windows 10 Security patching ends today, when the last set of scheduled patches arrives sometime in the afternoon. Really? No. Windows 10 will still receive updates to Microsoft software installed within, mostly Office, but other software, probably Edge, will get updates, for now. And ‘Extended Software Updates’ are available until Patch Tuesday of October 2026. See how to sign up for ESU, and if it’s even worthwhile, in the free October issue of PC Updater News, or see back issues and signup to get the news every month.

The post Windows 10 Ends Today: October 14th, 2025 appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Windows 10 Ends Today: October 14th, 2025.

by Jerry Stern, PC410.com

I’ve been asked many times “Can I be hacked?” The answer is “generally not without your help.” Hackers of low-value targets (any small business) are sending you links to malware and hoping you’ll click into something that installs software that will search and monitor your computer and online activity for email account logins and credit card numbers. That’s pretty-well blocked by good ‘antivirus’ software, unless you click to let it in. Hack attempts for high-value targets, like global companies and government angencies, are custom-tailored hack attempts, and they’re looking for network access to a lot more than an email account or credit card. Both of these situations are hack attempts at the level of a worker’s computer.

That’s not what happened at Equifax. They had unpatched software (“Apache Struts”) on a web server, open and available to the outside world through their set of web sites; Apache Struts was widely-installed, with a patch available on March 7th, but not installed at Equifax. Once the patch was announced by Apache, the hackers knew where the problem was on many servers, and some time later, found that issue at Equifax, and used it to gain access to Equifax servers.

Web sites are scanned by hackers continuously for known security gaps, and that’s what happened to Equifax. They didn’t monitor, patch, or detect the problem, the invasion, or the downloads in a way that any other company in financial services would have. If we were their customers, we would leave, and they would be gone. That’s not the case here. They sell their services to banks and other credit monitoring companies, not us. We are a commodity, not a client.

Put simply, Equifax profits from the breach. They are.offering free credit monitoring to anyone impacted by the breach. That credit monitoring won’t be free forever, although their sign-up page is not currently asking for any card numbers. BoingBoing.net estimates that if 1% of the free users continue their monitoring next year, Equifax will make an extra $200 million per year. Equifax will also receive millions from other credit monitoring companies that pay Equifax for credit reports, and from the Federal government, who pays Equifax as the exclusive provider of identification confirmation services. Here’s their analysis:
http://boingboing.net/2017/10/05/failing-up-and-up.html

What To Do

Andrew Bareham has listed the financial steps above. Remember that the stolen data doesn’t expire. Prevention is key; cleaning up after identity theft takes years. Freezes are less hassle than cleaning up later.

For better protection against hacks that happen on your own systems, there’s a one-page document from KnowBe4.com that summarizes what you need to know about social engineering. That’s the set of tricks used to convince you to click a fraudulent message.
http://cdn2.hubspot.net/hubfs/241394/Knowbe4-May2015-PDF/SocialEngineeringRedFlags.pdf

The post Equifax’s Technology: What Happened? appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Equifax’s Technology: What Happened?.

Here is your bill.

Waiting for your answer

Risus Incorporated
Lev Mckenzie
(896) 756-0588

The attachment is named “Risus Incorporated.bill42zo.06.p24me38i.rtf”.

So what’s wrong with that?

• I have no business relationship with any of those names.
• The company name doesn’t match the email domain.
• 896 is a fake area code.
• That last name is odd–that ‘k’ in ‘Mckenzie’ should be capitalized. Who misspells their own name?
• The web site matching the email address that appears to have sent the email is the “Arab Real Estate Company”, with what appears to be a legit web site in Arabic.
• The “invoice” is a RTF file, also known as a “Rich Text File”; that’s what we programmers used to use to create help files, so it is very capable of holding scripts and program code, but it’s a horrible choice for sending an actual invoice.

So it’s an obvious fake: a phish, an attempt to get me to open something I shouldn’t. OK, with caution, I looked inside. (Don’t do what I do. I’m a professional, and I don’t just double-click to see if anything explodes.) Inside there are multiple pages of this:

valvular wishbone sallymen poop gyn underdepth fearfulness feistiest vapulate gigsmen hemagglutinate bridoon diactinism shiplet subintegumental marliest vagabonding proamateur atamasco supracargo teleplay spherify rhytidome unheart verifiably neobotany horizontalism presbyterianism fatigues reconsign ower incontrollable gangliglions externa allopathically creep witches cicatrices scrappiest hardfistedness harakiri subcortically privily sappily intendence nearshore hypereutectoid chylidrosis metosteal sarcasm's dropsied earthing devour patashte stereoelectric brattie counterprove adventure resprout hyperparasitize humanised unevil pinyin prerighteousness pidgized shellful recompute ultrafiltration masslessness spig expectance voidance multipartisan fin mandrin mezair wastes audiotapes contrariness nonrefractional abnormalise wrihte morphonemics splenetive utilize goniostat chondrocranium

Well, that’s just a paste of words, mostly from a scientific dictionary, in random order, probably chosen because scientific terms are basically international, and would not trigger a “Wrong language” alert in an automated scan.

After a lot of that, I can see function calls to Windows libraries. In other words, yes, it’s a program or a script. Beyond that, I leave it to the malware labs, and yes, I sent a copy to one of the top providers, and they will share it with the other anti-malware companies.

FAIL

And here’s the issue. The computer that this arrived on has in excess of 12 layers of security filtering, between software, settings, and plugins that block evil activity, and is 100% up-to-date, confirmed with three different products. The message wasn’t flagged by Clam Antivirus on the mail server. And on arrival, I saved the attachment, and manually scanned it with three anti-virus and anti-malware products.

There were NO ALERTS AT ALL. Why? Because these anti-malware products are based on a spell checker. They do a mathematical calculation of the contents of a known-evil sample, and come up with a long number that identifies exactly that file, and they save that and send it out to all the computers running that AV product. Takes three days from submission to prevention. But this sample is full of dictionary words. Well, if the malware authors are generating new random pages of word scrambles in each attached RTF file, not one of their “invoices” will ever be detected. EPIC FAIL. Even if they don’t send you a dictionary, there’s a three-day lag time, and until then, the malware is undetectable.

The Fix

• Educate your users.
• Don’t open suspicious attachments.
• Keep your patches up-to-date. Automate it, so that published security holes used by the bad guys aren’t available on your systems.
• Use ONLY non-Administrator accounts on your computers.
• Uninstall software that connects to the internet when it’s no longer needed, to reduce attack surface and reduce needed patches.

So there’s no infection here. I didn’t open the invoice. I don’t owe money to a real estate company in Saudi Arabia. Deleted. And you don’t need software to tell you when an email is just plain impossibly wrong.

The post AntiVirus Software EPIC FAIL by Design appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: AntiVirus Software EPIC FAIL by Design.

The free upgrades to Windows 10 ended this morning, around 6am Eastern, or midnight at the International Date Line. What to do now? Well, hold on tight for the ‘Anniversary Update’, coming next week. And you can tweak Windows 10 to skip showing ads; look for ‘Windows ppotlight’ in Settings, Personalization, Lock Screen, and choose a picture instead. And turn off “Get fun facts, tips, tricks and more on your lock screen.” At best, it’s clutter on a locked computer’s screen, at worst, well we’ll see how that develops.

Backups Still Working?

More important than the inevitable new-software tweaks, however, are to check your backup software. That means start the program, and see if it works; some older versions of backup software are being detected as dangerous in version 10. Update to the current version as-needed.

Now go and look at the actual backups, and restore a few files. Does it still work as it should?

Operating system updates are a big deal. Windows deleted some programs and apps during the upgrade. Some of them, it warned you, well, after the fact, that it had removed them, by a chirp and a notification in the bottom-right of the screen. You can read those again–click the notifications icon, immediately left of the clock.

Missing Stuff?

Most of the deletions that I’ve heard about or seen have been software tools used by repair techs and consultants like myself. Anyone using those won’t have a problem reinstalling the latest version. But XP Mode is gone! That’s not news, XP Mode wasn’t available in Windows 8 or 8.1, either, but it was a separate downloadable add-on for Windows 7, from Microsoft, and there’s no notice that it was removed.

XP Mode was basically Windows XP in a box. It was handy for running an old program that isn’t compatible with Windows 7. If you lost XP Mode, switch to Oracle VirtualBox instead. It’s free, faster, and runs in Windows 10. You have to provide your own operating system to load inside VirtualBox; there are plenty of online guides on how to do that.

The post Windows 10 Upgraded? Check Your Backup Software! appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Windows 10 Upgraded? Check Your Backup Software!.

You can’t plan for a Black Swan. For computer disaster preparation, you plan for hard drive failures, lightning strikes, burglaries. Floods in wet areas, exploding sprinkler heads in cold areas. Tornadoes in Kansas. But there’s no expecting a black swan event; if you knew what it was, it would not be a black swan event. The overall problem is this: You know what you know. You have no clue what you don’t.

Superstorm Sandy? Yes, to some extent. Hurricane planning covered that for all but the areas hit hardest–it was close enough that for all but the worst-hit areas, a hurricane plan covered it.

Snowmageddon I and II ? Well, central Maryland clearly didn’t plan for over 7 feet of snow during serial blizzards. Snow-induced roof collapses aren’t typical around here. No, that’s weren’t typical. We’ve had practice now, might be ready next time.

So how do you plan for a generic group of natural or man-made disasters that you can’t plan for? You have to make a few assumptions:

• Management and staff of the business will survive, mostly, but transportation and communication may not allow you to evaluate that.
• The local business environment for the business will be viable after the event, at some point.
• Suppliers and service providers will be up and running, if remote enough.

With these assumptions, which by the very nature of black swans, may be completely wrong, we could have some starting points:

• Your staff should know to call in as “can’t make it in” even if it’s obvious that “there’s no way anybody could ever make it in. Period.” and they should know in advance who to call at home to check in, and who is the backup person to call at home. Or better yet, the out-of-state contact person collecting and relaying messages.
• If the business location still exists, and still has power and communications, planning in advance for teleworking would have been a good idea, if you had planned for the black swan of all mothers of blizzards to park on top of you. In good times, telework is an employment perk. In bad times, it’s business survival.
• If you had set up telephone forwarding options in advance, that can be turned on remotely, you would be less miserable now. If your plans were flexible enough to work when the cell towers have no power or are overwhelmed with traffic, even better.
• Computer data backups that can be accessed remotely are ideal. Some cloud systems can do that, others can’t. But the black birds on your roof won’t let you go set it up right now. (It’s crows this time, maybe a vulture…) Plan ahead.

Computer data backups that are in your office, if said office still exists, have all the hypothetical power of Schrödinger’s Cat. They may (or may not) be there, or be wet/frozen/fried/zapped, or liquified. They might wait for you. Might currently be migrating across the ocean on a garbage island floating away from the Fukushima Daiichi Nuclear Power Plant, along with a flock of blackened sea gulls. Cloud backups would be a better choice, if they’re really, really ‘cloud’ and set up in advance.

So let’s pause and explain what a ‘cloud’ is. In scientific terms, a cloud is a geographically-redundant and geographically-distributed set of computer servers for some combination of either storage or computation. “A server in Cleveland” is not “the cloud.” A SET of backup servers in at least two locations, with automatic fail-over and duplication, is minimally a cloud. The internet is not the cloud any more than the moon is the solar system. There are many moons in the solar system, but the parts are not individually the sum. So if you hear ‘cloud’, ask ‘how many continents are the servers on?’ You will likely hear a reply of either zero content, like “it’s all up there somewhere”, or “the data is stored in our own data centers based in these three cities, and they’re in different time zones.” If that scale is appropriate for the scale of your operations, great. If not, get a real cloud service provider.

So can you plan for the bird that doesn’t exist? We might hope for some other bird, maybe the Bluebird of Happiness, instead, but dealing with good things doesn’t require dark thoughts and redundant data storage. Black Swans can be planned for, by being ready for all the little disasters we understand, and guessing they’ll stack up someday. The really big black swan? Well, we won’t ever really know about that one until it arrives.

The post So Who are these Black Swans, Anyway? appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: So Who are these Black Swans, Anyway?.

The post Phone Call from Microsoft India. Oops. NOT! appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Phone Call from Microsoft India. Oops. NOT!.

The fake tech support companies currently facing Federal Trade Commission charges are:

Pecon Software Ltd. Et al.

Marczak et al.

PCCare247 Inc. et al.

Finmaestros, LLC et al.

Lakshmi Infosoul Services Pvt. Ltd. Et al.

Zeal IT Solutions Pvt. Ltd. Et al.

If you receive a phone call about malware on your device, don’t be fooled.

The post Phony Phone Calls, Fake Tech Support appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Phony Phone Calls, Fake Tech Support.

“Hello. My name is Mike”
(Sounded more like his name was anything but Mike, actually.)
“I am calling from the Microsoft. We have for last fours weeks now see malware in your computer.”
Me: Hello, Mike!
“Hello?”
Me: Well, that’s OK. My computers get messed up a lot. Kids.
“Well, yes, we now see malwares in your computer, and we can fix…”
Me: Which one?
“What?”
Me: Which computer is it in? I have eleven.
“How many computer you have?”
Me: Eleven. All the kids have at least one, and a school notebook. Tell me the name of the sick one, or the user name, and I’ll let you fix it.
(long silence. quiet hangup, really)

Remember, fraud implies trust. Your trust. When in doubt, ask lots of basic questions. Of course, “Mike” is no more of a Microsoft employee, contractor, or affiliate than any other con artist. The numbers were in his favor that I would have a Windows-based computer. When you get the call, or the new version when this one stops paying off, just ask nice dumb questions, and it will become very clear, very fast, than the caller isn’t what he claims. Then either hang up, or explain to Mike that there are better phone bank jobs in answering tech support calls than in dialing out for fake malware cleanups.

The post Microsoft Says Malware is in my Computer. Which One? appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Microsoft Says Malware is in my Computer. Which One?.

For those who don’t know–it’s a scam. They want fees to send inheritance or winnings, or want you to cash a counterfeit check for them. More information is available at the Internet Crime Complaint Center, here:
http://www.ic3.gov/crimeschemes.aspx
(Scroll down to the section “Nigerian Letter or ‘419’”)

From: Ms. Carman L. Lapointe.
UNITED NATIONS OFFICE OF INTERNATIONAL OVERSIGHT SERVICES
Internal Audit,Monitoring,Consulting And Investigations Division.

My name is Ms. Carman L. Lapointe, from the United Nations. It is a distinct pleasure to write you again and as you are well aware many foreigners have invested thousands of United States Dollars into Nigeria transactions in Hopeless Dreams to have none of them become a reality.

Right now, as directed by our secretary general Mr.Ban Ki-Moon, We have agreed with the Nigeria Government that US$100,000.00 (One Hundred Thousand United States Dollars Only) would be paid to you through the Western Union Money Transfer Via special arrangement as first installment.

This is to enable you have enough funds to pay for the Tax Clearance and bank charges before you will receive the balance of US$4.1M (Four Million One Hundred Thousand United States Dollars Only). Please take note that you will pay US$185 only, being Notarization fee and this is the only financial obligation that you will undertake to receive the US$100,000.00 (One Hundred Thousand United States Dollars Only) through the Western Union Money Transfer.

Lastly,i will like you to reconfirm your information to me such as your full name, address and telephone number so that I will proceed with your Western Union Money Transfer within the next 24 hrs and the transaction information will be released to you.

I await your response for further proceedings.

Sincerely yours,

Ms. Carman L. Lapointe
{Under-Secretary-General}
United Nations

The post Nigerian Letter? No, it’s a Hopeless Dream! appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Nigerian Letter? No, it’s a Hopeless Dream!.

• There are punctuation and grammar errors in the message.
• The link that you’ll see when floating the mouse over that ‘Print Label’ link doesn’t match the ‘from’ domain, and isn’t Fedex.com.
• European date format used by a US-based company.
• The logo is a bad jagged paste, and is missing the circle-R symbol for ‘registered trademark’.
• FedEx has no pickup service at their competitor, the “nearest” US Post Office.

Now, that’s already enough information to make me delete the email, but I’ll look a little deeper:

I downloaded the “label” to look–it was “Shipping_Label_US_Westminster.zip” and it held one file, “Shipping_Label_US_Westminster.exe”.

The antivirus I’m running didn’t object to either file; it probably can’t detect today’s variation yet.

I looked inside that file with an extraction program, and found a .rsrc folder, and files .text, .rdata, .data. Inside the folder there were two .ico files, basically desktop icons.

That’s enough to tell me that it appears to be a script to install software. It’s clearly not a label–that would be a PDF or a JPG image.

IMO, the most-likely payload would be a rogue/fake security program, either scare-ware or blackmail-ware. The message itself isn’t infectious, just don’t click that link.

Jerry Stern is webmaster at PC410.com and Startupware.com.

The post Careful again: FedEx Doesn’t Leave Your Package at the Post Office appeared first on Startupware.com. Visit to read more about software design, malware, and computer security.

Original article: Careful again: FedEx Doesn’t Leave Your Package at the Post Office.