Summary Overview

• October update impacts the Windows 11 Recovery Environment (WinRE).
• USB devices malfunction in WinRE, hindering navigation.
• Problems affect Windows 11 versions 25H2, 24H2, and Windows Server 2025.
• Microsoft is developing a solution for the WinRE problem.
• http.sys driver issues causing troubles with website connections.
• KIR mechanism automatically rectifies http.sys issues for many users.
• Resolved smart card authentication errors in 32-bit apps.
• Various Windows versions impacted by CSP authentication issues.

Windows 11 Recovery Environment Issues

After the October security update, Microsoft has uncovered a serious problem concerning the Windows Recovery Environment (WinRE) in Windows 11. The update, designated KB5066385, has caused a breakdown where USB devices, including keyboards and mice, are non-functional within WinRE, thereby making recovery options unreachable. This complication has been acknowledged to impact Windows 11 versions 25H2, 24H2, and Windows Server 2025. Microsoft has promised users a forthcoming resolution.

Effects on http.sys Kernel Mode Driver

The update has similarly introduced a regression affecting the http.sys kernel mode driver. This has led to failed connections to Internet Information Server (IIS) sites, with users facing ERR_CONNECTION_RESET errors. This problem applies to websites and applications operating on localhost. Microsoft has put into action a Known Issue Rollback (KIR) mechanism to automatically resolve this concern for most home users and unmanaged business devices. For managed environments, administrators can employ Group Policy to implement a KIR.

Challenges with Smart Card Authentication

Another concern stemming from the October update involves smart card authentication. Users have indicated that smart cards are not detected as cryptographic service providers (CSPs) in 32-bit applications, resulting in failures with document signing and challenges for certificate-based authentication. Microsoft has offered a workaround, which includes registry changes to set the DisableCapiOverrideForRSA key to 0, thereby fixing the issue. This concern affects multiple Windows versions, including Win10 22H2 and Server 2012.

Conclusion

The October update for Windows 11 has brought forth several notable issues, affecting the performance of the Windows Recovery Environment, http.sys driver, and smart card authentication in 32-bit applications. Microsoft is proactively working to rectify these issues, with some resolutions already implemented through automatic processes and manual adjustments.

Questions & Answers

Q: What is the primary issue with the Windows 11 Recovery Environment?

A: The primary issue is that USB devices such as keyboards and mice do not function in WinRE, preventing users from navigating recovery options.

Q: Which Windows versions are impacted by the WinRE issue?

A: The affected versions include Windows 11 versions 25H2, 24H2, and Windows Server 2025.

Q: How is Microsoft resolving the http.sys kernel mode driver problem?

A: Microsoft is employing the Known Issue Rollback (KIR) mechanism to automatically fix the problem for most users, while Group Policy can be used for managed systems.

Q: What actions are needed to resolve the smart card authentication issue?

A: Users must edit the Windows Registry by changing the DisableCapiOverrideForRSA key to 0 to fix the problem.

Q: Are there any additional Windows versions affected by the smart card issue?

A: Yes, the problem also influences earlier Windows versions, including Win10 22H2 and Server 2012.

Email System Breach: What Occurred?

On October 17, 2023, Vocus-owned ISP Dodo suffered a major breach that led to unauthorized access to around 1600 email accounts. The breach was made public through a post on Dodo’s official Facebook page on Sunday, shortly after the incident occurred on Friday.

Consequences of the Breach

After the breach, a portion of customers were affected by SIM swapping, which impacted 34 Dodo Mobile accounts. This process involves a fraudster substituting a customer’s working SIM with a Dodo SIM bought at a retail location, effectively rerouting the customer’s mobile number to the new SIM.

Vocus’ Response

In reaction to the breach, Vocus halted email services for both Dodo and iPrimus customers and limited services for Commander customers. The company is actively collaborating with affected customers to undo the fraudulent SIM swaps and has enlisted the help of authorities to further investigate the matter.

Customer Experience

Customers who were affected by the breach were instructed to reach out to Dodo for help, especially to reset their email account passwords. However, many reported significant wait times, frequently extending to an hour, to regain access to their accounts.

Overview

The breach involving Dodo’s email system has underscored the weaknesses in email and SIM security among telecommunications providers. As the company endeavors to lessen the impact and avert future incidents, affected customers are advised to stay alert and secure their accounts without delay.

Q&A Session

Q: What actions should Dodo customers take if they believe their account is compromised?

A: Customers must promptly contact Dodo to reset their passwords and keep an eye on their accounts for any unusual activity.

Q: How can customers safeguard themselves against future breaches?

A: Customers are encouraged to create strong, unique passwords for their accounts and enable two-factor authentication wherever feasible.

Q: What does SIM swapping entail, and why is it a concern?

A: SIM swapping is a fraudulent scheme where a hacker shifts a victim’s mobile number to a different SIM card, allowing access to confidential information. It raises concern due to its potential to cause unauthorized transactions and data breaches.

Q: Are authorities involved in the investigation?

A: Yes, Vocus has informed authorities regarding the fraudulent activities, and investigations are currently in progress.

Q: What steps is Vocus undertaking to avert future incidents?

A: Vocus is closely monitoring the situation and likely has introduced additional security measures, although specific details haven’t been revealed.

Q: How long will Dodo customers experience email service disruptions?

A: The exact length of the service disruption hasn’t been indicated, but Vocus is striving to restore full services as promptly as possible.

Brief Overview

• ACCAN advocates for a centralized public register of telecom outages.
• The proposal is designed to rebuild consumer trust with minimal financial or regulatory strain on telecom providers.
• ATA contends that existing regulations are adequate and additional measures would create unnecessary bureaucracy.
• Real-time notifications are proposed to avoid disjointed communication across various platforms.
• Optus reported 272 incidents in a month, underscoring the necessity for improved consumer access to outage updates.

Overview

The Australian Communications Consumer Action Network (ACCAN) is advocating for a clear, centralized public register of communication service outages. This initiative comes after major disruptions, such as the failures of Optus’s emergency call services, which have undermined consumer trust in telecommunications firms.

Current Situation

Currently, telecommunications providers in Australia are required to comply with the Australian Communications and Media Authority’s (ACMA) standards for reporting outages. These rules mandate carriers to inform the public, stakeholders, and other service suppliers about outages through various channels including websites, social media, emails, SMS, and broadcast platforms.

ACCAN’s Initiative

ACCAN proposes a modification to the Telecommunications (Customer Communications for Outages) Industry Standard 2024 to incorporate a real-time updating public register. This system would unify outage information, offering consumers a singular, dependable source regarding network status and service interruptions.

Response from the Industry

The Australian Telecommunications Alliance (ATA), the leading lobby organization for telecom companies, opposes the proposition, asserting that current regulations are adequate. ATA’s CEO Luke Coleman argues that the existing system already provides timely updates to customers during outages and that ACCAN’s suggested register would simply add unnecessary complexity.

Example: Optus Outages

Recent Senate inquiries revealed that Optus had 272 reportable outages over a month-long period, bringing attention to the disjointed nature of current outage communication. ACCAN asserts that a centralized register would fill these communication gaps, ensuring consumers are better informed.

Conclusion

ACCAN’s initiative for a real-time public outage register aims to boost consumer trust in telecommunication services by providing a centralized information hub. While this proposal seeks to alleviate additional costs and regulatory demands, it is met with resistance from industry stakeholders who claim existing solutions are sufficient.

FAQ

Q: What does ACCAN propose for telecommunication service outages?

A: ACCAN proposes a centralized, real-time updating public register for communication service outages.

Q: Why is ACCAN advocating for a public register?

A: ACCAN believes that a public register will help restore consumer trust and provide a single, reliable source for outage details.

Q: What is the ATA’s view on this proposal?

A: The ATA maintains that the current regulations are sufficient and that ACCAN’s proposal would create unnecessary administration.

Q: How are outages currently communicated to consumers?

A: Outages are reported through a mix of channels, including websites, social media, emails, SMS, and broadcast media.

Q: Can you provide an example of recent outages that illustrate the issue?

A: Optus recorded 272 reportable outages from September 11 to October 8, highlighting the need for better communication.