• The trials and tribulations of Windows 7

    Home » Forums » Newsletter and Homepage topics » The trials and tribulations of Windows 7


    PATCH WATCH By Susan Bradley We’re starting the Windows 7 extended-support era … with more than our fair share of confusion. Before I shed some
    [See the full post at: The trials and tribulations of Windows 7]

    4 users thanked author for this post.
    Viewing 0 reply threads
    • #2141995


      Thank you for your risk assessment report about Windows 7 post support-era.

      About CVE-2020-0738, does it mean that you could get infected while browsing a web page on any browser? If so, it puts the risk at a whole different level than just having to avoid using IE.

      Do you have any mitigation to suggest that doesn’t involve patches?

      The way I see it, there is a very different category of risk using a PC where you need to download a malicious file and execute it to be infected vs just browsing the web and your browser displaying a tainted ad that will infect you without any other intervention.

      A lot of people that consider themselves careful with computers might want to still run Windows 7 with a third-party browser for casual browsing and/or gaming and with nothing of much value on the PC they run it on, but I think it is important they have a good idea of the risk they get exposed.

      Distinguishing between the different categories of risk and with the knowledge that it is exploited or not seem important.

      • #2142028

        A reading of the NVD report for this vulnerability suggests that it’s the type of exploit that is typically delivered via a phishing e-mail or some other method that requires a specific action by a victim who has been targeted as a result of who they are or whom they work for. In other words, it’s highly unlikely that a random user will chance on this exploit merely by surfing the Web. Things would be different, though, if you are an employee of a large company, or of government.

        Note that the exploitability score is 2.8 on a scale of 10. While no privileges are needed to take advantage of the flaw, it does require user interaction; see the Base Score Metrics for this value and hover the mouse pointer over “Required”.


        7 users thanked author for this post.
      • #2151324

        I would recommend “casual browsing” on your phone rather than an unpatched Windows 7.  Clicking on something one shouldn’t is too easy these days.

        Susan Bradley Patch Lady

        1 user thanked author for this post.
    Viewing 0 reply threads
    Reply To: The trials and tribulations of Windows 7

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: