• When the patch is worse than the attack

    Home » Forums » Newsletter and Homepage topics » When the patch is worse than the attack

    Tags:

    Author
    Topic
    Susan Bradley
    Manager
    February 15, 2021 at 1:00 am #2343665

    PATCH WATCH When the patch is worse than the attack By Susan Bradley .NET releases include known bugs I was dismayed to see that Microsoft had release
    [See the full post at: When the patch is worse than the attack]

    Susan Bradley Patch Lady/Prudent patcher

    1 user thanked author for this post.
    abbodi86
    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • Wayne Maruna
      AskWoody Plus
      February 15, 2021 at 10:03 am #2343767

      With respect to Susan’s article citing Conexant issues blocking advance from Win10 V1909, I was able to upgrade a client laptop stuck at 1909 for that reason by following the instructions at this weblink. (I used method 1).

      How to completely uninstall the Conexant audio driver from Windows 10 (and unlock the May 2020 Update) – Guides and Tutorials – Linus Tech Tips

      Interestingly, the process replaced the Conexant driver allowing the upgrade to go forward, but once 20H2 was installed, Device Manager once again listed the Conexant driver for sound.ย  It will be interesting to see what happens when 21H1 rolls around.

       

      Reply | Quote
    • anonymous
      Guest
      February 15, 2021 at 2:40 pm #2343838

      I’m sorry, but I just don’t see it.ย  On a Windows 7 Pro laptop without any extended patching service purchased, but patched with whatever is allowed otherwise, using the latest version of Firefox and the ublock origin ad blocker, MSE – which seems to still be getting updates, and Malwarebytes Anti-Malware Premium, and being operated by someone actually using the security software between their ears, what is the TRUE effective threat that awaits?

      Most threats will come via browsing the web or through email.ย  Thunderbird is incredibly safe with default settings because images don’t show and embedded content can’t run.

      In no normal situation will the device itself be connected directly to the internet and operated with a public routable IP.ย  It’s behind a router/firewall on a private network.ย  And even when out on a public network behind a firewall, Window’s built in firewall blocks traffic effectively.

      Where is the sky falling?ย  I’ve not see a report of even one Windows 7 device being compromised since the forced exodus of Jan 2020.ย  At least not in any way that a Win 10 device would have otherwise survived.ย  Of course, on the plus side, the Win 7 devices likely worked a whole heck of a lot better than the Win 10 devices.

      Reply | Quote
      • Susan Bradley
        Manager
        February 15, 2021 at 2:42 pm #2343906

        Per reports unpatched machines were accessed and ALMOST were used to taint the water supply .PIN_20210209-001_Cyber_Actors_Compromise_US_Water_Treatment_Facility

        You may not be personally impacted, but that doesn’t mean that there aren’t systems that are being attacked.

        Susan Bradley Patch Lady/Prudent patcher

        1 user thanked author for this post.
        RTEsysadmin
        Reply | Quote
        • anonymous
          Guest
          February 15, 2021 at 3:54 pm #2343926

          As someone who has actually written control system software for critical operations, the choice of Windows to control that system, and the fact it wasn’t air-gapped should be the first topic of discussion.

          In the document you present, it appears Teamviewer was what was actually compromised, and not the operating system.ย  A Win 10 computer running that same version of Teamviewer would likely have been equally susceptible.

          I’m not disputing the recent RDP vulnerabilities that should be patched.ย  But most Win 7 computers are using an RDP client to attach to something else; usually a terminal server/RDP server, which should be more carefully maintained and patched.ย  They are not acting as an RDP server.ย  And no RDP port should be open on the firewall in the first place.ย  The only access through the firewall from the outside network should be via VPN, but that is really more of a discussion about endpoint control.

          In my original post, I was just pointing out that in everyday usage, behind a firewall, and with updated applications, the arcane Win 7 vulnerabilities are really a moot point.ย  There is another poster on this forum that applied a strict set of Win 7 patches and then disabled the update function altogether. ย  He’s reported better safety and stability than many others who are jumping through the hoops.

          I’m not saying this is a perfect solution, but I am disputing the often repeated claim that it isn’t safe to use Win 7 anymore if surfing the web.

          Reply | Quote
    Viewing 1 reply thread
    Reply To: When the patch is worse than the attack

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.