News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • When the patch is worse than the attack

    Home Forums AskWoody blog When the patch is worse than the attack

    • This topic has 4 replies, 1 voice, and was last updated 2 weeks ago.
    Viewing 2 reply threads
    • Author
      • #2343665
        Susan Bradley

        PATCH WATCH When the patch is worse than the attack By Susan Bradley .NET releases include known bugs I was dismayed to see that Microsoft had release
        [See the full post at: When the patch is worse than the attack]

        Susan Bradley Patch Lady

        1 user thanked author for this post.
      • #2343767
        Wayne Maruna
        AskWoody Plus

        With respect to Susan’s article citing Conexant issues blocking advance from Win10 V1909, I was able to upgrade a client laptop stuck at 1909 for that reason by following the instructions at this weblink. (I used method 1).

        How to completely uninstall the Conexant audio driver from Windows 10 (and unlock the May 2020 Update) – Guides and Tutorials – Linus Tech Tips

        Interestingly, the process replaced the Conexant driver allowing the upgrade to go forward, but once 20H2 was installed, Device Manager once again listed the Conexant driver for sound.  It will be interesting to see what happens when 21H1 rolls around.


      • #2343838

        I’m sorry, but I just don’t see it.  On a Windows 7 Pro laptop without any extended patching service purchased, but patched with whatever is allowed otherwise, using the latest version of Firefox and the ublock origin ad blocker, MSE – which seems to still be getting updates, and Malwarebytes Anti-Malware Premium, and being operated by someone actually using the security software between their ears, what is the TRUE effective threat that awaits?

        Most threats will come via browsing the web or through email.  Thunderbird is incredibly safe with default settings because images don’t show and embedded content can’t run.

        In no normal situation will the device itself be connected directly to the internet and operated with a public routable IP.  It’s behind a router/firewall on a private network.  And even when out on a public network behind a firewall, Window’s built in firewall blocks traffic effectively.

        Where is the sky falling?  I’ve not see a report of even one Windows 7 device being compromised since the forced exodus of Jan 2020.  At least not in any way that a Win 10 device would have otherwise survived.  Of course, on the plus side, the Win 7 devices likely worked a whole heck of a lot better than the Win 10 devices.

        • #2343906
          Susan Bradley

          Per reports unpatched machines were accessed and ALMOST were used to taint the water supply .PIN_20210209-001_Cyber_Actors_Compromise_US_Water_Treatment_Facility

          You may not be personally impacted, but that doesn’t mean that there aren’t systems that are being attacked.

          Susan Bradley Patch Lady

          1 user thanked author for this post.
          • #2343926

            As someone who has actually written control system software for critical operations, the choice of Windows to control that system, and the fact it wasn’t air-gapped should be the first topic of discussion.

            In the document you present, it appears Teamviewer was what was actually compromised, and not the operating system.  A Win 10 computer running that same version of Teamviewer would likely have been equally susceptible.

            I’m not disputing the recent RDP vulnerabilities that should be patched.  But most Win 7 computers are using an RDP client to attach to something else; usually a terminal server/RDP server, which should be more carefully maintained and patched.  They are not acting as an RDP server.  And no RDP port should be open on the firewall in the first place.  The only access through the firewall from the outside network should be via VPN, but that is really more of a discussion about endpoint control.

            In my original post, I was just pointing out that in everyday usage, behind a firewall, and with updated applications, the arcane Win 7 vulnerabilities are really a moot point.  There is another poster on this forum that applied a strict set of Win 7 patches and then disabled the update function altogether.   He’s reported better safety and stability than many others who are jumping through the hoops.

            I’m not saying this is a perfect solution, but I am disputing the often repeated claim that it isn’t safe to use Win 7 anymore if surfing the web.

    Viewing 2 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: When the patch is worse than the attack

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.