I guess that's one way to get people off of Windows XP...
Microsoft has fixed a snafu with Windows Defender that took down thousands of business PCs and servers running Windows XP and Server 2003. The software giant responded to sysadmins complaining on TechNet that large numbers of their machines were borked after they’d installed Microsoft’s latest set of antivirus definitions. …
I guess that's one way to get people off of Windows XP...
Funny you should say that, after XP's expiry date, my XP machine decided to inform me it was no longer protected as MSE now doesn't work. Which is ever so slightly annoying as it was my understanding that only security updates through windows update weren't going to be updated, not the AV signatures for MSE.
Really didn't want to install some bloated AV solution when MSE has worked just fine..
This seems to be a lie from MS. I installed a new XP VM today, and MS Update both offered MSE and downloaded today's update for it. It's sitting there happily, having done an initial scan.
And if you ignored the warning, it did download the broken update and borked your system even after they said it didn't work anymore.
I received several "phone a friend" help calls from friends and relatives with xp computers that stopped working.
I had a similar conversation with my frothing-at-the-mouth FD this morning, after 10% of our PC base had died since yesterday, and users were sitting down twiddling their thumbs.
First I reminded him that the documented 2014 budget proposal that I submitted last year had covered replacing all XP machines by April, but that the expenditure was overruled because I was told that nothing bad would suddenly happen that could kill all of our XP machines at once.
Then I again reminded him that my justification when questioned before the board, over removing all XP machines was that once the official support date has passed, it would only take a single untested software update to kill all our identical machines (at which I used identical twins as an analogy, and how genetically an affliction that kills one twin, usually kills another twin unless the other twin seeks treatment straight away (I also discussed virus outbreaks at the same time)), I also pointed out that once the official support date had passed, it would be unlikely that software manufacturers would test new releases of software against XP, and that I joked that the cynical would suggest that MS would deliberatly build in obsolesence to XP so that it died shortly after support expired.
Luckily for me all said meetings are minuted and right now the board are pointing fingers at each other, rather than me.
Personally I believe that what happenned yesterday was a result of MS not testing against XP, or inadvertantly releasing a non-XP update for XP, because it's not MS policy to test anything against XP.
Considering that today has been a total arse for me and my department, I feel strangely liberated, smug and awesome!!!!
And how are you off for cattleprod batteries and sacks of quicklime?
No, but for the first time ever, I've been given permission by a unanimous board today to buy what I need to fix the problem, and as a result I've now spent all of our Ebuyer.com credit limit, in one purchase!!!!
I might have squoze the odd network switch replacement, SSD, and RAM upgrade into next tuesdays delivery too :)
All my crap is HP branded. Oh look, they deal with the warranty themselves!!!!
Actually i purchase a lot for ebuyer and in honesty ive had great service. Delivery date and carriage issues were fully refunded on every occasion.
Faulty items taken back and refunded.
Items that were ex demo (supplied incomplete), were taken back and refunded once pointed out if its incomplete and they needed to state what was missing at time of sale.
The only gripe is putting business orders on the business version of the site, to a business address and they stick it on a home delivery service.. something they keep on doing.
But all in all they are not that bad, ive dealt with much much worse believe me.
Actually i purchase a lot for ebuyer and in honesty ive not had great service. Delivery date and carriage issues were never fully refunded on any occasion.
Faulty items not taken back and refunded.
Items that were ex demo (supplied incomplete), were not taken back and refunded once pointed out if its incomplete and they needed to state what was missing at time of sale.
Another gripe is putting business orders on the business version of the site, to a business address and they stick it on a home delivery service.. something they keep on doing.
But all in all they are that bad, ive dealt with much much better believe me.
"Funny you should say that, after XP's expiry date, my XP machine decided to inform me it was no longer protected as MSE now doesn't work."
The culprit here is KB2949787. That's an update for Windows XP which introduced the ability for Security Essentials to respond to the lack of operating system updates. If you remove this particular update then the software will stop spouting those annoying (and unneeded) messages.
Much harder is to sensibly configure XP to handle the lack of updates.
Turning off Windows Update, means that MS Security Center constantly posts a red notification in the taskbar that Windows is insecure due to updates being turned off.
Short of stopping the MSC service I've set MSC to notify user but not to download any updates, as this mode seems to keep it happy and prevent the accidental installation of any future 'updates' such as KB2949787.
Another service that is having problems with the end of support for XP is Secunia PSI; it doesn't really give an option to ignore this security warning.
I assume that you've also implemented test system(s) that get updated before the end user base, just so that they don't hit by a similar MS mistake (remember the fun and games of Win7 and the postSP1 hot fix that needed to be installed prior to installing SP1...).
Whilst you may be feeling put out about what you and your department had to do, be thankful that the FD (and others) may appreciate you a little more.
And Windows 8 users too, if you don't upgrade to 8.1 and then upgrade to 8.1 Update , which still says it's "Windows 8".
Agreed & up-voted,
But it will still somehow be your fault.
Fiddle-faddle. Go back to your Ubuntu and its OpenSSL.
"Luckily for me all said meetings are minuted and right now the board are pointing fingers at each other, rather than me."
Until they consult someone actually competent in IT who points out that updates and patches should always be tested before being deployed en mass.....
Why not just click "Change the way Security Centre Alerts me..." and deselect "Warn me about Windows Update."
It's nice to no longer have to let WUAUSERV chew up 500MB at boot on some old systems now :)
"Fiddle-faddle. Go back to your Ubuntu and its OpenSSL."
Funny you should bring that up. Given Ubuntu's Debian base, and Debian's conservativeness, I found that the OpenSSL version on an Ubuntu server is 1.0.0 series, not the vulnerable 1.0.1 series.
Your OS, hey? Should it go? Hey? Should it go? Hey? Know what I mean, know what I mean? Nudge, nudge, wink, wink!
Saaaaaaaaaaay no more. Eh? Eh?
to a blind bat
I was thinking it would go more like, "ere guv'nor. Thas's a nice PC you've got there. Got some lovely ornate software, pretty pictures of your family, nice banking records. You wouldn't want somefink to 'appen to it, now would you... Word to the wise my son. Word to the wise..."
Edit: Oh dear. Someone's already beaten me to that gag, and it turns out I can't delete this post until the editing window is over. Hmmm.
It's alright. It was worth the repeat so I'll upvote both of them.
That's a nice computer you have there, shame if anything happened to it...
like THIS for instance...
Are you sure we can't interest you in an upgrade?
Nice to see that the Antivirus software MS is peddling is finally reaching maturity - are there AV products that haven't ever caused Windows to become unbootable?
My favourite AV product for any m$ product is of course Linux.
After all its where my Xp VM lives... wonderfuly reliable now I've turned off its net access
<<,scuttling away before the windows fans stamp on him
...then one won't really care...now will one.
And being that it is mostly crap in the first place...
"In our latest review of antivirus test results last month, MSE was the only one of 24 products tested not to achieve AV-Test certification – it was bottom of the pile for Protection with a score just half that of the next worst product (a quarter of the score of the top product) and it was also poor for Repair ability."
...why on earth would you use them in an Enterprise environment? Because they are FREE? Good move.
Might I recommend not using an article from nearly two years ago as your evidence?
As I understand it, Microsoft has made their AV definitions and fixes available for free to ALL other AV suppliers. So if any AV supplier can't beat the MSE results then it means they've basically done absolutely nothing.
Your every wish is my command.
However, according to performance test results from respected independent software labs, Defender still can't match the best antivirus for Windows 8 products: Bitdefender Antivirus Plus, Kaspersky Anti-Virus and Norton AntiVirus.
I think that av-test.org site might be lying, because it claims Norton is the best not only for protection but also for performance.
Now, perhaps it IS the best for protection, I can't judge. But NO WAY is it the best for performance. Norton kills your computer.
Perhaps that's how they got the 'best for protection' rating, because viruses run at 1/20th speed thanks to the speed of the computer after they put Norton on it.
Doesn't look like toptenreviews.com has very good reviews though: http://www.sitejabber.com/reviews/www.toptenreviews.com
We did a comparison of SCEP against our paid AV this year and the conclusion in abstract mention SCEP and a barge pole.
It was inferior in every aspect IIRC.
"Might I recommend not using an article from nearly two years ago as your evidence?"
And why not? The Windows Fanboi's just LOVE to drag up stuff about a certain Linux change over that started ten years ago...
If you do not do everything in your power to either switch entirely, or, at least get a good mix of Windows / Linux systems, you and you entire company are fools.
Unfortunately, I am in the company of fools where I am...
Any test that rates Norton highly has got to be false.
I'm talking real-world experience here. Norton misses so much compared to MSE, and it's something I reccomend to a number of customers if they want a free AV product (of course I reccomend Linux first :) ), or one that generally works.
I don't think I've yet seen a machine with Norton on it that hasn't been infected in some manner, and the worst infections I've seen in over 20 years in this industry have been machines with legit, paid up and up to date versions of Nortons.
Oh, I have a passionate dislike for all things MS (comes from years of bitter experience with their crap), so MSE has to be doing something right for me to like it in any fashion. It could be stronger but not bad as it is, and it is much better than many of the paid AV (especially Norton).
But MS should support it even if I do refuse to upgrade, after all I'm the Sysadmin for my company and.......
Whats that ? The CEO is on the phone ? OK put him through....
Yes sir, yes sir, thats ri.... I mean to...... FIRED ? ? ? ?
FIRED FOR CRINGING IN FRONT OF A CALL FROM HIGHER UP!
... to keep buying stuff from these idots?
idots??....some new piece of shit from Apple?
"... to keep buying stuff from these idots?"
Because it is cheaper and less painful to pay the Microsoft ransom, and put up with occasional snafus and security disasters than to run an enterprise wide Linux roll out (or OSX or other alternatives) complete with full staff training for users and skills conversion for all your Windows centric techs. And I suspect the real challenge is simply selling it to the board, followed closely by selling it to departments who have used Excel as a substitute for a professionally operated database, and built entire complex applications with Excel or Word macros.
Technically it is of course possible to give up WIndows (just as it is possible to give up on manufactured cars and clothing, and make your own), but the larger your business, the more complex your environments, the more legacy Windows only code you are dependent upon and you either have to keep legacy Windows machines or replace possibly business critical software with brand new, possibly custom written versions. Time and money, basically.
My company makes a decent amount of money developing .NET applications for windows PCs, hence we are an MS organisation and are still buying their "stuff" regularly. I don't consider being in the business of making actual money particularly stupid, but each to their own.
I think the point being that your company could do that just as well without being tied to .NET or Windows.
Multi platform tools have been around for ages.
"I think the point being that your company could do that just as well without being tied to .NET or Windows."
No. The point being that not everyone who makes a decision to target the most commonly used and widely supported software suite in the world is stupid as the OP was saying.
"I think the point being that your company could do that just as well without being tied to .NET or Windows. Multi platform tools have been around for ages."
There's the small matter of not knowing what the AC .NET developer develops software to do. For all you know they could be selling the number one tool for Windows systems management, or migration, or something else fundamentally tied to the OS; and yet you're declaring him he could do just as well by... what? Abandoning their market, their knowledge store and codebase on a whim for no better reason than platform bias? Yes multi-platform tools have been around for ages, but the market for, and logic of developing cross-platform applications depends on their purpose.
Migrate now or you will be out of business pretty soon. The. Net stuff is for idiots, even MS Cannot manage to depend on one runtime version, SQL Server 2008 needed two versions of the runtimes, FFS!
Biting the hand that feeds IT © 1998–2017