back to article Windows 10 or Cisco Advanced Malware Protection: Pick one

Companies relying on Cisco's Advanced Malware Protection (AMP) software will have to hold off on installing the latest edition of Windows 10. The Redmond Zune-flinger says that the 1809 build of Windows 10, aka the Windows 10 October 2018 Update, will not be able to install on machines that run Cisco AMP for Endpoints. As a …

Silver badge
Trollface

Advanced Malware Protection ?

Refusing to let Microsoft install Windows 10 build 1809 ?

I'd say it's working just fine...

18
0
Reply
Silver badge

Re: Advanced Malware Protection ?

But, would you trust camp software?

1
0
Reply

Software which hooks undocumented system calls may be incompatible with future versions of a operating system? Who would have thought.

8
0
Reply

Quite, but how does that translate into being unable to save Office files, the bug caused by this system?

Seems like Microsoft might be hooking their fingers into some undocumented system calls themselves and getting thwarted by a malware protection scheme that's determined said 'features' are exploits waiting to happen so proactively stop anything using them.

3
4
Reply

It's not that Microsoft has not used system calls they left undocumented before for themselves.

Oh. Wait....

6
0
Reply
Silver badge
Coat

Windows 10 or Cisco Advanced Malware Protection: Pick one

How about neither?

4
0
Reply
Bronze badge

I'll take both.

Both, for certain.

1
0
Reply
Anonymous Coward

Why?

Windows 10 already comes with decent malware detection already.

I'm getting a bit tired of having to repair friends computers because some big-box electronics stores are pushing out whatever garbage third-party "security" suite they happen to be partnered with that month.

Case in point, my friends son purchased a new Windows 10 laptop from Best Buy and they gave him a "free" copy of Web Root antivirus.

The problem is the square plastic case that was supposed to contain a tamper-proof, read-only CD of Web Root was empty and just had a URL printed on the inside to download the Web Root installer from the web.

Of course since it is his first computer he must have fat-fingered the address or entered only a partial address into the search bar or something but whatever the case was he was directed to a scam website which was very helpful by doing the install for him remotely over LogMeIn and then of course went about gathering my friends sons debit card information, phone number and email address and also the serial number for Web Root before I walked in and saw what was happening.

The URL he was supposed to have gone to was "webroot[dot]com/safe" but if you do a web search for webroot safe you will there are several bogus webroot sites of scammers taking advantage of the fact that there are no disks in the box including putting the real url in the title of the html on the bogus site.

However, if you do actually enter the CORRECT url you might see a quick 302 redirect because of an http link and of course you are greeted with tracking beacons from Facebook and Yahoo and other surprises before getting a download link.

Some of those bogus sites are linking directly to WebRoots servers for the convincing graphics and WebRoot logos so it makes me wonder why WebRoot's webmaster doesn't see this traffic in the logs.

(And of course Google's analytics running in there as well)

Before installing any dodgy third party "security" suite users should read a few of Tavis Ormandy's thoughts on the matter.

13
0
Reply

Re: Why?

The sceptic in me thinks they know about it and think more malware even in their name helps their business!

0
0
Reply
Silver badge
WTF?

Re: Why?

"Windows 10 already comes with decent malware detection already."

see icon

0
1
Reply
Silver badge
Windows

Let's face facts.

3rd party company using undocumented OS hacks doesn't even bother to be on the Windows Insider programme to test their software on beta builds but somehow this is Microsoft's fault? Hmm...

5
2
Reply
Anonymous Coward

Plus ca change ...

20 years ago, I was running into software that was "broken" because some genius nicked some demonstration code and put it into a production system - ignoring the warnings that came with the code that it was using unsupported features.

The best one was an enterprise-level program written in VB which used an unsupported OCX to implement an NT service. Guess what happened when a service pack was applied ?

Thank god for helpdesk software that records comments - as they looked for blame and noted that a year previous I had submitted a version with a note that it shouldn't be released as it contained unsupported features.

1
0
Reply
Anonymous Coward

OK

Cisco!

1
0
Reply
Silver badge
Devil

practice 'safe surfing' - seems to be compatible with everything

well, MY version of 'safe surfing' avoids using Edge, HTML mail, and Windows (in general) for web surfing, so maybe it's not so 'compatible' after all... (since 'avoid using windows' is a big part of it)

but at least do THESE things if you must use Windows:

a) don't view HTML mail as HTML [and no inline attachment previews, either]

b) don't preview e-mail nor web browse with an account that has 'admin' privs

c) don't use a Microsoft web browser

d) disable javascript as much as possible

e) don't download/install the application/plugin 'to view the content'

f) don't use any Adobe viewers (PDF and flash especially)

'c' and 'd' are probably the biggest vectors for malware, followed by 'e' and 'f', and then 'a' and 'b'. It's not perfect, but it'll work for most of what's out there, especially 0-days.

in any case, no need for anti-virus/anti-malware if you execute some self-discipline and do those things I just mentioned. THAT, and don't surf the web nor read e-mail logged in with 'admin' privs.

(or you can ignore what I said, at your own peril)

2
2
Reply
Silver badge

Hmmm...Tough choice

Users can either uninstall AMP to get the new version of Windows, or they can wait until a fix for the bug is released.

Tough call...NOT! Yet another reason not to install that doorstop of an October release.

They said it was the "October release". Did they say what year?

0
0
Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018