General discussion


Share Your Security Problems with MS Software

By rkuhn ·
Share your actual security issues you've encountered using MS software, ie IE, Win X, etc. Please provide as many details as possible.

What caused it? What website did you visit? What software, version, envirnment, etc.

Did you not do something that you should of, ie patch, run AV, run malware scanners, NAT, firewall, etc.

And rather than this be just another discussion about how bad MS sucks, let's share stories that others can learn from.

Share your security problems and nightmares using Windows software. I'm more interested in corporate environments.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

In a corp environment

by w2ktechman In reply to Share Your Security Probl ...

patches -- not just MS patches, but mass deployment of patches in general often cause unexpected results.
By unexpected results I mean, things will just happen to fail, without explanation, usually following a patch upgrade (forced). It can be anything from not booting to suddenly an app fails, to 10 minute logins, to shutdown issues, very slow network, etc, etc....
But this also happens with other SW vendors as well. I have a few gripes with Sygate firewall (suddenly blocking all network traffic), Symantec AV (suddenly causing BSOD or endless loop to install updates), and many more.
So what exactly are you looking for???

Collapse -

I'm Not Really Sure

by rkuhn In reply to In a corp environment

I just want to hear from others.

I hear nightmare scenarios on TR all the time about this software or that software (mostly MS), however, I have been doing this for 7 years now and don't experience nearly the same number or severity of problems that I seem to hear about all the time.

Just curious really.

Collapse -

Curiosity kills machines

by w2ktechman In reply to I'm Not Really Sure

lol -- but no problem, it is good to hear about others' problems and gain feedback.

Problems can arise from a number of places. Most programs have hundreds of thousands to trillions of lines of code in them. This leaves any application vulnerable to problems far exceeding just how many lines are in the code.

I must admit, although I have seen and experienced a heck of a lot of problems, I have heard about many more that I was never introduced to.

Some problems are machine specific, version specific, OS or service pack specific, or even processor specific, so the vast majority of problems will not arise on each and every system after a patch, there are many variables.

I remember one of my worst incidents, after an XP rollout on HP Omnibook 6000 notebooks, the systems would BSOD several times a day to 1 time a week. It took almost a week for me to find out that the OB 6000 Bios only supported speedstep v.1 while XP installs by default speedstep v.2

once the proper change was made, no more BSOD

Collapse -


by CG IT In reply to In a corp environment

The vendor stuff will always be a problem because no one but who makes the program tests the stuff. I just installed an update for a dentist program in a dentist office and bam! every workstation couldn't open the program. I ended up having to reinstall the older version from scratch on every machine.

Security? I've not had much of a problem with security. We use ISA 2004 and as a proxy/firewal, hacking in from the outside isn't a problem. It's knowing if someone is trying.

I like Windows Vista user control feature. Keeps workers from messing up their machines and is a lot less antagonistic to the workers than the greyed out tabs and message that says admin denies. Walking down the hallway dodging paperwads and the chorus of boos isn't fun sometimes.

Collapse -

Oh, the hassles sometimes

by w2ktechman In reply to W2KTechman

can be annoying.
Basically I was just trying to bring out that it isnt just Win updates, but programs and other companies updates as well can be problematic.

I feel for you with the SW upgrade. I have seen similar issuea on a very large scale in the past, and expect more in the future.

I once had a Symantec corp ed. (I think it was ver. 7) which was forced out over the intranet. but it was only tested on new systems (PIII and not PII systems). It worked fine on the majority of the systems in the office, but 200 PII systems BSOD'd -- that was a busy day

Collapse -

Patch / Upgrade Deployment a never ending story

by BigAbe In reply to In a corp environment

Our biggest hurdle is the patch and upgrade process. I work for a very large international company that has worked hard to build a testing and deployment process to keep in compliance with security patches. I am responsible for testing every single patch on every platform and against each of our applications. We run 1 month behind in patches, which is due to the testing process and implementation timeframes.

Not only do I physically test them, but I coordinate every developement group to test them in the dev and QA environments as well.

Our current project is the upgrade of XPSP1 to SP2 on 1,800 PC's in North America.. ugh.

It is important to review each and every patch for any caveats and exactly what it will change in your respective environments. If you do not, you will run into issues with proprietary and third party apps and possible downtime.

Collapse -

And when they go out

by w2ktechman In reply to Patch / Upgrade Deploymen ...

I am sure that there are some people who still have unexplained problems afterwards.

No matter how much testing is done, patches do add problems. I am not saying to do away with patching at all, or that they are implemented wrong.

I was responding to the original post asking to describe problems from patching, and so I responded with a generic, too many things can happen.

I hope that nobody took it the wrong way, I was just pointing out that patching often leaves other problems, often unexplained anomolies. Even with 2 identical systems, all of the same apps, all of the same config, right off a the same image, strange things can happen on 1 and not the other.

Collapse -

Most of the problems I've seen at a corporate

by Tony Hopkinson In reply to Share Your Security Probl ...

level have been 0 day stuff or problems down to patch cycles. Things like you get a driver update that breaks some of your machines (seen that twice at home as well) bundled in with other fixes.

User education is another one, I still get emails from our IS department about not sending my bank account details to banks I don't have an account with.

Home wise most of my problems were pre XP and down to my son's inspired lack of technical knowledge and his habit of looking at naked ladies, getting free music, free ring tones etc. Not to mention freely accepting the largesse of anyone who chooses to IM him.

Just setting him up his own unprivileged user account solved most of them. AV and Tea timer along with a software firewall pretty much killed most of the problems. He uses IE and has the largest collection of unwanted toolbars in the known universe though. My AV regularly picks up bad guys in his IE cache that have been unable to self install, so I'm down to house keeping now.

Windows security has improved dramatically over the last few years, though personally I believe through design choices they've erred on the side of connectivity as opposed to security.

While nearly all prevention is effectively signature based, the security model is default allow and the lack of kernel and user space separation is still in operation we are going to have to be constantly vigilant though.

Most corporates lock down their users to avoid them shooting themselves and loads of other people in the foot. Some still don't though. Others still have exceptions.
I have admin rights on my PC and effective permission to go out of bounds of the default
company policy in order to do my job. So they are reliant on my knowledge, that's OK most of the time I do know my arse from my elbow.

Of course then you find out a manager who's regularly confused by the off button has the same access on account of he's a boss.

Ho Hum

It is getting better, and it can get better still, we need alternatives and we need to put the pressure on though. Securing software costs money and cuts into profits, so they won't do it unless they have to.

Collapse -

I agree that Most of the problems

by w2ktechman In reply to Most of the problems I've ...

are due to user fault and/or viri. But at the same time, there are those patches that come through that will break 1 out of 100 systems or so. and others that break 1 out of 3 systems.

Patch management is a critical need, don't get me wrong there. But patches are not tested against every PC config a large company (or small one) has, so machines will break. However, it does keep me employed, so I am not going to complain too much. I still have a problem with reinstalling Sygate corp on 2-5 systems a month due to all network traffic is blocked, or Symantec corp ed. because it decides to stop updating -- not sure how to fix it permanently though...

Related Discussions

Related Forums