Shop OBEX P1 Docs P2 Docs Learn Events
Microsoft users look out — Parallax Forums

Microsoft users look out

MikeDYurMikeDYur Posts: 2,176
edited 2017-05-14 13:12 in General Discussion
Download your updates now.

Comments

  • ercoerco Posts: 20,244
    Yes, a largish May update, then the Creator Update is coming!
  • Phil Pilgrim (PhiPi)Phil Pilgrim (PhiPi) Posts: 23,514
    edited 2017-05-13 23:03
    Up here in the Pacific NW, the Creator Update (a.k.a. "The Big One") is anticipated as an 8+ on the Richter scale. :)

    -Phil
  • Dave HeinDave Hein Posts: 6,347
    edited 2017-05-14 01:55
    I tried to use my Windows computer a few days ago, and it was in the middle of doing an update and there was no way to break out of it. I just had to go do something else for a while until the update finished. Fortunately, I didn't need to use my computer immediately, but constant updates do get tiring. Every day I'm getting a bit closer to switching all my computers over to Linux. Of course, my one Linux computer says that I need to update also. At least Linux gives me more control over when I update.
  • I installed the Creator Update on myi WIN10 notebook manually a couple of weeks ago with no major problems.

    MS decided to issue an update for XP to fix the ransomware - you can download it from the MS Catalog url

    http://www.catalog.update.microsoft.com/search.aspx?q=4012598

    See: https://www.theverge.com/2017/5/13/15635006/microsoft-windows-xp-security-patch-wannacry-ransomware-attack
  • MikeDYurMikeDYur Posts: 2,176
    edited 2017-05-14 13:35
    It didn't take long for an entry to be made here:

    https://en.m.wikipedia.org/wiki/WannaCry_cyber_attack

    Wake-up call!


    EDIT: We always assumed that Windows would stay ahead of the security game. Is or will that ever be possible?
  • MikeDYurMikeDYur Posts: 2,176
    edited 2017-05-14 14:30
    Cyberattack hit more than 100,000 groups in at least 150 countries, Europol says

    http://www.cbsnews.com/news/cyberattack-hit-more-than-100000-groups-in-at-least-150-countries-europol-says/


    One person saved more systems from being effected.
    Researcher, 22, unintentionally discovered "kill switch" that halted worldwide cyberattack, officials say

    http://www.cbsnews.com/news/researcher-22-unintentionally-discovered-kill-switch-that-halted-worldwide-cyberattack/
  • ercoerco Posts: 20,244
    Finally, a Millennial who earned his paycheck! Unintentionally, mind you... And not American...

    Is that enough curmudgeon for Mother's day? :)
  • MikeDYurMikeDYur Posts: 2,176
    edited 2017-05-14 23:20
    Wait till Monday morning, this thing may not be over yet.

    http://nbcnews.to/2qGSJLh

    Even more interesting:

    http://nbcnews.to/2qGSJLh
  • TorTor Posts: 2,010
    So, NSA knew about the exploit, but didn't tell anyone about it. One must wonder what 'S' means, it clearly isn't 'Security'.
  • The new Windows 10S edition is a way for Microsoft to extort money from customers buying a new PC. Microsoft will be financially encouraging manufacturers to bundle Win 10S with new PCs

    The 10S edition can ONLY install software from the Microsoft on-line store, and you can't run any browser other than Microsoft Edge, and you can only use Bing as your search engine.

    However, Microsoft does offer Windows 10S owners the privilege of upgrading to a real version of Windows by paying Microsoft $25, and then they will be allowed to install and run software packages that they may already own, or need to obtain from places other than the Microsoft Store.

    I think if you buy your copy of Windows 10S by means of buying a new Microsoft 'Surface PC' or whatever it's called (about $2k), then you get the upgrade offer without having to pay the extra $25.
  • MikeDYurMikeDYur Posts: 2,176
    edited 2017-05-15 15:02
    As people get back to work on Monday morning, the nine o'clock hour may be a rude awakening. The experts recommend not to give in to the ransom demands:


    https://www.nomoreransom.org/ransomware-qa.html&ved=0ahUKEwi0mI6W9fHTAhULhlQKHbGgDJ8QFgglMAI&usg=AFQjCNHQHa1BZYDyyGVHPvGHFGFBmtN2RQ&sig2=Y_iRXd0JuHNKbUMbwpoPCw


    EDIT:

    They say this thing started out in the UK health system, and spread world-wide from there. A brilliant engineer from the UK found the built-in kill switch in the malware. But worries that the malware has been reintroduced without that back door.

    Certainly there is a money trail, with world-wide funds coming in, someone would have to stick out like a rotten tomato. Also I don't see Norton or McAfee or any other company involved in PC security, having very much to say about this.


    EDIT2: Cyberattack Spreads in Asia, Though No ‘Second Wave’ Is Seen,

    https://nyti.ms/2rgHk0O

    http://nbcnews.to/2qGSJLh

  • And now the finger pointing.

    Microsoft slams governments for "stockpiling" software vulnerabilities

    http://www.cbsnews.com/news/microsoft-slams-governments-for-stockpiling-vulnerabilities/
  • Cluso99Cluso99 Posts: 18,066
    Instead of finding and fixing bugs and vulnerabilities, MS churned out regular newly written released with new bugs and vulnerabilities.

    IMHO MS only has itself to blame.

    Add to that, all the data/info being phoned home that common users are powerless to block, and you have a company far worse than the NSA, FBI, etc, etc, with no one to answer to. Even the EU doesn't seem to be able to control them.
  • They may loose customers on this one:

    Microsoft knew about software vulnerability prior to cyberattack

    http://www.cbsnews.com/videos/microsoft-knew-about-software-vulnerability-prior-to-cyberattack/
  • MikeDYur wrote: »
    They may loose customers on this one:

    Microsoft knew about software vulnerability prior to cyberattack

    http://www.cbsnews.com/videos/microsoft-knew-about-software-vulnerability-prior-to-cyberattack/

    To who? The reality is that, for many (most?) organizations, moving to a different OS is likely to be very costly. And no other OS can be guaranteed free of similar vulnerabilities. Most people will take the pragmatic view of "better the devil you know than the devil you don't".
  • Ron CzapalaRon Czapala Posts: 2,418
    edited 2017-05-16 17:32
    MikeDYur wrote: »
    They may loose customers on this one:

    Microsoft knew about software vulnerability prior to cyberattack

    http://www.cbsnews.com/videos/microsoft-knew-about-software-vulnerability-prior-to-cyberattack/

    The security patch was released two months ago!

    http://gizmodo.com/today-s-massive-ransomware-attack-was-mostly-preventabl-1795179984
    What’s sad is that this was all largely preventable, had more Windows users simply installed the security patch Microsoft released for it two months ago.
    (Unless you’re one of the 8.45 percent of users still running Windows XP, which hasn’t been supported for three years.)


    Plus, a lot of the affected computers are running bootleg copies of Windows that won't get updates automatically - especially in Russia...
  • MikeDYur wrote: »
    They may loose customers on this one:

    Microsoft knew about software vulnerability prior to cyberattack

    http://www.cbsnews.com/videos/microsoft-knew-about-software-vulnerability-prior-to-cyberattack/

    The security patch was released two months ago!

    http://gizmodo.com/today-s-massive-ransomware-attack-was-mostly-preventabl-1795179984
    What’s sad is that this was all largely preventable, had more Windows users simply installed the security patch Microsoft released for it two months ago.
    (Unless you’re one of the 8.45 percent of users still running Windows XP, which hasn’t been supported for three years.)

    I guess I'm one of the 8.45% using XP to support my Yamaha DSP Factory cards.


  • Ron CzapalaRon Czapala Posts: 2,418
    edited 2017-05-16 17:36
    Publison wrote: »
    MikeDYur wrote: »
    They may loose customers on this one:

    Microsoft knew about software vulnerability prior to cyberattack

    http://www.cbsnews.com/videos/microsoft-knew-about-software-vulnerability-prior-to-cyberattack/

    The security patch was released two months ago!

    http://gizmodo.com/today-s-massive-ransomware-attack-was-mostly-preventabl-1795179984
    What’s sad is that this was all largely preventable, had more Windows users simply installed the security patch Microsoft released for it two months ago.
    (Unless you’re one of the 8.45 percent of users still running Windows XP, which hasn’t been supported for three years.)

    I guess I'm one of the 8.45% using XP to support my Yamaha DSP Factory cards.



    I still run XP on two computers (a desktop and a notebook), but I don't use a browser or receive emails on them because I know it is risky.
    I did download and install the XP update to correct the issue.
  • I am also in that 8.45 precent, though the computer hasn't been on the Internet or been updated since SP2 was released. Got to be able to play DOS games once in awhile, if only to curve a craving for nostalgia.
  • Cluso99Cluso99 Posts: 18,066
    I have 3 older laptops with XP installed. One runs some Navigation software with maps of Australia. Too costly to update ATM, and its locked to my hardware. Second one runs an old licensed version of Protel that will not run on 7, 8 or 10.
  • I've wondered what has happened in other countries (where traditionally use pirated OS) since online activation is required since Win7. A lot of them sticking with XP? Win7/8/10 were actually successfully cracked? (or operate in a hobbled mode?) Microsoft provides lower cost software in those countries, ala pharmaceuticals? Or is it all just a sterotype?

    The implication is if I'm designing a product that might ever have a market in China or Russia, I would want to develop on an old computer in VS6 or something.
  • What I do not understand is how a cryptolocker can shut things down for that long. All kinds of stuff can trash your data. If any office I manage was to be hit with any data loss situation, it wouldn't matter if it's malware or a tsunami. 2 hour disaster recovery, it doesn't matter what went wrong. That means from the time everything was lost, server images are launched into VMs and backups are recovered. You'll be up in 2 hours, lose maybe 6 hours of work at the most.
  • xanadu wrote: »
    What I do not understand is how a cryptolocker can shut things down for that long. All kinds of stuff can trash your data. If any office I manage was to be hit with any data loss situation, it wouldn't matter if it's malware or a tsunami. 2 hour disaster recovery, it doesn't matter what went wrong. That means from the time everything was lost, server images are launched into VMs and backups are recovered. You'll be up in 2 hours, lose maybe 6 hours of work at the most.

    Many individuals and companies don't have backup/restore plans. And if they are networked - they could be re-infected

    From Norton (Symantec) web site

    https://community.norton.com/en/blogs/product-update-announcements/what-you-need-know-about-wannacry-ransomware
    A virulent new strain of ransomware known as WannaCry (Ransom.Wannacry) has hit hundreds of thousands of computers worldwide since its emergence on Friday, May 12. WannaCry is far more dangerous than other common ransomware types because of its ability to spread itself across an organization’s network by exploiting a critical vulnerability in Windows computers, which was patched by Microsoft in March 2017 (MS17-010). The exploit, known as “Eternal Blue” was released online in April in the latest of a series of leaks by a group known as the Shadow Brokers, who claimed that it had stolen the data from the Equation cyber espionage group.



  • TorTor Posts: 2,010
    The_Master wrote: »
    I've wondered what has happened in other countries (where traditionally use pirated OS)
    Isn't that a somewhat broad statement? Or did you really mean USA vs. "other countries"? Because as far as I'm aware people buy licensed Windows systems the same way just about everywhere - usually as a pre-installed Windows machine. The pirated OS syndrome is usually mentioned when talking about a particular, quite large country - and from what I saw when I actually visited there, things were not all all like we had imagined. A million times more modern, to start with.

  • This is a reprint from a C/Net article, which I couldn't get an address to. Maybe it's because I don't have the app. But it may have some useful info people hadn't seen yet.

    5 ways to stop the next WannaCry hack -- including 2 you'll hate

    http://www.cbsnews.com/news/prevent-next-wannacry-cyberattack/
  • Funny that people are blaming MS again.

    MS made a update available in March. If the users had installed all actual updates nothing would have happened.

    So NSA found some vulnerability and used it for some years(!!!). Hackers hacked the NSA and published the information to build this malware, MS provided a update to prevent the attack (by fixing the now known vulnerability), the users of Windows did not apply the update.

    And now they blame MS for it. Not the NSA, not the hacker, not themselves, but MS.

    Just wow.

    Mike
  • MS didn't make the update available for XP until after the attack had hosed the NHS. Apparently it never occurred to anyone in Redmond that some systems can't just be upgraded because they said so, what with legal and ironically security requirements. Their need to blackmail us into upgrading trumped actual security.

    I left work early today because my computer embarked on a "Windows 10 features upgrade" which was looking like it would take at least an hour to complete. Wonder if the thing will even work tomorrow.
  • kwinnkwinn Posts: 8,697
    Had a similar "feature upgrade" yesterday interrupt my working schedule, and that was followed by a Dell "upgrade" that made my mouse pad unusable. Pointer flying all over the screen at the slightest touch, menus appearing at random, and Cortana popping up to add to the irritation.

    Between the two a whole slew of settings were changed. After a long struggle I finally managed to remove the Dell upgrade and got my mouse pad back under control so I could put my settings back as I like them for the umpteenth time. A curse on both of them.
  • My work computer was fine this morning, although it came up with a great big blob of Smile masking most of my desktop and had replaced my ClassicShell start button with the Windows 10 link-to-modern-UI one. Mine did the Dell upgrade (probably BIOS) before the Windows one started yesterday. No problems, but then I use a wireless USB mouse with no special driver. When I closed the blob o' modern Smile there was a welcome little dialog beneath it informing me that ClassicShell had to reconfigure itself to work with the new Windows version. I clicked OK, got a msgbox that said "configuration successful!" and my start menu was back. No obvious differences in operation, but then I don't have the slightest interest in any new Microsoft "features."
Sign In or Register to comment.