Author Topic: What to do about SP2  (Read 6044 times)

0 Members and 1 Guest are viewing this topic.

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
What to do about SP2
« on: July 05, 2009, 01:09:44 AM »
Quote
Perhaps you could translate this.

Having MBAM is not going to protect a Windows system with only SP2 as SP3 has been available for a year and should be installed but if the Windows system is pirated then the malware purveyors look forward to having you propagate their prolific works to their benefit and profit.

@ YoKenny
http://forum.avast.com/index.php?topic=46551.msg391385#msg391385

I think YoKenny has brought attention to a very important issue here - the problem of what to do when a host computer is running a sub-standard copy of the Windows operating system and is asking for help from the forum to bring that system up to smooth running.

It must now be common knowledge that if your OS has been pirated or has not been validated through Genuine Advantage, then you will not be able to update to SP3, nor will you be able to install the ongoing security updates that are instrumental in keeping Windows users ahead of the bent practices of malware perpetrators. As well as, obviously, keeping your system up to speed with new and better technology that is being released on a daily basis by Microsoft and other software producers. The fact of the matter is you cannot smoothly run a computer with SP2 unless you want to spend the whole of that computer's life off the internet. Once in the mix of the software that makes up the world wide web, a computer with only SP2 as running state will invariably fail - and this will likely happen sooner rather than later.

So the question arises, are forum contributors meant to help out end users whose systems are below standard anyway, and therefore unlikely to be repaired to any measure of good running? I think there is the answer that by helping people anyway, regardless, the chance is provided to put down some examples of better computer practice for each and every person who might be reading the forum, and so there will be some benefit. Same with hoax posts or miscreants who just send in crap to annoy - there is provided the chance for contributors to put down some better practice for all to see and benefit from.
Regardless that running SP2 on the web is a wasted effort.  

Further to the first question we might ask - as YoKenny has put well - are we supporting the bent purposes of malware perpetrators by helping end users to patch up and run substandard OS copies on the web? Are we just enabling further hosts to carry viral disease to even greater extents and to more computers? The answer can only be yes, we will be responsible for the further spread of malware. In effect, we will be the problem. We will be helping the miscreants.


There is much ground that can be covered by attending to this issue. I have barely scratched the surface in this post. So I have started this thread to hopefully bring the issue to the attention of forum contributors. And see what comes of it.

(Edited post).
« Last Edit: July 05, 2009, 02:59:25 AM by mkis »
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Mr.Agent

  • Guest
Re: What to do about SP2
« Reply #1 on: July 05, 2009, 01:12:20 AM »
If he think that Malwarebytes is not good to protect well i can say he saved me of downloaded something wrong on it right now :)

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: What to do about SP2
« Reply #2 on: July 05, 2009, 01:37:33 AM »
That not what he said. He usual advise downland and run of MBAM.

Check his profile.  http://forum.avast.com/index.php?action=profile;u=38002
Edit - I probably should not reply for YoKenny - put words in his mouth - he should be along shortly.
« Last Edit: July 05, 2009, 03:01:49 AM by mkis »
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

micky77

  • Guest
Re: What to do about SP2
« Reply #3 on: July 05, 2009, 01:39:21 AM »
People do not get infected because they have sp2 or sp3,they get infected because they download dodgy files,through greed. Cracks, keygens, dodgy codecs, generally anything p2p, or they go to porn\dodgy sites.
Most of the people, posting virus problems, are very careless people. They want free music/films/programs.Then they come here,saying I have virut, help me. If you think people get infected because they have sp2, you are very naive

 
« Last Edit: July 05, 2009, 01:43:14 AM by micky77 »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86808
  • No support PMs thanks
Re: What to do about SP2
« Reply #4 on: July 05, 2009, 01:50:27 AM »
Well having an out of date OS is a contributory factor as Vulnerabilities which have been closed by security updates can be exploited, but it most certainly isn't the only reason they got infected.

Practising safe hex along with a healthy dose of common sense goes a very long way to keeping your system clean, then you have the fall back of your security application(s) and then a good back-up and recovery strategy for when all else fails and the brown stuff hits the fan.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

micky77

  • Guest
Re: What to do about SP2
« Reply #5 on: July 05, 2009, 01:59:25 AM »
Well having an out of date OS is a contributory factor as Vulnerabilities which have been closed by security updates can be exploited, but it most certainly isn't the only reason they got infected.

Practising safe hex along with a healthy dose of common sense goes a very long way to keeping your system clean, then you have the fall back of your security application(s) and then a good back-up and recovery strategy for when all else fails and the brown stuff hits the fan.
Thats exactly what I meant to say, but when I say it,it comes out different. Thank you David  :)

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33668
  • malware fighter
Re: What to do about SP2
« Reply #6 on: July 05, 2009, 02:21:16 AM »
Hi Micky77,

Absolutely agree that the people that go to what you call "dodgy sites" will get the malware bonus from Cybercrime that is not ever very far away in these cases.  I do not pity them because they were probably warned a thousand times but still got infected. "Who is sitting on nettles has to reckon with blisters", was my granddad's favorite saying there and how appropriate.

Something altogether different is where normal users doing perfectly normal online activities are more and more getting infected from silent malware downloads through reputable and trusted websites because the hosting firm or webmasters are lenient or do not know what code has been planted there, putting browser users at risk. A big problem for to protect the vast masses against I see no other solution as virtualization or sandboxing so you can throw the malware baby together with the tub-water alas the browser cache with or without malcode, and "in the cloud" scanning to spare the old cycles with the malware growth rate of to-day..will soon be phased in.

A third reason is that people own a computer that absolutely do not know how to protect themselves against malware (default settings out of the box computing, non-upgraded and not fully patched software) no av, no fw, driving a computer with similar knowledge as a five-year old behind a driver's wheel, which every sane person considers as lively dangerous behavior, still in computer cuckoo land we accept these attitudes. Still we allow this to happen and half of America has a computer that they do not longer  own themselves but forms part of a zombie bot-herded conglomerate spewing malware and spam and endangering the other half of the population/planet.

So it is a miracle why we are still safe and secure here, I mean you and I,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: What to do about SP2
« Reply #7 on: July 05, 2009, 03:11:34 AM »
All good. Hopefully posts will keep coming in.

I really wanted to highlight our role as gatekeepers. What are we to do? Simply say, update to SP3 or go away? Or do we support end users in running a substandard infection-prone machine on the web? I really am not sure myself either way, and I am also not sure whether there is a cut and dried answer to the issue.

I am rather naive at times but that is neither here nor there - I say for now, running SP2 on the web is a wasted effort.

And I don't want to discourage anyone from adding something to the thread.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86808
  • No support PMs thanks
Re: What to do about SP2
« Reply #8 on: July 05, 2009, 04:02:38 AM »
We are I believe all here to provide help to those who need it and provide advice on such things as out of date software that can be exploited. But not to decide who we help or not simply because they haven't got a fully up to date system.

In fact it isn't advisable to update to SP3, etc. if your system is already infected as that could be a giant waste of time as the new update could be promptly infected to.

So if you aren't going to help those who don't have XP SP3 what about win2k or winME or win98 or win95 who potentially are in a worst condition as MS doesn't provide any security update for these.

There should simply be no pre-condition to asking for and receiving help.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: What to do about SP2
« Reply #9 on: July 05, 2009, 04:33:49 AM »
Thanks DavidR. Very well said.

The situation changes somewhat when the substandard machine fails to perform and the end user points the blame at avast. It then becomes very difficult under the circumstances to convince the person otherwise.

I do take your point, however, about updating an infected machine. But surely the update wouldn't go through? I don't know these things because my computers are fully updated. I'm not in a position to know any different.

Also, is it possible to organise a defence plan sufficient to run a computer on the web with only SP2?
Say, if a user did not want to go any further with Microsoft. They wanted to stick with the basic setup of Windows XP, for example, and so they wrapped their OS in third party antivirus and spyware, and secured their host file from infltration. Could they realistically do this? Would the Windows OS survive over the long term, much the way that it often did before SP3 and auto updates became so important.
« Last Edit: July 05, 2009, 07:26:34 AM by mkis »
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

YoKenny

  • Guest
Re: What to do about SP2
« Reply #10 on: July 05, 2009, 12:44:19 PM »
Also, is it possible to organise a defence plan sufficient to run a computer on the web with only SP2?
Say, if a user did not want to go any further with Microsoft. They wanted to stick with the basic setup of Windows XP, for example, and so they wrapped their OS in third party antivirus and spyware, and secured their host file from infltration. Could they realistically do this? Would the Windows OS survive over the long term, much the way that it often did before SP3 and auto updates became so important.

Watch the Deer Hunter:
http://en.wikipedia.org/wiki/The_Deer_Hunter
Play the game:
Russian roulette:
http://en.wikipedia.org/wiki/Russian_roulette
pay the piper:
http://idioms.thefreedictionary.com/pay+the+piper
U.S. Still Biggest Source of Malware:
http://news.digitaltrends.com/news-article/18731/u-s-still-biggest-source-of-malware

Where are you on Secunia PSI WorldMap?
The Secunia PSI is a free service from Secunia. Remember; installing the latest security patches for your programs is just as important as having an anti-virus program and being behind a firewall.
http://secunia.com/vulnerability_scanning/personal/worldmap <== I am at 100%
« Last Edit: July 05, 2009, 12:55:50 PM by YoKenny »

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: What to do about SP2
« Reply #11 on: July 05, 2009, 04:29:22 PM »
I usually do OSI ( http://secunia.com/vulnerability_scanning/online/ )

Because I have enough programs on my desktop as it is. (In my Program Files).

But I downloaded PSI for the interim, and run the scanner.
Defence against vulnerabilities returned 100% measured as 4% higher than the average user in my home city Auckland, New Zealand, and 15% higher compared with users who don't have PSI installed.

This is to be expected. The result is my usual return. Sometimes I may have an issue where I have missed an update - most times with Adobe - which I then update and run a 100% return. That said, I do seem to have an ongoing issue with Flash Player even though I am fully updated. I have not resolved this problem as it appears to be intermittent and it concerns Internet Explorer, whereas the browser that I run on this computer is Firefox. I don't whether anyone else is currently experiencing problems with Flash. I only have the problem on this computer.

Back to SP2.
Its all very well for us to have our systems up to 100% and in some cases to play amongst the many options provided through accessibility to the web, but the average user that comes to the internet is often struggling with the added requirements of participation. I have found since coming to the avast forum and taking on a few more options, I have to watch that I don't grow too far out of touch with the average users who are my client base. I still need to keep aware of what they want and do - for example, most are unwilling to give up the pages they are accustomed to, advertisements and all, what they are starting to call their 'full view' experience view. The kind of page view that is returned to my screen, they are simply not interested in.

Granted, they all get SP3 and auto updates. They have no choice in that regard.


BTW - my favorite movie at the moment is "Our Town' (1940) from the play (and screenplay) by Thornton Wilder. http://www.imdb.com/title/tt0032881/ My latest movie download. I cant recall the site I downloaded from, Archive something or other I think. (And some more recent film - http://www.youtube.com/watch?v=eLWewZO6z1w ).

I haven't as yet taken up offers for wider access to recent movies from commercial sites. I have enough on board as it is.

(Post edited)
« Last Edit: July 06, 2009, 01:16:29 AM by mkis »
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.