Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Haus of Tech Support > Your Operating System has Poor Operational Security
 
  • Post
  • Reply
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?
 what, nothing about applocker/SRPs on Windows?

* # ¿ Oct 22, 2015 08:32
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 3, 2024 10:54
  • Quote
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?

Wiggly Wayne DDS posted:

Advice on that is just going to lead to people breaking their own systems, but it should be talked about of course.

The default applocker policies on 8.1 don't break the OS, and will prevent a lot of malware running itself from the usual locations in %userprofile%.

* # ¿ Oct 22, 2015 08:42
  • Quote
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?

galahan posted:

http://snailsuite.com/
Driver snail free updates drivers, I have driver genius (paid) and it catches more, faster, but snail gets it eventually, also my bank thought the purchase was sketch, it kind of was.
I've always wondered who benfits from these driver installer tools. In the case that Windows Update doesn't have the drivers already, home users would only be installing drivers once in a blue moon so 5 minutes going to the OEM's site to download the drivers isn't a big drama. Enterprise windows client admins should be importing the all-in-one driver packs from Dell/HP/Lenovo straight into their windows deployment tools.

I'd be more inclined to treat a 3rd party driver installer tool as a security threat than anything else.

* # ¿ Aug 29, 2016 03:49
  • Quote
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?

Arsten posted:

He's still making SpinRite? Why is he still making SpinRight?

Probably because people keep paying for it.

* # ¿ Aug 29, 2016 04:36
  • Quote
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?

Samizdata posted:

Also, as far as expertise goes, I think it makes more sense to stick with a company that specializes in AV as opposed to it being yet another in a line of products.
Try thinking about this another way. Given that AV works with the OS quite initmately, the company that makes Windows is likely to have in-house expertise about said OS that other AV vendors could only dream of. Same goes for Office, too - knowing how that works means you can make your AV play better with it.



Malcolm XML posted:

Win 10 supersedes emet iirc
Not really. One of EMET 5.5's main points was that it included win10 support. If you're running 10 Enterprise on UEFI hardware with TPM enabled, Device Guard & Applocker turned on, and only using binaries compiled on recent Visual Studio versions you probably won't gain much from it. Otherwise it's still potentially useful.

* # ¿ Oct 8, 2016 11:01
  • Quote
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?
 might also be worth checking if it's configured for AMT remote management too. If AMT is enabled, you may be able to reset or disable it in the BIOS/UEFI settings.

* # ¿ Jul 24, 2017 04:33
  • Quote
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?
 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8475

"A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. An attacker who successfully exploited the vulnerability could execute arbitrary code.

To exploit the vulnerability, an attacker would have to convince a user to download an image file."

That's a vague description - does anyone have any specific info on how this one actually works? The CVE database entry doesn't have anything public yet.

* # ¿ Sep 12, 2018 03:10
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 3, 2024 10:54
  • Quote
Mr Chips
Jun 27, 2007
Whose arse do I have to blow smoke up to get rid of this baby?
 I'm sort of hoping that it is something exciting like "any image loaded in any application, including any web browser, triggers this RCE".

* # ¿ Sep 12, 2018 03:24
  • Quote
  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Haus of Tech Support > Your Operating System has Poor Operational Security