Just reported today? Sorry ... not!
This will happen a lot due to legacy drivers. The same issue comes down from the Vista experience of using old network drivers and is documented in a KB.
The actual driver conflict is with Tdx.sys (both 32-bit and 64-bit versions) which was fixed on Vista via SP1.
Its not only Symantec but also Alwil/Avast and SuperAntiSpyware that have support forums talking as early as last January. Keep going through the forums and it affects a whole lot more vendors.
This is not a new issue apart from the recently reported flaw in SRV2.sys which crashes the SMB2 driver: Crenk and Tom's Hardware
Further user experience of SMB2 complicated by outdated drivers causing issues with their security product is documented in the Microsoft forum.
The solution of course is of course to use compatible and updated drivers. This is a step most users skip and are sorry about later: Windows Compatibility Center
Monday, October 26, 2009
Windows UAC vs Linux vs Mac OS X
There have been may articles written recently and surely they have their merits and by no means is this an attempt to discredit.
Simply stated, below are my perceived difference in Windows XP vs Windows Vista vs Windows 7 vs Linux vs Mac OS X on the User Account Control (UAC) issue from the standpoint of one who has them all installed in production use:
1. Pre-XP and Windows XP – unmanaged default installations have administrative (root) privileges, not good as we’ve seen; you can create unprivileged accounts and system changes will require administrator login (with a right-click clue on what account has it);
2. Windows Vista – a total paradigm shift for users and perhaps too aggressive an introduction to UAC causing administrator-level-addicts to make themselves root and/or totally ignore all the prompts; also got released with very minimal device drive support and the rest is history;
3. Linux – by default you had to do a few hoops to become root and in the most recent variants alerts you that your password settings for root and sub-accounts are of what quality; for any system-wide changes you had to enter your root credentials similar to Windows Vista;
4. Mac OS X (Tiger, Leopard, Snow Leopard) – introduced simple lockdowns similar to unprivileged Windows XP user by default; any system changes will require administrative login (and no unprivileged user clue as to who has it);
5. Windows 7 – released with better driver support and is as forgiving as Windows XP in terms of outdated driver compatibility mode; UAC is set to be less of a nuisance and allows the user to concentrate on getting things done rather than police the system;
All in all, I think the current generations of whatever OS you have is running the same playing field in the UAC user experience. There are some nuances in terms of what system hardening has to be done by the initial user but all of this is by now well documented in every OS start-up guide.
There will be some changes as well in the “when to patch” paradigm and as I’ve said before gone are the days when hold holding off when to patch is considered a precautionary measure given the speed of malware attacks on new systems that do not sit behind some other patch management and/or firewall. Today's patches do not just deliver fixes but also much needed compatibility upgrades.
And yes, perhaps one thing that has made me move (and be confident) to Windows 7 (32-bit and 64-bit) is that when fixable compatibility issues occur it actually tells me if one is available from Microsoft or whether I should be contacting my device vendor to get a new one made. Nicely done!
Simply stated, below are my perceived difference in Windows XP vs Windows Vista vs Windows 7 vs Linux vs Mac OS X on the User Account Control (UAC) issue from the standpoint of one who has them all installed in production use:
1. Pre-XP and Windows XP – unmanaged default installations have administrative (root) privileges, not good as we’ve seen; you can create unprivileged accounts and system changes will require administrator login (with a right-click clue on what account has it);
2. Windows Vista – a total paradigm shift for users and perhaps too aggressive an introduction to UAC causing administrator-level-addicts to make themselves root and/or totally ignore all the prompts; also got released with very minimal device drive support and the rest is history;
3. Linux – by default you had to do a few hoops to become root and in the most recent variants alerts you that your password settings for root and sub-accounts are of what quality; for any system-wide changes you had to enter your root credentials similar to Windows Vista;
4. Mac OS X (Tiger, Leopard, Snow Leopard) – introduced simple lockdowns similar to unprivileged Windows XP user by default; any system changes will require administrative login (and no unprivileged user clue as to who has it);
5. Windows 7 – released with better driver support and is as forgiving as Windows XP in terms of outdated driver compatibility mode; UAC is set to be less of a nuisance and allows the user to concentrate on getting things done rather than police the system;
All in all, I think the current generations of whatever OS you have is running the same playing field in the UAC user experience. There are some nuances in terms of what system hardening has to be done by the initial user but all of this is by now well documented in every OS start-up guide.
There will be some changes as well in the “when to patch” paradigm and as I’ve said before gone are the days when hold holding off when to patch is considered a precautionary measure given the speed of malware attacks on new systems that do not sit behind some other patch management and/or firewall. Today's patches do not just deliver fixes but also much needed compatibility upgrades.
And yes, perhaps one thing that has made me move (and be confident) to Windows 7 (32-bit and 64-bit) is that when fixable compatibility issues occur it actually tells me if one is available from Microsoft or whether I should be contacting my device vendor to get a new one made. Nicely done!
Tuesday, October 20, 2009
Security Tips: Default Passwords
After you purchase a router or modem, the first thing you should do is run the install wizard (most do) and change the default login/passwords. Otherwise, you're likely to get into a situation where some piece of malware can either change your routing from either internal or external.
Here's a growing list of defaults, however, in case you've had to manually reset your gadget and can't figure out where to start fixing.
Here's a growing list of defaults, however, in case you've had to manually reset your gadget and can't figure out where to start fixing.
Friday, October 09, 2009
Ubuntu Tricks: Multi-boot and Grub Errors
I've been doing alot of Linux installations lately while figuring out how to get LinuxMCE and MythTV (Mythbuntu) installed. This is on top of pre-installed versions of Windows XP and Windows 7 RC.
One time saving tip is to know how to help Linux figure out what happened to the boot records. This is all done via a Live-CD installation and an open terminal window:
sudo grub
find /boot/grub/stage1
This will tell you what partition Ubuntu is, so assuming it said: (hd2,0)
root (hd2,0)
setup (hd2)
The system will then tell you it found the partition and is reconfiguring everything.
quit
Thats it. Time to reboot.
sudo reboot now
If you're still getting errors, then you'll need more than this small bag of tricks to recover. Good luck!
Update: The above instructions do not work for Grub 2.
One time saving tip is to know how to help Linux figure out what happened to the boot records. This is all done via a Live-CD installation and an open terminal window:
sudo grub
find /boot/grub/stage1
This will tell you what partition Ubuntu is, so assuming it said: (hd2,0)
root (hd2,0)
setup (hd2)
The system will then tell you it found the partition and is reconfiguring everything.
quit
Thats it. Time to reboot.
sudo reboot now
If you're still getting errors, then you'll need more than this small bag of tricks to recover. Good luck!
Update: The above instructions do not work for Grub 2.
Subscribe to:
Posts (Atom)