FranceBB Posted February 22, 2019 Share Posted February 22, 2019 Quote The Department of Defence has announced upgrading its operating system to Windows 10, finally ditching Windows XP, which Microsoft first pushed on the world in 2001. The department contracted Leidos for the migration, which saw 100,000 Defence personnel receive a new "contemporary end user environment", for a cost of AU$67.6 million over a three year term. A statement from Assistant Minister for Defence David Fawcett said Leidos has been contracted to provide ongoing sustainment support for Windows 10, including "maintaining a reliable and secure ICT capability, and managing access to applications for users". Apparently, even the government is moving away from XP... Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted February 22, 2019 Author Share Posted February 22, 2019 (edited) https://www.zdnet.com/article/defence-finally-ditches-xp-for-windows-10/ Quote Let me say this as simply as possible: If you are still using XP, you are the end-user equivalent of an anti-vaxxer. You are a menace to society and everyone around you. You are a walking malware vector. You should be shipped out to a remote island with no internet access to fend for yourselves so you can't infect anyone else. And, if you are an IT professional who serves in a decision-making capacity with an organisation that continues to use XP or Windows Server 2003 and SQL Server 2005, you should be fired. You should never be allowed to work in the computer industry again. Edited February 22, 2019 by Sampei.Nihira Link to comment Share on other sites More sharing options...
Dave-H Posted February 22, 2019 Share Posted February 22, 2019 I was quite seriously told by someone to get off a forum because I was a danger to everyone on the internet because I was still using XP, and that was four years ago! Link to comment Share on other sites More sharing options...
Mathwiz Posted February 22, 2019 Share Posted February 22, 2019 Good grief. Hyperbole much? An anti-vaxxer? Because, I guess, "everyone knows" computer viruses are still written and tested to target the 3% or so of Windows users still running XP, and "everyone knows" none of those users ever update their AV software What an ignorant statement. That quote wasn't from Matt Tobin, by any chance? 5 Link to comment Share on other sites More sharing options...
rloew Posted February 22, 2019 Share Posted February 22, 2019 Time to go back to Windows 98. An incompatible OS is the best vaccine of all. 2 Link to comment Share on other sites More sharing options...
ojt_1998 Posted February 22, 2019 Share Posted February 22, 2019 1 hour ago, rloew said: Time to go back to Windows 98. An incompatible OS is the best vaccine of all. If a viable web browser for modern browsing becomes available I’m sure there would be a number of people who’d jump back Link to comment Share on other sites More sharing options...
rloew Posted February 23, 2019 Share Posted February 23, 2019 The closest I have come to that is running a XP browser using Virtual PC in 98. Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted March 4, 2019 Author Share Posted March 4, 2019 (edited) Windows Exploit Suggester. https://github.com/bitsadmin/wesng Edited March 4, 2019 by Sampei.Nihira Link to comment Share on other sites More sharing options...
NojusK Posted March 4, 2019 Share Posted March 4, 2019 1 hour ago, Sampei.Nihira said: Windows Exploit Suggester. https://github.com/bitsadmin/wesng Sounds like a useful tool Link to comment Share on other sites More sharing options...
Mathwiz Posted March 4, 2019 Share Posted March 4, 2019 It's a Python script. It wasn't easy to get it running, but here's how I did it: Install Python 3.4 if you don't have it already If you have ProxHTTPSProxyMII installed, you'll need to bypass it for a couple of host names: [SSL Pass-Thru] files.pythonhosted.org #pypi.python.org pypi.org (Note that you do not need pypi.python.org to pass through, as ProxHTTPSProxy comes configured; but you do need those other two hosts to pass through.) Install the latest pip: C:\Python34>python -m pip install --upgrade pip Using pip, install chardet: C:\Python34>pip3 install chardet To download wes.py, go to the Github link above and click on the wes.py file. It will show you a listing of the Python script. Right-click the "Raw" button and select "Save Link As...", "Save Linked Content As..." or however your Web browser puts it. I saved mine to C:\Program Files\wesng but you can put it anywhere you like. Probably best to use an empty directory though Download the vulnerabilities database: C:\Program Files\wesng>wes.py --update Finally, follow the instructions in the Readme.md; e.g.: C:\Program Files\wesng>systeminfo >systeminfo.txt C:\Program Files\wesng>wes.py systeminfo.txt >vulns.txt For Windows XP you will get a very long list of potential vulnerabilities (545 in my case) in vulns.txt. Each one looks something like this: Date: 20081111 CVE: CVE-2008-4037 KB: KB957097 Affected product: Microsoft Windows XP Service Pack 3 Affected component: Severity: Important Impact: Remote Code Execution Exploit: https://www.exploit-db.com/exploits/7125 The KB: line indicates the update that closed that particular vulnerability. Note that one update often closes multiple vulnerabilities, so you won't have 545 updates on your system. The tool's biggest weakness is that it doesn't check to see whether the updates are installed or not! You have to do that yourself, with a tool like NirSoft's WinUpdatesList. Tedious! It'd be nice if a Python programmer could fork the tool (or just issue a pull request) adding that function to it, along with an option to list only unpatched vulnerabilities. Its other major weakness is that the database doesn't contain vulnerabilities for XP Embedded systems like POSReady 2009. So for XP it only goes through 2014. It doesn't even include WannaCry! It seems the author uses other Python scripts to download M$ security bulletins to create the database. Again someone needs to create a script to download the Embedded bulletins and add them to the appropriate database. Also right now it only parses English output from systeminfo. There's already a pull request to fix that, though. Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted March 5, 2019 Author Share Posted March 5, 2019 Excellent analysis, good. Link to comment Share on other sites More sharing options...
cc333 Posted March 5, 2019 Share Posted March 5, 2019 On 2/22/2019 at 2:27 AM, FranceBB said: Apparently, even the government is moving away from XP... And speaking of the DoD, XP was released right around 9/11 (release to manufacturing August 24, public release October 25), which really puts into perspective how long ago that awful tragedy was! (it could've been so much worse!) And it still feels like it just happened.... I remember that day pretty well.... Likewise, XP, despite being 18 years old now, still feels modern enough that it can still do 95% of modern things (there are some edge cases, but we have Windows 7 for those). c 2 Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted March 30, 2019 Author Share Posted March 30, 2019 (edited) My list of changes to be made after April 9 th: 1) I.E.8 (Script blocking) - F12 -> Disable -> script 2) I.E. 8 (Trick 1803) or OSA Rule for I.E. 3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates 4) services.msc -> Pc security center -> Stop the service -> Start type disabled 5) service.msc -> Automatic Updates -> Stop the service -> Start type disabled Edited March 30, 2019 by Sampei.Nihira 1 Link to comment Share on other sites More sharing options...
NojusK Posted March 30, 2019 Share Posted March 30, 2019 59 minutes ago, Sampei.Nihira said: My list of changes to be made after April 9 th: 1) I.E.8 (Script blocking) - F12 -> Disable -> script 2) I.E. 8 (Trick 1803) or OSA Rule for I.E. 3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates 4) services.msc -> Pc security center -> Stop the service -> Start type disabled 5) service.msc -> Automatic Updates -> Stop the service -> Start type disabled Mine is not going to be changed after april 9th since i trust my security suite Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted March 30, 2019 Author Share Posted March 30, 2019 (edited) 1 hour ago, someguy25 said: Mine is not going to be changed after april 9th since i trust my security suite Hi. Internet Explorer is the biggest weakness in an unpatched OS. It's a big weakness even in patched OS. An example in the recent news: https://thehackernews.com/2019/03/microsoft-edge-ie-zero-days.html Better to take some extra precautions. Edited March 30, 2019 by Sampei.Nihira Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now