Waaaay back in July I had a “runin” of sorts with the auditor over a CERT advisory.
Well, CERT has issued a new advisory. Upgrade to SP2 as soon as possible. Do not wait 30 days. Do not wait for the CD to be delivered. Upgrade now.
Fun. I’ve been saying the same thing in hundreds of debates for weeks now. The time where you can simply sit back and wait to see if critical patches are going to be reneg’d on is past. Test everything first. But when you are done with your testing, install. Fast. Because the mean time to a virus being deployed after an exploit is found is down to less than a week.
That scares me.
Sadly, this advisory will not get nearly the publicity that the anti-IE advisory got. Which is, I guess, typical. However thankfully I’ll have this advisory archived here at Ensight so I can pull it up should the auditor come’a runnin’ again.
September 2nd, 2004 at 10:41 am
I’m a technician, out on the field everyday with a myriad of clients in different industries… So far I have only been able to install XP SP2 successfully three times, and they were all residential clients… This is what has been happening with XP SP2 in many situations:
1. upgrade and after reboot computer won’t come back on… can’t get into safe mode, have to wipe and reinstall
2. can’t get the upgrade to install in the first place, and not the same error everytime, different errors at different points in the install\
3. get the upgrade installed and then:
a. proprietary software stops working (industry specific software)
b. cd-burners stop working
This is not just my experience either… In my town there are three computer stores who do service and then myself as an independent contractor. I maintain a relationship with all three stores and they are all reporting the same problems, with a success rate of less than 25%… So my recommendation is DON’T start using XP SP2 yet unless you are damn sure its going to work
September 2nd, 2004 at 11:58 am
Just a few questions for you, if you don’t mind:
1. Did the uninstall go okay?
2. Did you use the compatibility tester beforehand?
3. Did you call MS support (free call for SP2 issues)?
It may be a simple matter which fixes all of these, or MS may actually be unaware of any issues.
As I said right up front though: testing is your best friend. Anyone who puts untested software into production deserves any problems that come their way
September 2nd, 2004 at 3:23 pm
All the machines that installed ok but caused problems with proprietary software uninstalled fine and everything was back to normal (and this was in a test phase, at a new store that we hadn’t opened the doors on yet, so it wasn’t a big deal, just a disappointment). I did not use the compatability tester (ignorance on my part). The machines that completely crashed were lost causes, and the data on the machines was not critical enough to save, so a wipe and reinstall became the easy way out for everyone, therefore no I never called MS support… And I still probably won’t call MS support if I have a problem, normally there is more than one way to tackle a problem, and many of my clients prefer the easiest and cheapest way out… They pay me by the hour, so if their data is backed up, and they can get a fresh install (i usually describe it as factory condition), then I don’t pursue calling tech support (and I don’t only apply this to just Microsoft, but many instances).