Microsoft got hit with another problem this week, even before the Azure and then Crowdstrike problems, which isn't getting enough attention imho. Seems that "disabled" and unpatched IE 11 on everyone's Windows can be resurrected to wreak zombie havoc on the system.
You know that old saying, "Nobody ever got fired for buying Microsoft?" Maybe it's time to change that. MSHTML + VBscript was never architecturally sound, and has always been inherently insecure. Still is. My new motto for the past few months has been, only the code that's used by the system should even be on the system. If you don't have an integrated touchscreen, go ahead and remove the firmware driver for it, it's just bloat and yeah, unused HID driver sounds like attack surface to me. Kinda like keeping IE 11 around "disabled" yet deleting Opera against my wishes as a "security risk". -Eric ---- On Sun, 21 Jul 2024 11:05:04 -0700 Eric J Bowman via illumos-discuss <discuss@lists.illumos.org> wrote --- Yeah, I'm sure I don't need to try calling crowdstrike for assistance to know what everyone's been listening to for over a day, who has... ...about how very important your call is to us. -Eric ---- On Sun, 21 Jul 2024 10:20:46 -0700 Gary <mailto:gdri...@gmail.com> wrote --- On Sun, Jul 21, 2024 at 7:44 AM Eric J Bowman wrote: Very interesting that the 911 reality of using the direct land-line # instead which I reported earlier this summer, is now the official advice to all residents of Alaska since Friday. First responders are most likely using CrowdStrike on their endpoints as states, counties, & municipalities commonly deploy EPP. But they require hands on keyboard unless they’ve previously deployed Intel vPro for remote management for all their workstations. Bare metal severs typically have some kind of DRAC/iLO/ILOM capability but vPro doesn’t require a dedicated IP. It does, howver, require BIOS configuration & PKI so if you aren’t using it already it’s a longer recovery process than what’s needes right now. So all those terminals on the wall at airports running Windows are going to need someone to plug in a keyboard to get them back online. Good times. -Gary https://illumos.topicbox.com/latest / illumos-discuss / see https://illumos.topicbox.com/groups/discuss + https://illumos.topicbox.com/groups/discuss/members + https://illumos.topicbox.com/groups/discuss/subscription https://illumos.topicbox.com/groups/discuss/T31b1065c3e307d4f-Mee3c41b0c78afb3f975fe509 ------------------------------------------ illumos: illumos-discuss Permalink: https://illumos.topicbox.com/groups/discuss/T31b1065c3e307d4f-M3362eabd4bf94b93f86eb2c4 Delivery options: https://illumos.topicbox.com/groups/discuss/subscription
