No offense taken, I didn't implement this poorly managed situation and have made progress insofar as I have permission to remove users from local admins as we roll out Windows 7.
I have also proposed to my manager sending the following to the installed user base: "Your machine has been identified as having version 8 of Adobe Acrobat Standard and the issue here is Adobe has stopped supporting version 8 of this product. This means they are no longer releasing security updates which means a greater risk of machines with this version getting exploited by malware. Please reply to this e-mail letting us know A. If you still use it and B What do you use it for. In many cases there are free (and more secure) ways to accomplish what many people used to reply on the full version of Acrobat, especially now that in Word or Excel you can simply choose "Save as PDF" even if you don't have Adobe installed. If you still need a full version of Acrobat - which is about $200 - you will need to fill out a software request form and have the purchase approved my your manager." Dave From: Jonathan Link [mailto:[email protected]] Sent: Friday, November 04, 2011 6:27 AM To: NT System Admin Issues Subject: Re: Adobe 8 suppoer dropped- Thoughts That's simply not true. Old buggy software just becomes the vector for exploitation in a (no offense David) poorly administred environment. This would be a case of two wrongs making a wronger. Inadequate patching levels coupled with inadequate security implementation makes for an even bigger problem. I would go for one or the other. I'd be going to my superiors and saying somethign to the effect of: If we can't afford to spend $$$ on Adobe updates, then we had better change our behavior with regard to running as administrator all day long. It's a big security risk, which will only become bigger if we can't update our software. On Fri, Nov 4, 2011 at 9:15 AM, Crawford, Scott <[email protected]<mailto:[email protected]>> wrote: Yeah, on second thought, I wouldn't worry about Adobe at this point. As Al points out, old buggy software is far from your biggest concern. Sent from my Palm Pre on the Now Network from Sprint ________________________________ On Nov 4, 2011 7:46 AM, David Lum <[email protected]<mailto:[email protected]>> wrote: Neat, our user base meets all those criteria...as noted in previous threads, all (eight) of our DA's (except me) log in and browse as DA's, and 99.5% of our user base are local admins. From: Crawford, Scott [mailto:[email protected]<mailto:[email protected]>] Sent: Thursday, November 03, 2011 3:09 PM To: NT System Admin Issues Subject: RE: Adobe 8 suppoer dropped- Thoughts I'd be petrified. Double that if users using it are browsing the internet from the machine with them installed. Triple that if they're browsing as a local admin. Quadruple if they're domain admins. On the other hand, if they're off network (and will stay that way) for some reason, I'd be ok. From: David Lum [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Thursday, November 03, 2011 5:04 PM To: NT System Admin Issues Subject: Adobe 8 suppoer dropped- Thoughts We have a few dozen systems with Adobe 8 Standard which after today will no longer be patched with security updates. What is your guys' opinion on risk of leaving them as-is and no upgrading to a newer version? David Lum Systems Engineer // NWEATM Office 503.548.5229<tel:503.548.5229> // Cell (voice/text) 503.267.9764<tel:503.267.9764> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
