It always pains me to see a perfectly good computer that’s been abused.
For example, consider a Windows Vista based laptop I was recently asked to give the “once over” as a favour (like many computer geeks, I’m the de facto support channel for family, friends and a few others).
While the laptop did have a security product installed, the paid subscription had lapsed with no updates in 459 days - that’s just on 15 months.
Given the effectiveness of any computer security product is critically dependent on being up to date, the machine was vulnerable to any number of attacks that had been discovered in the last year or more.
My solution was to remove the outdated product and instead to install Microsoft Security Essentials. Given that the laptop belongs to a volunteer organisation with limited resources, I wanted to improve security without any outlay. Paying for an upgrade myself would only have meant more issues in a years time when the subscription lapsed. Not to mention that the third party product that was there has (in my opinion) a tarnished reputation.
Once Security Essentials was up and running, I discovered that Windows Update claimed that it had never - that’s right never - updated!
Researching the issue, I discovered something shocking. It seems that the expired security product was filtering network access, blocking Windows Update from checking for updates.
This kind of behaviour is completely unacceptable. It shouldn’t matter what the state of the products own subscription, nothing should block Microsoft’s own update channel from working. Outside of the IT realm, out here in the real world, we’d look at this kind of interference as a form of criminal nuisance.
Fortunately, Windows Update started doing its job properly as soon as the other product was removed and Security Essentials was up and running.
Of course, after more than 459 days of not updating, there were just a few updates waiting. First time through, Windows Update noticed 107 outstanding updates, totalling just under half a gigabyte of downloads. After those all successfully installed, and the machine rebooted, another 32 updates were found. Then, Service Pack 1 deployed. Following that, Internet Explorer 9 and another 45 updates. It’s just as well I have a nice big internet pipe and a generous bandwidth allocation on my plan.
The upside is that the users of this laptop were lucky - even though the security product was outdated, and even though there were a metric bucketload of outstanding patches that hadn’t been installed, there didn’t appear to be anything nasty on the machine.
After all the installations, performance of the machine was substantially better - boot times alone came down from 5 minutes plus to under a minute.
What’s the takeaway from this sordid tale?
Make sure your security products are installed, up to date, and that they’re going to stay that way. This applies to antivirus, any other antimalware products you use, the operating system, backup software, and so on. Don’t let any subscriptions expire, and make sure you know they’re working.
For what it’s worth, I’m using Microsoft Security Essentials on my families machines for security, along with Skydrive for file replication and Crashplan for backups. If any one of these machines has a hard drive failure, I’ll lose at most a few hours worth of data from the machine. Everything else is safe, in multiple locations.
How safe is your data?