Should i upgrade to 7 over security concerns?

JonJ678 · 31 Aug 2010 at 14:01

The missus' laptop, on xp, has been infected by something that prevents her doing anything except buy an antivirus program. Im looking to prevent this reoccuring.

Windows was up to date, avast probably wasnt, no firewall. She was running as administrator.

I dont know enough about windows to reliably remove whatever has accumulated, so ill copy her data off and reformat. My choices are then to put xp or 7 back on.

She doesnt want 7, as it looks different. I dont want to buy a licence for 7.

So, is xp + kaspersky still secure enough to stay up for a year or so without reinstalls? Or is it now unsupported to the extent that this is not an option?

KIA · 31 Aug 2010 at 14:03

JonJ678 said:
She was running as administrator.

Problem right there. Make her a user.

oddsbodikins · 31 Aug 2010 at 14:06

That particular piece of malware will get you no matter what os you have.

div0 · 31 Aug 2010 at 14:07

fluff said:
Problem right there. Make her a user.

Agreed.

NathanE · 31 Aug 2010 at 14:17

oddsbodikins said:
That particular piece of malware will get you no matter what os you have.

No it won't.

madindehead · 31 Aug 2010 at 15:32

If it was me, I would just upgrade to Windows 7, because it's Windows 7

But I don't really think it will matter what OS you are on Jon, it will still get you. Just got to be careful with those malware traps. XP is apparently still going to be supported until 8th April 2014, as still over 50% of people use it (can't think why, I personally hate it now).

Either way, upgrading won't solve it I wouldn't think. Just make sure her account is extra secure

theheyes · 31 Aug 2010 at 16:05

Give her a standard user account, that's the main thing. For the next year or so it will be fine. Windows 7 is a lot more secure but if you're not too bothered about upgrading XP will do you fine for now.

And in regards to infecting standard user accounts, it is quite possible but much easier to get rid of. If the admin account get owned then... well, we've heard it all a thousand times.

Ev0 · 31 Aug 2010 at 16:13

oddsbodikins said:
That particular piece of malware will get you no matter what os you have.

As said, no it won't. Anyway, which piece of malware is it, don't see it being mentioned by name anywhere.

NathanE · 31 Aug 2010 at 17:15

Ev0 said:
As said, no it won't. Anyway, which piece of malware is it, don't see it being mentioned by name anywhere.

Don't need a name really. There's no malware in the wild that will infect a fully patched and securely operated (i.e. not setup by an idiot that turns off UAC) Vista or W7 machine.

Uhtred · 31 Aug 2010 at 17:18

NathanE said:
Don't need a name really. There's no malware in the wild that will infect a fully patched and securely operated (i.e. not setup by an idiot that turns off UAC) Vista or W7 machine.

or use flash :/

madindehead · 31 Aug 2010 at 18:10

NathanE said:
Don't need a name really. There's no malware in the wild that will infect a fully patched and securely operated (i.e. not setup by an idiot that turns off UAC) Vista or W7 machine.

I turn off UAC

But then, I don't download dodgy stuff, and no one else uses my PC. It's all about being sensible really.

JonJ678 · 31 Aug 2010 at 18:47

Very useful replies, thank you. I didnt realise admin vs user made much difference under xp.

Im going with xp, as user, and will bother to image the finished install this time.

Im interested in the statement that no malware can infect a securely set up windows install. Can you provide evidence of this? I'm working on a home server running *nix, and the range of vulnerabilities is considerable. I cannot see how microsoft can have achieved this.

NathanE · 31 Aug 2010 at 19:59

Surfing the 'net on an XP administrator account is asking for trouble. Has been the case for a few years now. You don't even need to visit dodgy sites really anymore.

I've had so many friends and family call me... In the end I've either swapped them over to a Standard User account or told them to upgrade to Vista / W7.

NathanE · 31 Aug 2010 at 20:02

JonJ678 said:
Very useful replies, thank you. I didnt realise admin vs user made much difference under xp.

Im going with xp, as user, and will bother to image the finished install this time.

Im interested in the statement that no malware can infect a securely set up windows install. Can you provide evidence of this? I'm working on a home server running *nix, and the range of vulnerabilities is considerable. I cannot see how microsoft can have achieved this.

I said securely operated. Which includes "setup" but there is more to it than that.

You can build a fort knox but at the end of the day... if the guy sitting at the front desk as a security guard is asleep or drunk then what good is all the rest of the security?

Windows Vista, W7 and *nix are all equally as secure. It comes down to how competently they are setup and operated over time. Security is a mindset.

Ev0 · 31 Aug 2010 at 21:05

NathanE said:
Don't need a name really. There's no malware in the wild that will infect a fully patched and securely operated (i.e. not setup by an idiot that turns off UAC) Vista or W7 machine.

I know that, my point/comment was aimed at the blanket statement the guy made saying it'd still have happened with a limited account. The last bit was just emphisising the fact that we weren't even told what strain of malware it was yet he can still catagorically say it'd have still happened

Working in IT security it amazes me how ignorant and just plain silly some people are with these kind of things.

thedoc46 · 31 Aug 2010 at 21:07

Sorry Nathan but you are wrong. I've personally now had TWO instances of ransomware getting on my machine, on Win7 with UAC, MS Essentials fully upto date and all the latest patches.. Happened without any user intervention. These scallywag creators of ransomware are always one step ahead.

To the OP, boot into safe mode, remove any proxy that's been added in your internet connections, download rkill.com, run it, download malwarebytes, run it, allow it to update and run and finally to remove. Edit your hosts files for any dodgy entries, finally delete all history in your browser.. Works 90% of the time, and if not then you will have to reformat.

Try to avoid pr0n sites and warez, that's where you'll pick these up from regardless of how upto date your security is.

NathanE · 31 Aug 2010 at 21:16

Ah but was your Adobe Flash and Acrobat patched.. Those are one of the biggest attack vectors over the last year or so.

theheyes · 31 Aug 2010 at 21:19

Office as well. I patch Office as aggressively as I patch Windows.

Ev0 · 31 Aug 2010 at 21:29

theheyes said:
Office as well. I patch Office as aggressively as I patch Windows.

lol I've got an image of you patching your machine like this

thedoc46 · 31 Aug 2010 at 21:30

NathanE said:
Ah but was your Adobe Flash and Acrobat patched.. Those are one of the biggest attack vectors over the last year or so.

Yup and i agree given the way these came aboard it was probably via a flash activeX scam .. I just leave flash and adobe to automatically update in all honesty. But you know, they don't send out updates until vunerabilties appear..

Its just not right to say, not possible to get so and so without so and so.. I also agree in the last 12months the problem has got worse. Even expert careful users can get caught.