Grim
My main rig running Windows 7 properly shat the bed last week. I am probably going to take this opportunity to downgrade to Windows 10 now.
What a shite state of affairs :(
Microsoft, Adobe, and SAP today delivered a load of security updates for this month's Patch Tuesday. 80 bugs squashed in Redmond It will be a busy day for admins and users of Windows PCs and servers, as Microsoft has released updates for a total of 80 CVE-listed bugs. Among the more serious issues addressed this month are CVE …
if you can still read from your hard drive, you could use a
*AHEM*
LINUX box to recover the OS and all of your files from the hard drive. I've done this with FreeBSD before, in short by creating an 'external' VDD that I can actually BOOT UP with virtualbox.
Once you manage that, you can essentially (using LInux, anyway) image the hard drive into an image file, which you can then use to create a file system. Once you have your stuff booting in a VM (hosted on Linux, not a Micro-shat OS) you should still be able to run any applications that aren't timing-critical [like games, media editing, etc.] which is most likely EVERYTHING you use, for most people anyway.
This way you can avoid the Win-10-nic tarpit.
I recommend using the 'dd' command to back up your old hard drive as an image file, before trying to boot it into a VM. Most likely you won't have trouble. But occasionally you might. Should be ok though.
back to my existing policy: PRACTICE SAFE SURFING
1. do NOT access 'teh intarwebs' from a windows machine using a micro-shaft browser
2. do NOT read (or preview) e-mail in HTML format on a windows machine
3. do NOT allow script to run in your non-microsoft browser, except for SPECIFIC sites, and particularly *NOT* ad servers! This basically means running Firefox or similar with a 'NoScript' or similar plugin.
4. do NOT "open content" when prompted. Always save to disk FIRST, then open it with the program that's supposed to open when you double-click the file in a file manager type browser. NEVER trust the 'open with" default unless you have 100% control over what will happen.
5. avoid using a windows computer for ANYTHING involving the internet, from web surfing to e-mail. If it can be sent to you from a malicious source, just previewing an e-mail or opening a link you saw in a search engine MIGHT be enough to infect you!
etc. - in short, no Edge, no IE, no Outlook, no click-open, and no SCRIPTING in anything web-related.
[even sandboxing in a VM might not be enough, especially with spectre]
Just because it isn't widely reported, don't be so sure your favourite alternative to Windows is any better...
Interesting article that didn't get picked up by El reg: Google finds 'indiscriminate iPhone attack lasting years'
The linked article is quite interesting: A very deep dive into iOS Exploit chains found in the wild
I'm sure in time we will see similar articles on macOS, Linux...
"sandboxing in a VM might not be enough, especially with spectre"
This post has been deleted by its author
"Patch your systems, then work on your upgrade strategy."
In principle, an "upgrade" should improve matters. At the very least it should not make things worse. I use a mix of Linux Mint and Windows 7 machines. When considering my "upgrade strategy" for Windows 7 as recommended by Mr Childs I require that any replacement:
- does all the things that I currently do
- does not do any of the things that I currently bar Windows 7 from doing.
So that rules out Windows 10 then.
My problem with going fully Linux Mint is that there are some specific hardware / application mixes that are tied to Windows. For example, I have a complicated mix of a DVB-T TV card with a streaming server that sits on a PC that for most of the time, sleeps in a low power state. The onboard ethernet adapter driver runs on a couple of watts and is able to wake the server PC when an external call to a specific port is received. I can thus watch UK Freeview telly anywhere in the world while away. So far I have not managed to get this working on Linux. The proprietary drivers needed are not available.
I reckon my strategy will end up being mostly Linux Mint with a legacy Windows 7 box that is protected from the outside world by large dogs.