 |
 |
If you're continuing to run XP systems, it would be a good idea to disable autoplay on them. Users with local admin rights plus a mis-click on an autorun popup can hose the system really quickly. Microsoft has a FixIt utilitie to do the job, along with registry and group policy methods: http://support.microsoft.com/kb/967715 Autoplay is a dangerous feature and we disabled it across the board, not just on XP systems. On Thu, 20 Mar 2014 16:23:36 +0000, Bosman, Don <[log in to unmask]> wrote: >Sneaker net and thumb drives will be your attack vectors. >If a researcher finds it expedient to have data moved faster than you can accommodate them, they are likely to improvise. >Keep the anti-virus and anti-malware up to date. > >You've probably seen the same tales that I have, about security researchers leaving spyware infected thumb drives in the parking lots for security conscious workers to find. And how every one of the drives was plugged in to see what was on it. > > >Don Bosman >Information Technologist >MSU Libraries >366 W. Circle Drive - Rm.W441 >East Lansing, MI 48824-1048 >517-884-0873 > > > > >-----Original Message----- >From: David McFarlane [mailto:[log in to unmask]] >Sent: Thursday, March 20, 2014 12:16 PM >To: [log in to unmask] >Subject: Re: [MSUNAG] Desktop Replacement Policy and XP Mitigation > >Probably irrelevant to most here, but... > >We have several Windows XP systems used in research labs for running ongoing experiments, using software that until recently did not work well under Vista/7, and in any case changing computer configuration in the middle of a research study could affect the results, so we continue to run them. But we do not use those computers for browsing the internet, and typically have the network disabled (even physcially), so I think that makes them pretty safe even without updates. As I understand it, most exploits depend on user behavior anyway, so under some circumstances XP systems will be safe regardless of updates. Or am I wrong there? > >-- dkm