Results 1 to 10 of 10
  1. #1
    5 Star Lounger
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    1,070
    Thanks
    42
    Thanked 132 Times in 86 Posts

    Confusion about MS Security Essentials on XP




    LANGALIST PLUS


    Confusion about MS Security Essentials on XP



    By Fred Langa

    Microsoft Security Essentials now permanently displays a red at risk flag on XP systems despite being correctly updated. Here's what's going on. Plus: Undoing a bad change in Group Policies, what to do when suspicious software won't uninstall, and a free tool to remove search.conduit malware.


    The full text of this column is posted at windowssecrets.com/langalist-plus/confusion-about-ms-security-essentials-on-xp/ (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    New Hampshire USA
    Posts
    431
    Thanks
    12
    Thanked 37 Times in 34 Posts
    Wow - I had missed the fact that Microsoft had crippled MSE such that the version they provide for download now won't install on XP. What, exactly, do they expect people to do who wish to continue to run XP for the year that Microsoft will still provide MSE updates for it but have to reinstall MSE for some reason?

    Fortunately, places like FileHippo still provide copies of MSE from late last year, which presumably will install on XP just fine (even if one needs to do so with their Internet connection disabled temporarily to keep Microsoft from sabotaging the installation). After that, presumably they'll be updatable just as if they'd been installed before Microsoft decided to get nasty about it.

    As for XP being "now riskier", I'll pose the same challenge that I just presented elsewhere: Even if XP may be (and indeed for some years may have been) marginally less POTENTIALLY secure than a more recent Microsoft operating system, just how secure is secure enough? My Win2K system - unpatched going on 4 years now - may be more secure than a Vista or Win7 system when that comes out of the box with no anti-malware application installed and no firewall prompts to ask users whether the executable that is asking to execute is one they think ought to and may even be more secure than a Win 8/8.1 system (since MSE and Windows Firewall are relatively mediocre compared to what I'm running). Sure, I could make things even more secure by running comparably good third-party security applications on a more recent Windows version, but just HOW MUCH more secure and whether that would be enough to make any practical difference is a question that none of the scare-mongers seems prepared to address.

    If good third-party software is as competent as it has been for me at keeping threats away from the operating system then on-going operating system security patches become pretty irrelevant save as FUD to get people to shell out for a new MS system: Microsoft beyond any shadow of a doubt could afford to run tests to evaluate this possibility, and the fact that they have not made any test results in this area public is at least suggestive of the fact that they don't reflect what Microsoft would like its XP users to believe (the alternative of course being that MS is too incompetent to have realized what kind of testing is most relevant to perform, but while the Win 8 fiasco does bring their competence into a lot more question than might previously have been the case I still give them more credit than that).

  3. #3
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,748
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by - bill View Post
    If good third-party software is as competent as it has been for me at keeping threats away from the operating system then on-going operating system security patches become pretty irrelevant save as FUD to get people to shell out for a new MS system: Microsoft beyond any shadow of a doubt could afford to run tests to evaluate this possibility, and the fact that they have not made any test results in this area public is at least suggestive of the fact that they don't reflect what Microsoft would like its XP users to believe (the alternative of course being that MS is too incompetent to have realized what kind of testing is most relevant to perform, but while the Win 8 fiasco does bring their competence into a lot more question than might previously have been the case I still give them more credit than that).
    Microsoft could do many things, but they have zero incentive to certify third-party software as sufficient protection for the obsolete XP.

  4. #4
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    New Hampshire USA
    Posts
    431
    Thanks
    12
    Thanked 37 Times in 34 Posts
    Quote Originally Posted by BruceR View Post
    Microsoft could do many things, but they have zero incentive to certify third-party software as sufficient protection for the obsolete XP.
    Well, duh. My point was that they DO have incentive to provide proof that third-party software is INSUFFICIENT protection for XP, and the fact that they have not done so suggests that they can't do so.

  5. #5
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,748
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by - bill View Post
    Well, duh. My point was that they DO have incentive to provide proof that third-party software is INSUFFICIENT protection for XP, and the fact that they have not done so suggests that they can't do so.
    Oh, I see. Which software should they test? Your list or someone else's?

    I don't think they have much incentive to rip other companies' products to shreds in this instance either.

  6. #6
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    New Hampshire USA
    Posts
    431
    Thanks
    12
    Thanked 37 Times in 34 Posts
    Quote Originally Posted by BruceR View Post
    Oh, I see. Which software should they test? Your list or someone else's?
    Starting with, say, the five or six top-rated anti-malware products wouldn't be a bad choice: it's not as if they couldn't afford to. Since they don't support the more recent versions of IE on XP they should test with current versions of Firefox and Chrome as well if they want to convince people that they can't use XP with reasonable security - plus a hardware router just in case the good old Windows Firewall isn't sufficiently leak-proof (testing with a better firewall would be preferable but since that might require more decisions than many users might be equipped to make and since good anti-malware products already incorporate pretty good behavior-checking heuristics they could pass on this).

    I don't think they have much incentive to rip other companies' products to shreds in this instance either.
    They wouldn't have to: they could present the results anonymously if the results indeed supported their claim that XP is unsafe to use. Of course, any results presented today would mean that XP was already unsafe to use before they ceased providing security updates, but that shouldn't be all that embarrassing given that some of their in-house bloggers (not to mention cheerleaders like those here) have been saying this for quite a while now.

    But if they wanted to avoid even that level of embarrassment they could simply test on XP systems to which none of the security updates in the last year or two had been applied, which should provide a pretty good indication of just how important those updates were in the real world where good third-party security software (as contrasted with, say, MSE) was being used. I could do this myself if I were inclined to devote a few months' time to it: I'm just not that invested in proving what I suspect (but Microsoft has sufficiently significant incentives to prove what they claim that not doing so for the relative pittance it would cost them is, as I've been saying, suspect in itself).

    (Edit: Of course they would need a control group of PCs with up-to-date security patches to see exactly how much the lack of such patches affected things. And they would also need, if they actually wanted to do this right, another similar test group and control group of Win 7 - or perhaps Win 8, now that it's been out long enough - PCs to evaluate just how much safer the later systems were than comparably-patched XP systems running comparable third-party security software, to cover their allegation that XP is already significantly less safe than later systems are. This would probably raise the total overhead to around a person-year's worth of work: gee, do you think they could afford that?)

    Instead, they're doing things like preventing MSE from being reinstalled even while continuing to provide signature updates for it (the latter obviously a PR move, the former another arbitrarily-created stick to try to get people moving in the direction they want them to move but don't seem able to mount the kind of logically-persuasive argument I just described to convince them to).

    In other words, they're publicly espousing a superficial technical argument with much more hand-waving than actual substance but in fact depending upon marketing tactics. As I said before I won't rule out their simply being too incompetent to make a substantive technical case, but given their wealth of technical talent I find that a bit difficult to believe.
    Last edited by - bill; 2014-05-01 at 18:20.

  7. #7
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,748
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by - bill View Post
    They wouldn't have to: they could present the results anonymously if the results indeed supported their claim that XP is unsafe to use.
    You'd believe Microsoft if they said, "Our tests prove Windows XP is not secure even with Browser X, Antivirus Y and Firewall Z."?

  8. #8
    Lounger
    Join Date
    Dec 2009
    Location
    Rancho Palos Verdes, California, USA
    Posts
    29
    Thanks
    4
    Thanked 0 Times in 0 Posts
    On my XP virtual machine, it appears that MSE is ended (at least for Real-time protection). Apparently user invoked scans still work but protection cannot be turned on.
    Attached Images Attached Images

  9. #9
    New Lounger
    Join Date
    May 2014
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Interesting that I had had an earlier battle with search.conduit and finally got rid of it (I thought). As soon as this column arrived, the annoying search.conduit was back and refused to disappear. The AdwCleaner link didn't work so I resorted to download.com to get it. Also interesting: As I was blundering through the seven or eight "features" that it wanted to install for me, search.conduit was the first one. I refused. Thanks for a valuable tip on getting rid of the bad guys.

  10. #10
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    - bill said in part:

    Fortunately, places like FileHippo still provide copies of MSE from late last year, which presumably will install on XP just fine (even if one needs to do so with their Internet connection disabled temporarily to keep Microsoft from sabotaging the installation). After that, presumably they'll be updatable just as if they'd been installed before Microsoft decided to get nasty about it.
    Bill, you may be forgetting the Windows Genuine Advantage test required to download and install MSE on any PC. That test can be turned to an Always Fail condition for Windows XP downloads of anything Microsoft wishes to no longer support for Windows XP users, especially MSE.

    But folks, why fool around with MSE when good alternatives are available for free from Avast, AVG and other vendors, and good firewalls from Comodo, Zone Alarm and others? All of which are promising ongoing support for Windows XP, SP3 for at least another year. Many will probably still be around for WinXP several years from now.
    Last edited by bobprimak; 2014-05-08 at 08:31.
    -- Bob Primak --

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •