SP1 in the workplace

  • Thread starter Thread starter Mark or Libbie McCutcheon
  • Start date Start date
M

Mark or Libbie McCutcheon

I work for a bank operations center. There are THOUSANDS of computers linked
in the network.

All the ones I have seen are running Windows XP SP1.

Even my desk PC is 'locked' to where I cannot perform Windows Update to get
SP2 and other updates.

I have told my manager that this concerns me.. that SP2 fixes network
vulnerability issues.

Please tell me your thoughts on this. I see SP1 support is even ending in
OCt.

Could it be they haven't switched because on a very large network there are
lots of mechanisms involved with the firewalls and security settings that
have to be conformed first to accept SP2?

Why else haven't they updated?
 
From: "Mark or Libbie McCutcheon" <[email protected]>

| I work for a bank operations center. There are THOUSANDS of computers linked
| in the network.
|
| All the ones I have seen are running Windows XP SP1.
|
| Even my desk PC is 'locked' to where I cannot perform Windows Update to get
| SP2 and other updates.
|
| I have told my manager that this concerns me.. that SP2 fixes network
| vulnerability issues.
|
| Please tell me your thoughts on this. I see SP1 support is even ending in
| OCt.
|
| Could it be they haven't switched because on a very large network there are
| lots of mechanisms involved with the firewalls and security settings that
| have to be conformed first to accept SP2?
|
| Why else haven't they updated?
|


They are plain idiots !

That's why bank security is poor and personal records are compramised so often.

What bank is this ?

My bank had online banking. You logged on with you Social Security numer and a foutr didgit
PIN.

I complained bitterly for three years and I got excuses like the elderly couldn't remember
complex passwords but could easily remeber a four digit PIN. It took a FTC mandat to get
them tio change this.

Now I have a personalized Logon name (not SS#) and a complex password. It should NOT take
a mandate from the FTC to make companies security aware !
 
Mark said:
I work for a bank operations center. There are THOUSANDS of computers
linked in the network.

All the ones I have seen are running Windows XP SP1.

Even my desk PC is 'locked' to where I cannot perform Windows Update
to get SP2 and other updates.

I have told my manager that this concerns me.. that SP2 fixes network
vulnerability issues.

Please tell me your thoughts on this. I see SP1 support is even
ending in OCt.

Could it be they haven't switched because on a very large network
there are lots of mechanisms involved with the firewalls and security
settings that have to be conformed first to accept SP2?

Why else haven't they updated?


I can't tell you why they haven't done it, but I can tell you that in my
view what they are doing is foolish.
 
I'm glad to see y'all agree. What can I do? I think they think I am being
trivial and worrying about something that isn't part of my job.
 
Mark said:
I work for a bank operations center. There are THOUSANDS of
computers linked in the network.

All the ones I have seen are running Windows XP SP1.

Even my desk PC is 'locked' to where I cannot perform Windows
Update to get SP2 and other updates.

I have told my manager that this concerns me.. that SP2 fixes
network vulnerability issues.

Please tell me your thoughts on this. I see SP1 support is even
ending in OCt.

Could it be they haven't switched because on a very large network
there are lots of mechanisms involved with the firewalls and
security settings that have to be conformed first to accept SP2?

Why else haven't they updated?

Why haven't they upgraded?
Old/outdated applications or hardware, fear and ignorance. I would say
time - but after years - that's not a concern.

File a complaint in writing to whom ever is highest up the ladder.
Carbon-copy everyone else.

Of course - this fight should be important to you before you start. Perhaps
just asking for an explanation of why a banking center is using outdated and
soon to be unsupported operating systems (and more potentially insecure than
updated systems) is a good way to start.

They are not doing anything wrong by not giving the users the right to
update - that is acceptable. But they should push their own updates...
 
Mark said:
I'm glad to see y'all agree. What can I do? I think they think I am
being trivial and worrying about something that isn't part of my job.


There's probably nothing you can do. It's their responsibility, not yours,
and argiung about it with is more likely to get you into hot water than
anything else.
 
From: "Mark or Libbie McCutcheon" <[email protected]>

| I'm glad to see y'all agree. What can I do? I think they think I am being
| trivial and worrying about something that isn't part of my job.
|

Have those in charge of IT contact the US CERT and the NIST for the standards in commercial
computer setups ASAP !
 
Mark said:
I work for a bank operations center. There are THOUSANDS of computers linked
in the network.

All the ones I have seen are running Windows XP SP1.

Even my desk PC is 'locked' to where I cannot perform Windows Update to get
SP2 and other updates.

I have told my manager that this concerns me.. that SP2 fixes network
vulnerability issues.

Please tell me your thoughts on this. I see SP1 support is even ending in
OCt.

Could it be they haven't switched because on a very large network there are
lots of mechanisms involved with the firewalls and security settings that
have to be conformed first to accept SP2?

Why else haven't they updated?
There are plenty of places still running 2000. There is not a problem
provided they install all issued patches.

Cheers,

Cliff
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top