Microsoft Support (was Re: tech support being flooded due to IE 0day)

Sean Donelan sean at
Fri Sep 22 20:13:01 UTC 2006

On Fri, 22 Sep 2006, Paul Vixie wrote:
>> For assistance with Microsoft security issues in the US, call (866) PC-SAFETY
> last but not least, according to there is a non-MSFT
> patch for the VML thing.  i don't expect ISP's to recommend its use, due to
> liability reasons, but mentioning it or even proactively notifying about it
> might be a way to get people off the phone (or keep them from calling in).

The largest residential ISPs, covering about 80% of the residential users 
of the Internet, also have an additional resource called GIAIS.  GIAIS is 
a Microsoft supported group which gives ISP Operations, including help 
desks, a direct communications path with Microsoft.  Microsoft makes the
same PC-SAFETY Help Desk information it uses internally to GIAIS member 
ISP Help Desks so customers gets consistent answers whoever the customer 

But more importantly GIAIS also provides a mechanism for ISPs to keep
Microsoft up to date on the real-world situation. How many customers are
being impacted, how many customers are calling ISP help desks with a
particular security incidents, etc. By exchanging hard data through the 
GIAIS program, if necessary with appropriate non-disclosure agreements in 
place, ISPs can help Microsoft decide when to release accelerated 
patches or improved work-arounds until a patch is available.

Unfortunately, Internet blogs and mailing lists are sometimes dominated 
by a few personalities that may be well-meaning, don't always have a good 
handle on relevant measurement data.

Although computer professionals may understand the nuances, its probably 
better to keep the general message as simple as possible.  For example, 
don't eat fresh spinach products. Its difficult enough to get residential 
users to patch their computers at all, let alone to evaluate third-party 
patches or phishers distributing fake patches.

The simple message:
   For unmanaged Microsoft Windows computers, i.e. most home computers,
   turn on Automatic Windows Update.  When this patch is available, your
   computer will get the patch directly from Microsoft; as well as future

Computer professionals should also review the relevant Microsoft security
advisories and may evaluate whether third-party solutions are appropriate
for their computer environment.

More information about the NANOG mailing list