Microsoft Support (was Re: tech support being flooded due to IE 0day)
Sean Donelan
sean at donelan.com
Fri Sep 22 20:13:01 UTC 2006
On Fri, 22 Sep 2006, Paul Vixie wrote:
>> For assistance with Microsoft security issues in the US, call (866) PC-SAFETY
>
> last but not least, according to http://isotf.org/zert/ there is a non-MSFT
> patch for the VML thing. i don't expect ISP's to recommend its use, due to
> liability reasons, but mentioning it or even proactively notifying about it
> might be a way to get people off the phone (or keep them from calling in).
The largest residential ISPs, covering about 80% of the residential users
of the Internet, also have an additional resource called GIAIS. GIAIS is
a Microsoft supported group which gives ISP Operations, including help
desks, a direct communications path with Microsoft. Microsoft makes the
same PC-SAFETY Help Desk information it uses internally to GIAIS member
ISP Help Desks so customers gets consistent answers whoever the customer
calls.
http://www.microsoft.com/serviceproviders/resources/securitygiais.mspx
But more importantly GIAIS also provides a mechanism for ISPs to keep
Microsoft up to date on the real-world situation. How many customers are
being impacted, how many customers are calling ISP help desks with a
particular security incidents, etc. By exchanging hard data through the
GIAIS program, if necessary with appropriate non-disclosure agreements in
place, ISPs can help Microsoft decide when to release accelerated
patches or improved work-arounds until a patch is available.
Unfortunately, Internet blogs and mailing lists are sometimes dominated
by a few personalities that may be well-meaning, don't always have a good
handle on relevant measurement data.
Although computer professionals may understand the nuances, its probably
better to keep the general message as simple as possible. For example,
don't eat fresh spinach products. Its difficult enough to get residential
users to patch their computers at all, let alone to evaluate third-party
patches or phishers distributing fake patches.
The simple message:
For unmanaged Microsoft Windows computers, i.e. most home computers,
turn on Automatic Windows Update. When this patch is available, your
computer will get the patch directly from Microsoft; as well as future
patches.
Computer professionals should also review the relevant Microsoft security
advisories and may evaluate whether third-party solutions are appropriate
for their computer environment.
More information about the NANOG
mailing list