Orphaned software. Thanks M$...

jinjuku

jinjuku

Moderator
Had a customer that does their own I.T. including never updating or patching. Fortunately they did pay me to setup their backups for the servers.

So they get cyrpt-ware. I'm able from command prompt to del *.aes_ni /s the drives and restore from the A.M. backup.

On another server something else is messed up because needed services for SMB and Network Browsing won't start and of course doing a system state restoration doesn't help. Do a clean install, setup Terminal Services, ThinPrint, Office 2003.

That last one is a problem because: Telephone and Online Validation no longer work. They purchased 7 Office 2003 pro DVD's in 2005. One has been opened in the past to facilitate installation.

I call M$ up and they say the product key has been validated too many times. So we take a still shrink wrapped DVD, uninstall , reinstall, and same issue: It won't validate online.

Give them the new key and tech says it's been validated too many times. So @ this point I know it's B.S.

Had the customer get on fleabay and get Office 2007.

Big middle finger to M$.
 
BoredSysAdmin

BoredSysAdmin

Audioholic Slumlord
You are aware that this is 2017 and it's been 10 years since Office 2007 has been released and mainstream support (including security updates) ended 5 years ago.... right?
 
jinjuku

jinjuku

Moderator
Ya, they are on Server 2003 Standard as a Member Server and SBS 2003.

Here's the kicker: VirtualBox of all products has a quasi Virtual Desktop by virtue of having the Hypervisor RDP aware.

That is you could even be running MS DOS and still console into it.
 
BoredSysAdmin

BoredSysAdmin

Audioholic Slumlord
Ya, they are on Server 2003 Standard as a Member Server and SBS 2003.

Here's the kicker: VirtualBox of all products has a quasi Virtual Desktop by virtue of having the Hypervisor RDP aware.

That is you could even be running MS DOS and still console into it.
https://www.spice-space.org/ - Only found it today, but seems interesting. Probably beats 2003 era RDP performance by miles.
 
jinjuku

jinjuku

Moderator
You are aware that this is 2017 and it's been 10 years since Office 2007 has been released and mainstream support (including security updates) ended 5 years ago.... right?
So is the customer... But the fact is that they didn't get hammered because Office didn't have a patch. A user got this to happen via a trusted email from someone who had their account hacked.

Honest to god, I don't remember the last time I had to call M$ for Office support. It's never actually happened. What has happened is a product that works, that has never, EVER, been a vector for infection has been closed off to them. They paid their money and, regardless of age of product, they've been denied the usage of it.

It's like saying that a 14 year old car isn't safe as new cars. Even though it's been working fine and you've never been in a wreck and it's never caused a wreck, we are going to disable it for you.
 
BoredSysAdmin

BoredSysAdmin

Audioholic Slumlord
First of all. I do agree with you on issue of what essentially is a DRM issue: They (Microsoft) shouldn't just killed the activation.
What has happened is a product that works, that has never, EVER, been a vector for infection has been closed off to them.
401 reasons I disagree with you:
https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-320/Microsoft-Office.html
It's like saying that a 14 year old car isn't safe as new cars. Even though it's been working fine and you've never been in a wreck and it's never caused a wreck, we are going to disable it for you.
14 year car is by definition isn't as safe as new car even if it wasn't never in accident. New cars have better safety systems built-in and you do get into accident with new car vs 14y old car (same maker/model), I'd take my chances with a new car.
 
BoredSysAdmin

BoredSysAdmin

Audioholic Slumlord
Was it available in 2003? Bottom line is for 12 years, including going from P2V, it's simply worked day in day out w/o fail.
You misunderstood again, I mere pointed out this as an cheap alternative to build low cost VDI today vs simply rebuilding 2003 server and handing it back to customer.
 
jinjuku

jinjuku

Moderator
You misunderstood again, I mere pointed out this as an cheap alternative to build low cost VDI today vs simply rebuilding 2003 server and handing it back to customer.
I'm not. The end users and the owner are used to 12 years of how it's put together. The infrastructure is built around this as it's their bread and butter.

I've put it back together to get them up and running and productive again. Trust me we are now talking about how to move this all forward but they have a legacy application that only works in XP. No matter how that gets sliced it's going to be XP that is the soft target.
 
BoredSysAdmin

BoredSysAdmin

Audioholic Slumlord
I'm not. The end users and the owner are used to 12 years of how it's put together. The infrastructure is built around this as it's their bread and butter.

I've put it back together to get them up and running and productive again. Trust me we are now talking about how to move this all forward but they have a legacy application that only works in XP. Now matter how that gets sliced it's going to be XP that is the soft target.
I had good success packing ancient Windows 95 apps with VMWare's ThinApp and they would work fine on windows 7 without need for compatibility shims (they didn't work for that app either)

Some potentially free alternatives worth exploring:
http://enigmaprotector.com/en/aboutvb.html
https://www.wilderssecurity.com/threads/application-virtualization-software-swv-alternatives.338319/
 
jinjuku

jinjuku

Moderator
First of all. I do agree with you on issue of what essentially is a DRM issue: They (Microsoft) shouldn't just killed the activation.

401 reasons I disagree with you:
https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-320/Microsoft-Office.html

14 year car is by definition isn't as safe as new car even if it wasn't never in accident. New cars have better safety systems built-in and you do get into accident with new car vs 14y old car (same maker/model), I'd take my chances with a new car.
Some people DO take their chances with a 14 year old car. And they would appreciate it if the manufacturer isn't going around and proactively disabling the car so one morning when you come out and turn the key you get nothing.

My customer hasn't had a major incident like this since I setup their NT4 / Exchange 5.5 server in 1999.

I keep well abreast of security threats (Krebs, Google Attack Map, US-Cert etc...)

In house we keep up to date and if a line of business application doesn't evolve with the times, we generally will replace it. Some people aren't in this position.

Bottom line is I needed to get them up to speed as quickly as possible and M$ made sure this couldn't happen. There will be a post mortem and a discussion of how to move to 2016 and Windows 10. But you have to be able to stabilize the patient first.
 
jinjuku

jinjuku

Moderator
I had good success packing ancient Windows 95 apps with VMWare's ThinApp and they would work fine on windows 7 without need for compatibility shims (they didn't work for that app either)

Some potentially free alternatives worth exploring:
http://enigmaprotector.com/en/aboutvb.html
https://www.wilderssecurity.com/threads/application-virtualization-software-swv-alternatives.338319/
Getting TS, and ThinPrint took a total of 1 1/4 hour. Not sure what other position I'm to take. TS licensing is part of XP Pro. You get a client license included at no cost.

I LOVE VDI vs TS. They aren't doing VDI. It is what it is.
 
BoredSysAdmin

BoredSysAdmin

Audioholic Slumlord
Getting TS, and ThinPrint took a total of 1 1/4 hour. Not sure what other position I'm to take. TS licensing is part of XP Pro. You get a client license included at no cost.

I LOVE VDI vs TS. They aren't doing VDI. It is what it is.
Again, I think it late and you're missing a point. That last post wasn't about vdi or ts. just application packing. It's quite simple and could a lifeline to let your client run legacy app on new OS.
 
jinjuku

jinjuku

Moderator
Again, I think it late and you're missing a point. That last post wasn't about vdi or ts. just application packing. It's quite simple and could a lifeline to let your client run legacy app on new OS.
I understand. I'm here to vent about being prevented from getting the customer up an running while a next step is figured out.

This isn't my first rodeo.
 
newsletter

  • RBHsound.com
  • BlueJeansCable.com
  • SVS Sound Subwoofers
  • Experience the Martin Logan Montis
Top