Windows 7 + 4GB RAM + NVidia USB chipset = FAIL

hotfix_icon Which summed up my Windows 7 PC.

The FAIL bit was that when I’d do a large USB file copy, without fail (no pun intended), I’d get a DRIVE IS NO LONGER RECOGNIZED error.

Then all my USB ports would fail to work.  To recover, meant rebooting my computer.

The problem got REALLY annoying.  I’d be copying podcasts to my MP3 player, and it’ll fail.  Or when I was trying to sync my Windows Mobile phone, and it’ll fail.

Microsoft released a patch late January, and since then I have been USB crash free.  You can read all about the patch here:
You encounter problems when you move data over USB from a Windows 7 or Windows Server 2008 R2-based computer that has an NVIDIA USB EHCI chipset and at least 4GB of RAM

 Bookmark and Share

A good patch management policy

A good patch management policy is needed to protect you from risk, and to encourage the attacker to find easier/unpatched victims.  Selfish but true.

  1. Know your risk.
    Security is risk management, it’s as simple as that.
    Know your environment, and the vulnerabilities which apply.
    Determine what is more critical to patch first.
    Rule of thumb: servers should be patched first
  2. Have some sort of patch management system.
    You need to somehow to get the patches out to your computers, and that “somehow” is a deployment tools (Microsoft SMS/SCCM/WSUS, Shavlik)
    A good patch management product will also allow third-party patch rollout (ie. Adobe Flash, Adobe Reader, Firefox etc.)
  3. Deploy your patches to pilot groups first.
    There is no sense in deploying a patch everywhere, if it breaks something.  If you do that, it’s just like deploying a virus.
  4. Make sure your Pilot Group:
    * pilot group deployment list is up to date (people change their job positions, computers are replaced).
    * that your Pilot Group Testers are aware that they need to report any problems they’re found.
  5. Have a back-out process.
    If the patch does break something, you should know how to uninstall it.
  6. Use a mailing list like BugTraq
    Know what threats have been created.  And migrate against them as soon as possible.

Bookmark and Share