abadidea

Company wide email last week: there is an emergency patch for some software you’ve never heard of. Please update manually NOW; if it’s not patched by Tuesday, your machine will forcibly reboot.

Me: o software management portal of my work machine, is this software even installed, that I might update it?

portal: it’s not installed, no.

[Tuesday comes]

Your machine is going down NOW in the middle of the workday because you FAILED TO INSTALL THE PATCH, SINNER.

Apr 7 at 11:57amWeb
Show threadabadidea6d ago

reader, the patch management system appears to have forcibly installed the vulnerable software in order to patch it.

thank gods! that was a close one

Show threadThe Waveform Conglomerate6d ago
@0xabad1dea lmao WHAT
Show threadQueen of Anxiety6d ago
@0xabad1dea wow
Show threadDJGummikuh6d ago
@0xabad1dea stupid morons exist in every company in every department... 🤷
Show threadspell6d ago
@0xabad1dea amazing
Show threadKevin Mirsky 6d ago
@0xabad1dea *begins to type angry email to desktop team*
Show threadinfosec_j6d ago
@0xabad1dea I maintain that computers were a mistake and we should have stopped at the printing press
Show threadfuzzyfuzzyfungus6d ago
@infosec_j @0xabad1dea Be careful. Woodblock/offset plate is OK; but Gutenberg's fast, cheap, and out-of-control 'movable type' nonsense is just asking for a world of integrity and availability problems.
Show threadcaranea6d ago
@0xabad1dea
🤣 Classic. But hey, at least your machine is safe again! (at least until the next emergency patch)
Show threadAgnieszka R. Turczyńska6d ago

@0xabad1dea "Compliance"

See also: https://circumstances.run/@agturcz/116362599345241424

Agnieszka R. Turczyńska (@[email protected])

Content warning: Work related noise

GSV Sleeper Service
Show threadYossi6d ago
@0xabad1dea now they can tell management that they patched 107% of vulnerable computers.
Show threadImpeach||GTFO 6d ago
@0xabad1dea that is the most US federal government thing ever to happen outside of the US federal government
Show threadLucas Treffenstädt6d ago
@0xabad1dea I was gonna joke that clearly, the right thing to do would be to install the vulnerable version first. I didn't think anyone would... actually...
Show threadcommonst6d ago
@0xabad1dea LOLson
Show threadAgnieszka R. Turczyńska6d ago
@0xabad1dea Company giveth, Company rebooth, let the name of Company be blessed.
Show threadCat 🐈🥗 (D.Burch) 6d ago
@0xabad1dea The reboot of SHAME!!
Show threadmusing_sys🇨🇦6d ago
@0xabad1dea “And this children, is how you do vulnerability management incorrectly”
Show threadMatúš Chochlík6d ago
@0xabad1dea at our company we have quarterly all-staff knowledge transfer sessions that are with big fanfare organized weeks in advance. Last time I was giving a presentation to 50 people and (because of some trouble with multi-monitor support in the nvidia driver in Linux) I booted up Windows on my company laptop. Right in the middle of the presentation it started upgrading from 10 to 11 without asking about my opinions. I mentioned it to the head of IT and he was like: LOL, sorry I guess.. :P
Show threadkit6d ago

@0xabad1dea So, has the software now been installed, with or without the patch? Or is the machine going to be rebooted every Tuesday, forever?

(I am so sorry for your misfortune)

Show threadMarcos Dione6d ago
@0xabad1dea honestly, you should have seen this coming :(((
Show threadnoplasticshower6d ago
@0xabad1dea ah hidden dependencies
Show threadmilas6d ago

@0xabad1dea I used to do macOS kernel driver development

One beta release, I could not seem to get the download to complete so I could make a VM for development

A week later I discovered IT had scripted something to instantly and silently delete the installer app if detected on disk and didn't see any flaws in their reasoning

Show threadmilas6d ago

@0xabad1dea Granted this is the same IT team who instructed me to use a reverse SSH tunnel for macOS VNC to my physical lab Mac Mini

When I mentioned I was having trouble connecting, I was informed that was expected because SSH was blocked. This was in the same ticket. 🙊

Show threadSam6d ago
@0xabad1dea wait we work at the same place?
Show threadabadidea6d ago
@0f4d0335 I work at a hardware security lab in NL that was acquired by a much larger electronics equipment company.
Show threadSam6d ago
@0xabad1dea i work at manufacturer industry that gobbles up other businesses (globally) so often we have an entire department that handles the acquisitions. my office is one of many in the same city and can survive a direct hit from a missile. we have several offices in nl.
Show threadStoneBear 6d ago
@0xabad1dea BIN there, DUN that, had INTENSE conversation with IT type half my age. Took him another two rounds to get it right, but he was at least TRYING...
Show threadKoos van den Hout6d ago
@0xabad1dea Mordac works over there? https://www.infosecurity.us/blog/2015/3/11/dilberts-mordac
Infosecurity.US - https://infosecurity.us - Dilbert, Mordac the Preventer

Infosecurity.US
Show threadda_6676d ago

@0xabad1dea thanks for reminding me to boot my work laptop, and log in to the work VPN to refresh its machine AD account.

I do like 99% of my work on a Linux VM NOT hosted on my work hardware because, like a lot of us, I poke malware all day, and the thought of poking malware on a system that has direct network access to all of that is not on my most wanted list.

Show threadtaskschd.msc6d ago
@0xabad1dea all that fuss to update the calculator app
Show threadROTOPE~1 ⭐️6d ago
@0xabad1dea *hits computer with a big red CYBERVULNERABILITY MITIGATED stamp*
Show threadGlitchyXP6d ago
@rotopenguin @0xabad1dea this can also be about the y2k scare
Show threadTaffer 🇨🇦6d ago
@0xabad1dea Corporate IT be crazy. I can’t use an email client for Gmail (browser only) because “security” somehow, but we dump everything and anything through Claude. And host everything on GitHub. As if these companies can be trusted with secrets of any kind.