resuna, 1 year ago

@bagder My daughter used to have a Windows desktop and I had to reinstall Windows every six months or so because she'd done stuff like this, except more so. So I got her an iMac. A few years later she's having a problem so I open up Terminal... no terminal. Yep. same problem, except that it took years for her to break her Mac to the point she noticed something was wrong.

I ssh-ed in to her iMac and copied Terminal.app and a few other files back from my Mac and everything was good.

pointless_speculations, 1 year ago

@bagder Sheesh. I thought deleting system32 was a meme.

matt_garber, 1 year ago

@bagder Similar situation with Linux distros like RHEL and Ubuntu LTS: too many of the scanners (and security personnel) only look at the major.minor.patch version of installed software which gets flagged for CVEs, and do not realize that almost all long term support OSs backport security fixes into their included versions, so something like PHP 7.4 which is EOL by upstream may be patched and perfectly fine with the appropriate vendor (distro) patch applied. Sigh.

barubary, 1 year ago

deleted_by_author

bagder, 1 year ago

@barubary thanks, fixed!

jsmall, 1 year ago

@bagder Microsoft should just can answers.microsoft.com. ChatGPT could unironically provide better advise than most of the MVPs advising in those threads.

0xtero, 1 year ago

@bagder Ah, reminds me when people used to upload malicious binaries to Virus Total and have payloads link to Windows Update URLs. Then various vendor products would use that to build “Thrat Intel” blocklists for firewalls etc, essentially blocking their orgs from accessing patches

ciourte, 1 year ago

@bagder Reminds me of the good old days when a hoax spread through e-mail and msn messenger (to date the thing 🧓) pretended that a a system file with a teddy bear as its icon was a dangerous virus you'd been infected by, and that you should delete it.
https://en.wikipedia.org/wiki/Jdbgmgr.exe_virus_hoax

thomy2000, 1 year ago

@bagder Haha, what a great story 😄

Lafiel, 1 year ago

@bagder
To restore file, can try running the command with administrator privileges:
sfc /scanfile=c:\Windows\System32\curl.exe

paoloredaelli, 1 year ago

@bagder
The only sane way to fix Windows is to delete it and start using #freeasinfreedom operative systems. 😅😅😅
But this also requires that users and administrators be conscious and educated. Sadly an appreciable share is not 😢😭

lefractal, 1 year ago

@bagder Still reading it, found one small typo "but we still strongly discourage everyone from replacing and system files." (and)

michael, 1 year ago

@bagder deleting any system file on windows:

This Is Fine GIF

jugmac00, 1 year ago

@bagder I am not entirely sure whether I coined the term, but I'd like to call those issues "CVE dos". Faced similar issues for our project.

nf3xn, 1 year ago

deleted_by_author

nf3xn, 1 year ago

deleted_by_author

Renegade_GDI, 1 year ago

@nf3xn @jugmac00 @bagder they have set permissions to TrustedIntaller dude so admins could change owners, but users can't even delete system files

nf3xn, 1 year ago

deleted_by_author

Renegade_GDI, 1 year ago

@nf3xn @jugmac00 @bagder Volume Shadow Copy is optional, most of the users don't switch it on and if that's Home edition they can't even disable updates. Corporate and Pro versions get more stable versions and all bugs go get tested at Home users. So the most fair solution would be pirating the enterprise edition once in 2 years or so