[QUOTE=ILLP;2766919]Think that is bad I went to a doctors office and left once I found out they were using windows 2000 ME…about six month ago…[/QUOTE]
I can’t say I blame you, I would be late for the door in seconds myself…
[QUOTE=debro;2766915]Lack of support by software vendors … we’ve all been there, with the switchover to 64bit os’s (thanks Creative), except rather than a $50 software alternative, they have a $50 million development cost for custom software. [/QUOTE]
Scary is it not? Assuming you are right, they have a $50 million development cost for the software they already have, presumably with no maintenance plan / life-cycle management and obviously, no end-of-life date set even though Microsoft blew their horn at 120db years before support ended…
The fact that it is a hospital that handles sensitive data is what makes this go from a laughing to a serious matter. A good AV solution is in this respect false safety as it is for the most signature based.
That means it is just like any viral infection is for us, first the virus is discovered, then we develop medication/vaccine and in an environment with sensitive data, that is a point of great importance.
What seems obvious to me (regardless of funding) is that someone must have failed somewhere when it comes to configuring a tight group policy security-wise to work around lack of funding and minimize impact. Probably even added the domain user to the local computer administrators group, to save themselves the extra overhead in day-to-day work. This gives the user the install privilege and without UAC, a free path for the infection to have a unrestricted party.