How can you realistically get hacked from using an outdated OS if you're behind a firewall? All those meme vids of "computer hacked after 10 seconds of connecting XP to the internet" involve turning off he firewall, from what I heard. If the firewall is on what is the realistic attack vector where you get hacked because of an unpatched weakness in the OS? Outdated browser maybe, but that goes for any OS. Is browser security worse on an outdated OS?
firewall set to public mode (more restrictive) plus disabling some potentially vulnerable services like accepting remote desktop call-ins should be enough
>>107723003As long as you aren't pirating software or browsing sketchy websites with horribly outdated versions of Firefox or Chrome, you're totally fine with connecting old operating systems to the internet. I've personally been using Mac OS X 10.4 for like 10 years as my detox OS and I haven't had a single security issue yet.
>>107723057your name is Manolo, you live in Mexico and you download furry porn
Winnuke.
>>107723220>The exploit sent a string of Out-of-band data (OOB data) to the target computer on TCP port 139So it wouldn't work if your computer was behind a firewall? Also this thing is ancient and patched and didn't even pwn the computer, seems like more of a prank.
>>107723003You discovered the truth, anon. Bill Gates is on his way to your home to beat you up.
>>107723248I actually use Windows 11 but I use old Android on my phone, but the updoot logic is the same as on Windows. I'm somehow supposed to get pwned from using a few trusted apps and an up to date browser because my Android is outdated. I'm trying to understand how.
>>107723003there are zero risks if you're behind cgnatif the mentally ill disagree then you should give them your IP 192.168.1.5 and watch them move the goalposts and hang themselves when they cant do the things in those youtube videos
>>107723057>You're totally fine, trust me bro
the tldr of what happened was the launch of 10 was clearly going downhill like it was for 8 and instead of backpedaling like they did going from vista to 7, they just went forward with the changes end users didnt wantbut in order to get people to switch anyway, they ran that whole campaign about out of date operating system security risks, and how using something without regular security updates was super dangerous for a regular user, the idea was successfully planted into assorted tech cultures and people tend to parrot what they hear news outlets talk about regardless of its entirely true or notnobody gave a fuuuuuuuuck about what operating system you were using in terms of its age or how up to date it was before that point, when 8.1 came around people were still on 7 and XP in reasonable numberspeoples concerns were software compatibility as the operating systems aged, not the security of anything, nobody cared about thatwhen XP started getting old the issue wasnt the lack of updates or support, it was that browsers didnt support it anymore, game launchers stopped working on it, new video standards online meant that old versions of browsers would struggle with youtube and suchpeople were worried about that, thats the reason to upgrade the OSbut since everything worked fine on 7 and 8.1 and everyone was fairly happy with them, 10 came around and it looked like a hassle, nobody wanted or needed to upgradeso microsoft had to trick them into upgradingthe reality is that for a regular home user, common sense 2003 edition is about all you need to avoid getting some detrimental virus on your computerand even if you do, who the fuck cares, wipe it and start againyoure not doing time critical professional work on an XP machine which youre also downloading cracked versions of minecraft on
>>107723003100% certainty if you have services listening the open net, which XP and 7 has
>>107723814>which XP and 7 haslike what
>>107723931All the network services like updates, network discovery, printing, etc
>>107723057you can't live without piracy nowdays
>>107723003>Intel Processor Diagnostic Toolwhat does this actually do?
Drive-by exploits that automatically execute just by you viewing something that loads the components in it. As I'm sure you know: there's much more to the OS than just the GUI. Windows is a sprawling mess of APIs, DLL files, system components, services, exes, registry keys. Some of this has vulnerable code in it. So maybe you end up using the latest browser but because it still talks to some windows DLL that does cryptography it ends up making your SSL vulnerable. Or maybe you open a website and your OS "helpfully" runs an associated program handler for a protocol format that turns out to be vulnerable.
>>107725018any examples
>>107723171uuuh based?
>>107725033CVE-2025-43300
>>107725304Thats interesting, does anything comparable exist for Android or Windows?
>>107725449CVE-2025-50165
>>107723003>if you're behind a firewall?Assuming there isn't a list of exploits for that firewall a few dozen strong...> on what is the realistic attack vectorBotnets literally spam packets looking for low hanging fruit to fall over...>Is browser security worse on an outdated OS?Largely. But this tends to stem from the software on outdated OS being known flawed...>>107723057>I haven't had a single security issue yet.I'm far from a crapple fanboi... But you can't apples:apples winhoes:macOS... As that's technically *nix, you gotta fuck up pretty hard to compromise outside of logged in user's scope...>>107723246>seems like more of a prank.That could be. Literally, the entire platform was abandoned for a reason: It's easier than fixing it. There are massive holes. >>107723267>because my Android is outdatedDewd. This shit is even worse. Fully updated (cr)apps, like whatscrapp, deliver zero clicks all the time. Older versions of hemmehroids will zeroclick from SMS...
>>107725505So Windows 7 is pwnable now by loading a jpg? Also why are both of these related to image processing, wtf is wrong with jpgs
>>107725588Apple had zero click from SMS too (operation triangulation).
>>107723298>if you're behind cgnatAlso demonstrably flawed...>>107723468>they ran that whole campaign about out of date operating system security risksLook at the logs of any internet connected service. Count how long it takes before you see something trying to exploit known flaws in outdated winhoes.Botnet sizes for win10 are on the rise now...>so microsoft had to trick them into upgradingI'm not going to pretend there's any honesty on M$'s end... But there is no trick. This outdated shit is causing problems, and at scale. >who the fuck cares,That.That's precisely how this shit happens.>critical professional work on an XP machine which youre alsoYou would be surprised of the abuse of policy, procedure and protocol I've witnessed just so some stupid fuckweasle can play some stupid fucking game instead of doing their job... Even more surprising would be the places you can witness it...>>107724630Quis custodiet ipsos custodes
>>107725591Pretty sure some XP can be done with true type fonts...>>107725642But critically, that's only still a thing on outdated shit?
