Microsoft Ramps Up "Fix it" Support Tool 144
CWmike writes "Microsoft has ramped up its new Windows support assistant 'Fix it for me' nearly three months after it quietly released the automatic repair and configuration tool. The upgrade adds a 'Fix it' button to some of the support documents that Microsoft posts to its Knowledge Base. The blog introducing the changes lists some of the Knowledge Base documents that boast the 'Fix it' button, including one that prevents users from connecting a USB storage device — useful in protecting against one of the infection vectors of the 'Downadup' worm. Have ideas for the tool? In a forum on the 'WinVistaClub' Web site, someone who said he was part of the 'Fix it' team at Microsoft encouraged users to send feedback on the feature to the group at fixit4me@microsoft.com."
What happens.... (Score:5, Insightful)
What happens when the "fix it tool" itself breaks?
Seems exploitable (Score:5, Insightful)
Re:What happens.... (Score:5, Insightful)
That presupposes that the Fix It tool will work in the first place
Ever tried to use the Repair option in MS Office? I've used it on dozens of installs, and it has never once repaired a GD thing
As my family's support guy..... (Score:5, Insightful)
The problem with her computer was between the chair and the keyboard. Anyway, to shorten the story, I asked her if she's ever Googled for answer to her problems or looked at the manual. Nope.
Folks like that who would actually benefit from something like that will never come across it because they don't even think of searching the net for a solution; let alone of actually reading the manual and following the trouble shooting guide in the back.
People like us, tech savy, will never trust a script like that from MS.
This is doomed to fail.
Re:What happens.... (Score:5, Insightful)
Why pick on office.
I've never once had an install repair utility fix ANY program EVER.
Re:Seems exploitable (Score:5, Insightful)
In addition to the possibility of exploits in this kind of system, I really worry about what it will do with respect to the very user education issue you mention.
If Microsoft's official site trains people to trust (and click on) an agreeable-looking "Fit it!" icon, it won't be long before other sites use a surprisingly similar-looking "Fit it!" icon to induce people to click on malware (and click through the various warnings that appear--after all, I trust this thing to fix my computer!). There will always be some users who are easily fooled... but Microsoft should not exacerbate the situation by making people comfortable with the idea of launching system-altering utilities directly from the web browser.
To me this is no better than the IT department asking you for your password. Yes, you should trust the IT department (and they could no doubt determine your password if they really wanted to)... but it creates a bad habit, where users are accustomed to emailing their passwords to whoever asks and seems even slightly legitimate.
Re:Could be useful... (Score:5, Insightful)
I've always thought it was strange how KB articles can get to have some really complicated actions, yet they can't just give you a script to do what they're telling you to do.
And then they have the nerve to tell us Linux is complicated.
Re:Seems exploitable (Score:4, Insightful)
There's really nothing here to exploit that hasn't always existed.
All they've added to the KB document is a link to download an MSI file that, when executed, fixes the problem. As long as the web has existed it has been possible to put a link on a webpage saying "download this little utility which will fix all your problems, honest".
Really, it just makes sense. If you're already browsing Microsoft's knowledge base, and you've found the document that explains your problem, instead of following the step-by-step "fix it" instructions provided in the document, why not just click on a link that does the work for you.
So, now they're providing instructions for the people who want to do it themselves, and a convenient utility for the people who don't. Sounds reasonable to me.
Re:What happens.... (Score:3, Insightful)
And sadly, when People click on something like that, and what's supposed to happen happens, users get used to running applications from websites. This is a very bad thing indeed.
Re:get hacking, guys! (Score:5, Insightful)
It can be installed in one click too, so it would be great for this kind of thing (although i don't actually suggest we try that, it would make people think linux was just a virus or something).
That's a stupid idea anyway. Linux is about choice. We only take the willing :)
Re:Could be useful... (Score:3, Insightful)
And at least in Linux, a cursory knowledge of any Unix-based system is enough to get around. There are manpages for stuff. There are things that explain what these options or those switches do, and logfiles to help you understand what's going wrong, so there are ways to figure out, on your own, what to do.
I'm a veteran user/admin of both systems and the above KB article, and tons more like it, completely flummox me. Sure, I could mindlessly execute the instructions but there's no way I'd ever figure out to do any of that on my own, and I don't see any way to deduce any of it either. To even understand half of it requires some knowledge of should-be-obsolete-by-now DOS hijinks. And just what the hell is "SET BLASTER=A220 I5 D1 P330 T3"?
It just astonishes me that gibberish like the above, or having to manually expand cab files, or alter hex values buried thirteen layers deep in the registry, or extract files out of a CD by hand, is considered okay by so many, but god forbid you instruct a user to "apt-get install" something, because ha! ha! that's just difficult and non-intuitive!