Slashdot Mirror
Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide
An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."
They're apparently not content with only failing miserably in new markets like smartphones - they're now finding ways to destroy their successful businesses as well. They should just sit on their hands and keep collecting their checks.
How long before the problematic "test" updates hit the Windows 10 environment with the forced update "feature". At least with my current Windows 7 environment, I was able to not run Windows Update until I learned of the root problem. With Windows 10, I won't have that option.
Or Microsoft covering for a government install that was caught.
Peter predicted that you would "deliberately forget" creation 2000 years ago...
It is so uplifting to find so many people who have never made a mistake in their professional careers.
I am sure those around you are giddy as they read your witty posts on Slashdot calling out "those idiots at Microsoft".
I applaud you and the personal perfection that arms you with such stones.
Trust no one.
You are welcome on my lawn.
I told you so.
Somehow I don't believe you. Care to provide a link to the post in which you said that Microsoft would accidentally post a test package to the production Windows Update service?
Well, I don't know that the individual expressly posted that a suspicious update would happen, but unless Microsoft does something it has never ever done before, one of these days, an update that few have any option to do than let it happen, will create a huge mess.
Because unless you only use office, Microsoft updates constantly break things.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.
Does it really matter if it was a mistake or not? If a guy burns down my house accidentally, or he does it on purpose, my house is still burnt down.
That's why mandatory no choice updates and the cloud are really bad ideas. The results of little mistakes can be indistinguishable from criminal intent. Either way, you lose.
I haven't seen the update yet, but people should consider this a close shot across the bow.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
As far as I am concerned from now on, every statement from M$ is potentially a lie, and ANY OS or program from M$ is potentially full of NSA backdoors and spyware, as well as the ever-present bugs. As far as anyone knows every M$ product all the way back to the first version of DOS was/is infested the same way!
M$, you are forever wiped from my computers and out of my life!!!
This right here would be what makes black hats drool. Get a payload in the Windows update server that is signed with keys that pass. you do that and you utterly own 60% of the internet in a span of 8 hours.
If you were smart about it, you would do a quick test that is benign. changing only 2 bytes in a MS patch and then look for it. If that works you get your best rootkit that you can conceive and get it out there. now WAIT for about 25-45 days and have it download and install the nasty that you want to unleash.
Luckily 99% of the black hats are so ADD that they shoot their load as soon as they can and brag all over the internet. It's that 1% that you never hear about and are never caught that are the truly dangerous ones.
Do not look at laser with remaining good eye.