Slashdot Mirror
Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide
An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."
They're apparently not content with only failing miserably in new markets like smartphones - they're now finding ways to destroy their successful businesses as well. They should just sit on their hands and keep collecting their checks.
How long before the problematic "test" updates hit the Windows 10 environment with the forced update "feature". At least with my current Windows 7 environment, I was able to not run Windows Update until I learned of the root problem. With Windows 10, I won't have that option.
Trust no one.
You are welcome on my lawn.
Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.
Does it really matter if it was a mistake or not? If a guy burns down my house accidentally, or he does it on purpose, my house is still burnt down.
That's why mandatory no choice updates and the cloud are really bad ideas. The results of little mistakes can be indistinguishable from criminal intent. Either way, you lose.
I haven't seen the update yet, but people should consider this a close shot across the bow.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
As far as I am concerned from now on, every statement from M$ is potentially a lie, and ANY OS or program from M$ is potentially full of NSA backdoors and spyware, as well as the ever-present bugs. As far as anyone knows every M$ product all the way back to the first version of DOS was/is infested the same way!
M$, you are forever wiped from my computers and out of my life!!!
This right here would be what makes black hats drool. Get a payload in the Windows update server that is signed with keys that pass. you do that and you utterly own 60% of the internet in a span of 8 hours.
If you were smart about it, you would do a quick test that is benign. changing only 2 bytes in a MS patch and then look for it. If that works you get your best rootkit that you can conceive and get it out there. now WAIT for about 25-45 days and have it download and install the nasty that you want to unleash.
Luckily 99% of the black hats are so ADD that they shoot their load as soon as they can and brag all over the internet. It's that 1% that you never hear about and are never caught that are the truly dangerous ones.
Do not look at laser with remaining good eye.