Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide

Posted by samzenpus on from the proceed-with-caution dept.

An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."

3 of 217 comments (clear)

  1. Microsoft looking for new ways to fail by JoeyRox · · Score: 4, Insightful

    They're apparently not content with only failing miserably in new markets like smartphones - they're now finding ways to destroy their successful businesses as well. They should just sit on their hands and keep collecting their checks.

  2. Re:Bad Summary - Sensationalist by QuietLagoon · · Score: 4, Insightful

    How long before the problematic "test" updates hit the Windows 10 environment with the forced update "feature". At least with my current Windows 7 environment, I was able to not run Windows Update until I learned of the root problem. With Windows 10, I won't have that option.

  3. Black Hat holy grail. by Lumpy · · Score: 5, Insightful

    This right here would be what makes black hats drool. Get a payload in the Windows update server that is signed with keys that pass. you do that and you utterly own 60% of the internet in a span of 8 hours.

    If you were smart about it, you would do a quick test that is benign. changing only 2 bytes in a MS patch and then look for it. If that works you get your best rootkit that you can conceive and get it out there. now WAIT for about 25-45 days and have it download and install the nasty that you want to unleash.

    Luckily 99% of the black hats are so ADD that they shoot their load as soon as they can and brag all over the internet. It's that 1% that you never hear about and are never caught that are the truly dangerous ones.

    --
    Do not look at laser with remaining good eye.