Full Disclosure mailing list archives
Re: Windows Automatic Updates WTF?
From: Troy Cregger <tcregger () kennedyinfo com>
Date: Fri, 22 Sep 2006 16:34:07 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Linux is the answer. But, if you're in a situation (and probably are) that forces you to use Micro$loth Winblow$ for some reason then you may have some well founded WTFs there. Dave "No, not that one" Korn wrote:
Is anyone else seeing this? I just noticed the 'updates waiting to be installed' shield icon in my systray. Popped it up, chose manual install to see what M$ was trying to shove down my throat this time. It was offering me the "Mydoom, Zindos, and Doomjuice Worm Removal Tool (KB836528). The text reads:- " Size: 119 KB This tool helps remove the Mydoom.A, Mydoom.B, Mydoom.E, Mydoom.F, Mydoom.J, Mydoom.L, Mydoom.O, Zindos.A, Doomjuice.A, and Doomjuice.B worms from infected systems. The appearance of this update means that your machine is likely infected with one or more of these worms. For more information on protecting your PC, visit the Microsoft Protect Your PC Web site at www.microsoft.com/protect. More information for this update can be found at http://support.microsoft.com/default.aspx?kbid=836528 " So, WTF#1 is: what the hell makes them think my utterly clean machine could possibly be infected? What kind of pseudo "detection" technique are they using? And on going to check the KB article, what do I see? " Article ID : 836528 Last Review : March 8, 2005 This tool is no longer available. It has been replaced by the Microsoft Windows Malicious Software Removal Tool." So WTF#2 is: why the hell are they trying to push obsolete old garbage on me? I'm going to leave my workstation unplugged over the weekend, in case this is some kind of DRM or WGA update being forced on us under false pretences, and in case they decide to use their "Sod-what-settings-the-user-chose, make-them-install-the-update-and-forcibly-reboot-their-machine-losing-any-unsaved-work-in-the-progress" remote control feature again. cheers, DaveK
- -- Troy Cregger Lead Developer, Technical Products. Kennedy Information, Inc One Phoenix Mill Ln, Fl 3 Peterborough, NH 03458 (603)924-0900 ext 662 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFFEi/nBEWLrrYRl8RAtcgAJ40BEyPBKxuV2nuUHdVFBdDwkVSqwCeKJbJ GXcpFm17j4/9Mvm75jta0GQ= =J6OQ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Windows Automatic Updates WTF? Dave "No, not that one" Korn (Sep 22)
- Re: Windows Automatic Updates WTF? Troy Cregger (Sep 22)