Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Windows Microsoft Security

Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide 217

An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."
This discussion has been archived. No new comments can be posted.

Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide

Comments Filter:
  • by Anonymous Coward

    This is exactly why I disabled updates. With all of the crap MS has been trying to forcefully push out after Malware 10 was released, you're safer without them.

    • Re: (Score:2, Interesting)

      by bondsbw ( 888959 )

      I told you so.

      Somehow I don't believe you. Care to provide a link to the post in which you said that Microsoft would accidentally post a test package to the production Windows Update service?

      • Re: (Score:2, Insightful)

        by Ol Olsoc ( 1175323 )

        I told you so.

        Somehow I don't believe you. Care to provide a link to the post in which you said that Microsoft would accidentally post a test package to the production Windows Update service?

        Well, I don't know that the individual expressly posted that a suspicious update would happen, but unless Microsoft does something it has never ever done before, one of these days, an update that few have any option to do than let it happen, will create a huge mess.

        Because unless you only use office, Microsoft updates constantly break things.

        • by mjm1231 ( 751545 )

          Because unless you only use office, Microsoft updates constantly break things.

          Why would only using Office help? Office updates break things plenty often in my experience.

          • Because unless you only use office, Microsoft updates constantly break things.

            Why would only using Office help? Office updates break things plenty often in my experience.

            I probably should have said "simple stuff" as I haven't touched MS Office since the ribbon, except for PowerPoint. My bad.

        • by dbIII ( 701233 )

          Well, I don't know that the individual expressly posted that a suspicious update

          I've had the opposite sort of "suspicious update" on a couple of machines - one that suspects it's not a real copy of windows so that you have to repeat product activation, then roll back updates and do a whole lot of new updates.
          How many times do you want to reboot today?

          • Well, I don't know that the individual expressly posted that a suspicious update

            I've had the opposite sort of "suspicious update" on a couple of machines - one that suspects it's not a real copy of windows so that you have to repeat product activation, then roll back updates and do a whole lot of new updates. How many times do you want to reboot today?

            From what I've been told, it was an update that started that mess.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        As far as I am concerned from now on, every statement from M$ is potentially a lie, and ANY OS or program from M$ is potentially full of NSA backdoors and spyware, as well as the ever-present bugs. As far as anyone knows every M$ product all the way back to the first version of DOS was/is infested the same way!

        M$, you are forever wiped from my computers and out of my life!!!

        • What do you mean by "from now on"? Were you ever under the impression that Microsoft was completely truthful, or completely free of government spyware? Microsoft is a large publicly held corporation, and as such can't be completely trusted.

          As far as the first Microsoft OS goes, I'd be astonished to find there was government spyware. Personal computers then were almost never hooked up to any sort of network, and they weren't considered really important.

  • It was a test update (Score:4, Informative)

    by Anonymous Coward on Wednesday September 30, 2015 @02:36PM (#50630431)

    http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/

    • by Anonymous Coward

      You trust ZDNet? Aren't they the ones who tried to justify and cover for Windows 10 spyware and built-in advertising?

    • by Zero__Kelvin ( 151819 ) on Wednesday September 30, 2015 @04:40PM (#50631623) Homepage
      Does anyone seriously believe that if their servers have been compromised that they would be honest and admit it? With the Windows 10 debacle on everyone's mind it is highly likely that someone compromised their servers to prove a point that their claim that everyone's data is safe in their hands is bullshit. It really doesn't matter, because even if their claim is 100% honest it amounts to this: Microsoft cannot be trusted. Period.

      What is that you say? Never ascribe to malice that which can be explained by incompetence? Oh, I totally agree, with the exception that I would say "as a rule" rather than never. The problem is it doesn't matter if you can't trust them because they are malicious, or you can't trust them because they have proved their incompetence. Either way, they have now proved beyond a shadow of a doubt that they must not be trusted, because they are definitely and provably not trustworthy. We can all speculate as to why nobody should trust them, but no reasonable person would assert, as of today, that they should be trusted.
  • only a test (Score:5, Interesting)

    by tomhath ( 637240 ) on Wednesday September 30, 2015 @02:36PM (#50630437)
    FTFA:

    Microsoft said a highly suspicious Windows update that was delivered to customers around the world was the result of a test that wasn't correctly implemented.

    They were just checking to see if you really wanted to upgrade to Windows 10

  • by jones_supa ( 887896 ) on Wednesday September 30, 2015 @02:37PM (#50630447)
    Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.
    • by MrLint ( 519792 )

      That really only applies when the split between malice and stupidity could land at the same place.

    • by sunderland56 ( 621843 ) on Wednesday September 30, 2015 @02:43PM (#50630517)

      Never attribute to malice that which is adequately explained by stupidity.

      You mean that Windows 10 wasn't intended to be patently evil, it's just that Microsoft are idiots?

      • Never attribute to malice that which is adequately explained by stupidity.

        You mean that Windows 10 wasn't intended to be patently evil, it's just that Microsoft are idiots?

        The sad part, is that after trying out W10, I was pretty excited. Stuff worked, I could do what I needed to do, and find what I needed to find.

        But they really screwed the pooch with the telemetry and the no choice updates on everything but Enterprise. My W10 Pro sacrificial computer running Pro only allows me to put them off for a little while, and constantly nags me.

        So since I have one last piece of software that requires Windows, my sacrificial computer will run that program and only that program, an

    • Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.

      What's more reasonable, that some MS drone fucked up, or that the NSA compromised their update servers to illegally wiretap every system on the planet, Batman style, just sort of hoping no one would notice? Where's Morgan Freeman when you need him?

      • What's more reasonable, that some MS drone fucked up, or that the NSA compromised their update servers to illegally wiretap every system on the planet, Batman style, just sort of hoping no one would notice? Where's Morgan Freeman when you need him?

        Why would the NSA need to compromise the update servers? They just send a National Security Letter [wikipedia.org] to Microsoft and their backdoor gets put into the OS when it ships, they don't need to slip it into an update.

        • An NSL doesn't require them to change code, only to hand over information they've already got or can easily get. The NSA would use other means to pressure Microsoft.

    • Re: (Score:3, Insightful)

      by Ol Olsoc ( 1175323 )

      Never attribute to malice that which is adequately explained by stupidity. Could be that some Microsoft engineer accidentally published a test update.

      Does it really matter if it was a mistake or not? If a guy burns down my house accidentally, or he does it on purpose, my house is still burnt down.

      That's why mandatory no choice updates and the cloud are really bad ideas. The results of little mistakes can be indistinguishable from criminal intent. Either way, you lose.

      I haven't seen the update yet, but people should consider this a close shot across the bow.

    • The problem is, from the perspective of trying to cram Windows 10 up our asses ... there's been an awful lot of what is best called malice.

      Microsoft plans on applying this upgrade whether you like it or not, and in a lot of cases, is going to remove your control over subsequent updates ... your computer apparently belongs to them.

      So, are you suggesting we have stupid malicious assholes who are incompetently pushing out test updates in a fucking sea of unwanted updates they're intentionally obfuscating as to

  • by TWX ( 665546 ) on Wednesday September 30, 2015 @02:39PM (#50630467)
    From the article...

    "We incorrectly published a test update and are in the process of removing it," a Microsoft spokesperson wrote in an e-mail to Ars. The message included no other information.

    The explanation came more than 12 hours after people around the world began receiving the software bulletin through the official Windows Update, raising widespread speculation that Microsoft's automatic patching mechanism was broken or, worse, had been compromised to attack end users. Fortunately, now that Microsoft has finally weighed in, that worst-case scenario can be ruled out.

    I'm a little leery of the Microsoft claim. Admittedly I am perhaps a bit biased against Microsoft for their having integrated a web browser into their OS kernel such that the OS can be irrevocably compromised through a simple web page, but even without that history, that company is large enough that anyone in public relations to make the, "our bad," announcement might not have any idea what actually happened from a technical point of view. On top of that the formatting of the update doesn't give any clue that it's a test update either, as it appears to make no origin claims (at least by the article's included screen shot) and is simply strange.

    Whenever I've done something as a test, I actually note in the comments that it's a damn test. I also note that I put it there. Microsoft might not want to publicly attribute something to a particular developer to intentionally obfuscate the development process from the user, but they still should have used something that identifies it as a test to the average person, and used something to make it clear to them that it's attributed to a specific person.

    • by Anonymous Coward

      On top of that the formatting of the update doesn't give any clue that it's a test update either, as it appears to make no origin claims (at least by the article's included screen shot) and is simply strange.

      Well, from the examples given on the forum link, one thing does stand out:

      https://hckSLpGtvi.PguhWDz.fuVOl.gov
      https://jNt.JFnFA.Jigf.xnzMQAFnZ.edu
      https://IIKaR.ktBDARxd.plepVV.PGetGeG.lfIYQIHCN.mil

      .gov, .edu and .mil addresses are very restricted TLD's. This makes them great for use as 'test' URL because you can be sure they don't exist. After all, TLD's that may be fictional now (.web) might not be in the future (.site [nic.site]).

    • Whenever I've done something as a test, I actually note in the comments that it's a damn test. I also note that I put it there.

      There's a real possibility that you are a better programmer than the average Microsoft programmer. Really.

      • by tlhIngan ( 30335 )

        There's a real possibility that you are a better programmer than the average Microsoft programmer. Really.

        Or more like he's a better programmer than the average programmer. Far too many do stuff like push to production, or edit in production, or just check in a quick "it should work" straight into source control without even compiling it.

        • by TWX ( 665546 )

          There's a real possibility that you are a better programmer than the average Microsoft programmer. Really.

          Or more like he's a better programmer than the average programmer. Far too many do stuff like push to production, or edit in production, or just check in a quick "it should work" straight into source control without even compiling it.

          That is a really scary thought, given how I've evaluated my programming knowledge and experience.

    • they're still fscking weasels, whether it's Microsoft or malicious. uh, wait, it's too hard to tell them apart, now.

  • by JoeyRox ( 2711699 ) on Wednesday September 30, 2015 @02:39PM (#50630475)
    They're apparently not content with only failing miserably in new markets like smartphones - they're now finding ways to destroy their successful businesses as well. They should just sit on their hands and keep collecting their checks.
    • by Gr8Apes ( 679165 )
      But but but... then they're just like a utility, paying dividends and not increasing their paper wealth at those small growth stock rates!!!!
  • by 0123456 ( 636235 ) on Wednesday September 30, 2015 @02:40PM (#50630477)

    Perhaps it's just me, but on days like this it almost looks like sacking thousands of QA employees might not have been the smartest idea ever.

  • "Microsoft confirmed Wednesday that a suspicious-looking update pushed out to Windows machines globally in the early hours was nothing more than a test gone errant."

    http://www.zdnet.com/article/m... [zdnet.com]

  • by alzoron ( 210577 ) on Wednesday September 30, 2015 @02:47PM (#50630559) Journal

    The summary makes it sound like this is all a mystery and insinuates that Microsoft's update servers may have been compromised, however, the linked articles state that it was simple a mistakenly pushed test patch and nothing nefarious at all.

    • by QuietLagoon ( 813062 ) on Wednesday September 30, 2015 @03:06PM (#50630745)
      How long before the problematic "test" updates hit the Windows 10 environment with the forced update "feature". At least with my current Windows 7 environment, I was able to not run Windows Update until I learned of the root problem. With Windows 10, I won't have that option.
    • Welcome to the internet, where the content you point to might not be the same 12 hours later, even though you never changed your pointer.
    • Nerves rattled? Scanning the title I thought a Microsoft update literally caused Brain Damage that caused users' pointer fingers to shake uncontrollably on top of their mouse.

  • by ripvlan ( 2609033 ) on Wednesday September 30, 2015 @02:48PM (#50630565)

    yeah - turns out to be a mistake. We can delete this post and all conversation after it.

    • Re: (Score:2, Insightful)

      by PRMan ( 959735 )
      Or Microsoft covering for a government install that was caught.
      • Or Microsoft covering for a government install that was caught.

        Here, your tinfoil hat just fell off

      • Yeah - I had a similar thought later. Maybe MS is coding special features for gov't computers - maybe a honeypot monitoring service to catch hackers.

        Or patching a known vulnerability for just Gov computers because the NSA asked it to be left open for the general public.

        Then I turned on the TV and stopped thinking.

    • Slashdot didn't retract or even acknowledge a story that's an outright falsehood [slashdot.org], so why would they do anything about this?

  • It verified that Microsoft hasn't changed a bit, and they are still a bunch of arrogant idiots.
  • The same article also explains that it was a test update that they released by accident. Human error isn't exactly unbelievable when it comes to computer software. The tinfoil hat jobs are just doing what they always do around here - spreading FUD.

    • "The same article also explains that it was a test update that they released by accident."

      No. A different article pointed to be the same URL explains that. You should probably learn how the internet works some day if you are going to make snarky comments on Slashdot.

  • Trust?

    Silly rabbit, trust is for naive fools.

  • I've been reading the support forum links where people claim that their PC where nuked with this update, nothing worked, everything failed, no System Restore, bla bla bla. I'm amazed how far the MS hate goes, even making up stories.
    • "I've been reading the support forum links where people claim that their PC where nuked with this update, nothing worked, everything failed, no System Restore, bla bla bla. I'm amazed how far the MS hate goes, even making up stories."

      You make a great point. It was a test update. There is no possibility at all that it would cause any problems. Wait ... why was it a test rather than a release update again?

    • by Wolfrider ( 856 )

      --My friend's PC was nuked just like they are saying. You gonna call me a liar?

      --She was called into work *after having had time off approved for the day* because her primary Win7 PC crashed and System Restore would not fix it. I suspected it was a bad Win update, and the repair tech confirmed it. Her office was taking orders manually all day because of this.

      • --My friend's PC was nuked just like they are saying. You gonna call me a liar?

        --She was called into work *after having had time off approved for the day* because her primary Win7 PC crashed and System Restore would not fix it. I suspected it was a bad Win update, and the repair tech confirmed it. Her office was taking orders manually all day because of this.

        No, i'm calling you random person from the internet which doesn't present evidence other that "the update broke my friend's PC". Later saying "I suspected it was a bad Win update" really doesn't help your case.

        • by Wolfrider ( 856 )

          --Try reading what I wrote again, you moron. You're making yourself look bad (again.)

          • --Try reading what I wrote again, you moron. You're making yourself look bad (again.)

            Nooo, am i making myself look bad?, Again?. Well, let's see, I guess that since you're Wolfrider, King of the Internet truth, and your friend got the day off because her PC just died and Help Desk said it was a win update (haha, which one?, did they told you?) i guess that Microsoft lied (and your friend and the other dude got owned in the whole world) and that random internet dude and you are telling the truth. Sophos Naked Security [sophos.com]

            Because the update seems to have existed only as a test of the notification process, and not as an update package that could actually be installed, it seems to have been a fake update, too.

            So, you can stand down from red alert.

            It was a harmlessly incorrect genuine botched fake update.

            But what?, the update is a dummy file?, it can't be installed you say?,

  • What do they mean by "trusted?" Like a trusted software publisher? Like Microsoft...like all the updates are marked?
  • glass houses (Score:1, Insightful)

    by JediJorgie ( 700217 )

    It is so uplifting to find so many people who have never made a mistake in their professional careers.
    I am sure those around you are giddy as they read your witty posts on Slashdot calling out "those idiots at Microsoft".
    I applaud you and the personal perfection that arms you with such stones.

  • by Sir_Eptishous ( 873977 ) on Wednesday September 30, 2015 @03:19PM (#50630899)
    a weather balloon!
  • by PopeRatzo ( 965947 ) on Wednesday September 30, 2015 @03:27PM (#50630995) Journal

    Windows 10

    Trust no one.

  • by Lumpy ( 12016 ) on Wednesday September 30, 2015 @04:19PM (#50631499) Homepage

    This right here would be what makes black hats drool. Get a payload in the Windows update server that is signed with keys that pass. you do that and you utterly own 60% of the internet in a span of 8 hours.

    If you were smart about it, you would do a quick test that is benign. changing only 2 bytes in a MS patch and then look for it. If that works you get your best rootkit that you can conceive and get it out there. now WAIT for about 25-45 days and have it download and install the nasty that you want to unleash.

    Luckily 99% of the black hats are so ADD that they shoot their load as soon as they can and brag all over the internet. It's that 1% that you never hear about and are never caught that are the truly dangerous ones.

    • by jafac ( 1449 )

      It's that 1% that you never hear about and are never caught that are the truly dangerous ones.

      . . . you mean, the NSA. . .

  • At the very least, you could have briefly explained what was suspicious about it.

  • By Microsoft.

    Anyone who blindly installs updates deserves all the crap they get.

  • It's just some untested code forcibly installed on your computer due to a flaw in the release process.

  • UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."

    But what if someone compromised the Slashdot Update?

  • So Microsoft potentially pushed test code to everyone's production systems. That makes me feel so much better.

  • a 14 year old Muslim kid put it together from spare parts. he took it to school and told everybody he built a Windows 7 update.

It isn't easy being the parent of a six-year-old. However, it's a pretty small price to pay for having somebody around the house who understands computers.

Working...