Overclock.net › Forums › Industry News › Software News › [Ars] Nerves rattled by highly suspicious Windows Update delivered worldwide
New Posts  All Forums:Forum Nav:

[Ars] Nerves rattled by highly suspicious Windows Update delivered worldwide

post #1 of 133
Thread Starter 
Quote:




Microsoft said a highly suspicious Windows update that was delivered to customers around the world was the result of a test that wasn't correctly implemented.

"We incorrectly published a test update and are in the process of removing it," a Microsoft spokesperson wrote in an e-mail to Ars. The message included no other information.

The explanation came more than 12 hours after people around the world began receiving the software bulletin through the official Windows Update, raising widespread speculation that Microsoft's automatic patching mechanism was broken or, worse, had been compromised to attack end users. Fortunately, now that Microsoft has finally weighed in, that worst-case scenario can be ruled out. What follows is the remainder of this post as it appeared before the company issued its explanation.

"Clearly there's something that's delivered into the [Windows Update] queue that's trusted," Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. "For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at."

White is still trying to obtain a copy of the binary file that gets delivered to people receiving the update. He plans to run it in a restricted environment to see exactly how it gets delivered and what it does once it's installed.

One user has reported installing the update and finding that it rendered the computer largely inoperable.

"My laptop was screwed after the update," the user, ByGodZombie, reported in a comment to this post. "Windows explorer crashes VERY frequently now and most of my programs stopped working even in admin mode. System restore didn't work and I don't have the information I need for a reinstall. Basically whatever it was killed my system and compromised my gear so I wouldn't want to look up anything sensitive to personal data on your machine."

It's still extremely early in the investigation into this unusual behavior. So far, all the accounts viewed by Ars report the update being delivered to computers running Windows 7. That may or may not mean the patch is limited to that version. The explanations run the gamut from a bug to a malicious attack that has compromised one of the world's most widely used software update mechanisms. For the moment, readers who receive this update should not install it unless they are highly experienced computer users and researchers. This post will be updated as new information becomes available.

Source: http://arstechnica.com/security/2015/09/nerves-rattled-by-highly-suspicious-windows-update-delivered-worldwide/
Edited by BiG StroOnZ - 9/30/15 at 7:52pm
post #2 of 133
Wow that sucks. Thank heavens i never update at all.
The Beast
(16 items)
 
  
CPUMotherboardGraphicsGraphics
i7 5960X 4.4Ghz Asrock Extreme4 x99 EVGA SC 1080 Ti EVGA SC Titan X ( PhysX ) 
RAMHard DriveOptical DriveCooling
16 GB DDR4 2x Samsung 840 480gb, Intel 730 480gb and 2TB W... Bluray 12x 3D NH-D15 
OSMonitorKeyboardPower
Windows 7 64 bit Epson 3D 6030D THX Front projector 140" Logitech G710+ Corsair AX1200i 
CaseMouseMouse PadAudio
Custom G600 SteelSeries Custom Speakers 
  hide details  
Reply
The Beast
(16 items)
 
  
CPUMotherboardGraphicsGraphics
i7 5960X 4.4Ghz Asrock Extreme4 x99 EVGA SC 1080 Ti EVGA SC Titan X ( PhysX ) 
RAMHard DriveOptical DriveCooling
16 GB DDR4 2x Samsung 840 480gb, Intel 730 480gb and 2TB W... Bluray 12x 3D NH-D15 
OSMonitorKeyboardPower
Windows 7 64 bit Epson 3D 6030D THX Front projector 140" Logitech G710+ Corsair AX1200i 
CaseMouseMouse PadAudio
Custom G600 SteelSeries Custom Speakers 
  hide details  
Reply
post #3 of 133
Thread Starter 
Quote:
Originally Posted by Toology View Post

Wow that sucks. Thank heavens i never update at all.

I always update, so glad I missed this one. As it doesn't seem to be showing in Windows Update right now. But honestly, if that screenshot is accurate, I would have never selected that particular update if it looked like that.
post #4 of 133
I actually found this update a few hours ago on my pc when windows update showed up in my taskbar, saying downloading updates (I always like to check to see what it's doing before it asks me to install). As soon as I saw the name of the update I went straight to google, and looked it up. Many people were thinking that maybe windows update had been compromised, glad to see that it was just a mistake on microsoft's part. I did not install the update anyways and hid the update from showing up, and now when I go to hidden updates it is gone, so they must have removed it already. Unfortunately I did not get a screenshot of it though, was kinda freaked out when I saw it.
Sky's the Limit
(27 items)
 
My Lenovo Yoga
(5 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7 4500u Integrated Intel HD 4400 8 GB 1600 MHz DDR3 Dual Channel HGST 480 GB Hard Disk Drive w/ 16 GB SSD Cache ... 
OS
Windows 8.1 Pro 64 bit 
  hide details  
Reply
Sky's the Limit
(27 items)
 
My Lenovo Yoga
(5 items)
 
 
CPUGraphicsRAMHard Drive
Intel Core i7 4500u Integrated Intel HD 4400 8 GB 1600 MHz DDR3 Dual Channel HGST 480 GB Hard Disk Drive w/ 16 GB SSD Cache ... 
OS
Windows 8.1 Pro 64 bit 
  hide details  
Reply
post #5 of 133
Just windows 7 so far, eh? Must be Microsoft's way of converting the stubborn ones over, haha. Although most that haven't already have automatic updates disabled anyways.
Sager NP8652
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 4720HQ P65_P67SG Nvidia GTX 980M 16GB DDR3 1600mhz 
Hard DriveHard DriveOSMonitor
Crucial MX100 512GB 500GB HDD Windows 7 x64 Home AOC Q3277FQE 
KeyboardMouseMouse PadAudio
Sentey Cobalt Pro Mionix Naos 7000 Steelseries QK Mini Steelseries Arctis 3 
  hide details  
Reply
Sager NP8652
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 4720HQ P65_P67SG Nvidia GTX 980M 16GB DDR3 1600mhz 
Hard DriveHard DriveOSMonitor
Crucial MX100 512GB 500GB HDD Windows 7 x64 Home AOC Q3277FQE 
KeyboardMouseMouse PadAudio
Sentey Cobalt Pro Mionix Naos 7000 Steelseries QK Mini Steelseries Arctis 3 
  hide details  
Reply
post #6 of 133
And people defend not being allowed to pick and choose what updates they want to install in Windows 10 under the guise of "security and stability".
Can't wait for Microsoft to screw up badly with Windows 10.
post #7 of 133
I agree that you should always remain in control of your own machine and if you are OCD enough to want to control all updates yourself then that's fine by me. My problem is the arrogant posts by such people who then attack those of us who do enjoy a "set it and forget it" approach to updating as idiots and sheep. I get it, you like to disable auto updates, that doesn't automatically make you smarter than everybody else...
post #8 of 133
* Walks in the room wearing a paperbag hat"

What? With all these new window alarms based around privacy and forced updates we've ran out of our supply of tin foil.
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 8700k z370 gaming 7 evga 980 ti 32 Corsair 3200 
Hard DriveOptical DriveOSMonitor
samsung 950 HP dual layer Windows 7 64 27 dell ips  
KeyboardPowerCaseMouse
G15 1050 evga corsair 540 air G900 
Mouse Pad
generic 
  hide details  
Reply
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 8700k z370 gaming 7 evga 980 ti 32 Corsair 3200 
Hard DriveOptical DriveOSMonitor
samsung 950 HP dual layer Windows 7 64 27 dell ips  
KeyboardPowerCaseMouse
G15 1050 evga corsair 540 air G900 
Mouse Pad
generic 
  hide details  
Reply
post #9 of 133
Its amazing how much stuff people around here apparently have to hide based on the over-the-top paranoid reactions we always get to these kinds of threads! What the heck are you guys doing out there anyway????
post #10 of 133
I just had to go and make sure my autoupdates are enabled.

thank goodness they still are.

my tinfoil hat protects me from all their spying anyways.
     
CPUMotherboardGraphicsRAM
Intel Core i7-7700K ASUS ROG STRIX Z270I w/TPM EVGA GeForce GTX 1080 Ti Black Edition CORSAIR Dominator Platinum 16GB (2 x 8GB) DDR4 ... 
Hard DriveHard DriveOptical DriveCooling
SAMSUNG 960 PRO M.2 512GB NVMe  SAMSUNG 960 EVO M.2 1TB NVMe ASUS External 12X Blu-Ray Writer Corsair H100i GTX 
OSMonitorKeyboardPower
Windows 10 Professional Samsung - S34E790C - 34" 21:9 Curved Screen CODE 87 - Cherry MX Green CORSAIR SF600 - 600W 
CaseMouseMouse PadAudio
Caselabs - Bullet BH2 RAZER DeathAdder Chroma Glorious PC Gaming Race 3XL Mouse Mat - 48X24" Steelseries - Arctis 7 
AudioOther
Bose Companion 2 Series III  CyberPower UPS - PR1500LCDRTXL2U - 1500w 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
Intel Core i7-7700K ASUS ROG STRIX Z270I w/TPM EVGA GeForce GTX 1080 Ti Black Edition CORSAIR Dominator Platinum 16GB (2 x 8GB) DDR4 ... 
Hard DriveHard DriveOptical DriveCooling
SAMSUNG 960 PRO M.2 512GB NVMe  SAMSUNG 960 EVO M.2 1TB NVMe ASUS External 12X Blu-Ray Writer Corsair H100i GTX 
OSMonitorKeyboardPower
Windows 10 Professional Samsung - S34E790C - 34" 21:9 Curved Screen CODE 87 - Cherry MX Green CORSAIR SF600 - 600W 
CaseMouseMouse PadAudio
Caselabs - Bullet BH2 RAZER DeathAdder Chroma Glorious PC Gaming Race 3XL Mouse Mat - 48X24" Steelseries - Arctis 7 
AudioOther
Bose Companion 2 Series III  CyberPower UPS - PR1500LCDRTXL2U - 1500w 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Ars] Nerves rattled by highly suspicious Windows Update delivered worldwide