Email us! Subscribe to Liquidmatrix!

Confirmation Of Stealth Windows Update

Author: Dave Lewis
September 13, 2007 at 9:39 am · Filed under OS Security, Patches

From Adrian Kingsley-Huges blog over on ZDNet:

I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists - because I’ve detected its presence on a machine at the PC Doc HQ.

At the PC Doc HQ we have several systems set not to update. This is so that they are kept at a specific patch level for testing duties. Many of these systems are virtual machines but some are physical. When I heard about this stealth update I decided to take a look at one of these systems that don’t update automatically - and within seconds I found what I was looking for.

Wow, this is truly sucktastic. I have seen apps go completely sideways after some Microsoft patches were applied. Now, factor in this “stealth” update function. Now ponder those systems in your production environment.

Not cool.

For the full posting read on.

Article Link

Tags: , ,

Tag It:
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • Fark
  • YahooMyWeb
  • Furl
  • Spurl
  • Ma.gnolia
  • NewsVine
Related Articles:

  • Microsoft Now Takes Blame For WSUS Update Error
  • Microsoft Adds Potential NSA Access To Vista
  • Introducing Stealth Malware Taxonomy
  • Safari Beta Update Released
  • Joanna Rutkowska Starting New Firm

    • Liquidmatrix Security Digest » Microsoft Now Takes Blame For WSUS Update Error said,

    October 26, 2007 @ 12:24 pm

    [...] puts hand up, “our bad”. After the story broke about the stealth updates Microsoft has admitted that they goofed. The problem hit he support [...]

    Liquidmatrix Security Digest » Microsoft Adds Potential NSA Access To Vista said,

    December 18, 2007 @ 5:06 am

    [...] As if Vista had not managed to garner enough bad press on its own. Bruce Schneier reported yesterday that Microsoft has reintroduced its dual random number generator. This time in Vista SP1. That is the same as one he had written about previously. The catch is that, according to Schneier, this potentially provides an NSA back door. This is disabled by default. However, that is no guarantee that it won’t switched to the “on” position in a later patch release. [...]

    RSS feed for comments on this post · TrackBack URI

    Leave a Comment