Jump to content
xisto Community
Saint_Michael

Microsoft Update Program Being Used By Hackers

Recommended Posts

Although I am bit surprise that no one really take about way back then, but it seems the hackers and crackers I starting to use the microsoft update downloading to transmit there malware and torjans to compromised computers. The reason being is that the Microsoft update program bypasses firewall security protocals and so when that malware is getting download, your firewall and virus programs will not pick it up. I know a few people turn it off and either download them manually or don't download them at all. So to toss out a warning, when you get he windows update pop up check to see if those are legit files, by either going to microsoft's website and downloading the updates from there or look and read the update bulletins and see if they match up.


Source

Here

Share this post


Link to post
Share on other sites

Wow and my dad is always saying make sure to update and now it can not even be safe to update you Pc? Hmm that is kind of messed up? :unsure:

Share this post


Link to post
Share on other sites

msscan.exe is part of one such trojanI'm dealing with recovery myself and I need some advice from an admin type guru before taking the destructive way out!I have server 2000 spk4 and after running trend micros "House Call" to do an online detection and clean up it found and removed all but the "Microsoft Security Update" (MSU) trojan, a variant of the Backdoor.Sdbot family of worms and IRC backdoor Trojans (according to bleepingcomputer). Before running anything I wanted to stop some processes and try removing manually but my task manager was greyed out, (panic starts to set in). That's when I ran the house call... Then I booted into safe mode and deleted the directory for Microsoft Security Update and ran regedit to remove the MSU keys in both locations as listed by (don't remember the site name) manual removal instructions. OK, feeling better now the reboot and hmmmmm post beep, then pause then another post beep. This is strange, I don't recall having 2 posts but whatever. Wait for login and as soon as I press ctrl alt del the keyboard and mouse hang. Panic is back, feeling like this trojan is locking me out of my server so it can run some nasty mass mailer program or something. Tried booting into safe mode again but now the keyboard does nothing at any time during post. Can't get into safe mode, more panic. Tried booting into bios, can't get into bios, big panic attack. Can't boot from windows CD, don't have recovery disks or setup disks. Tried making them on my other box (win 98SE) but when booting the server with the setup boot disk I get disk IO error. Duh, too much panic I think maybe these disks can't be made on a 98 box and used to setup win2000 because of the different file system. So here I sit wondering if there is a way to get my server back without destroying all my data. I am willing to reinstall Windows if I can but would like to avoid having to install my apps again.When I boot the server with the ethernet disconnected there is an error starting a service... or something like that. One or more services failed to start.

Share this post


Link to post
Share on other sites

It's supposed it will happen. The talon d'Achille of Microsoft are the software that "dressed" his operative system. Microsoft has the concept that must fill the OS with software that emulates real antivirus and real firewalls to compete with other software creators.The problem is that left big holes that let hackers and attackers to take on assault not only the operative system, also the software, documents and everything that is inside of the computer.I was thinking when Bill Gates left the CEO, maybe the things change to make more strong the software to have a better Windows, Office and other stuff made by the Redmond boys.But, Mickey Mouse, they bet to still put more garbage instead of software and their systems get bigger and slower. Pretty, but very unusable for the people with old machines.And this is an advantage for hackers, crackers and other people that likes to found the holes left by the programming team of Redmond. So, I have an advise for they: the smaller: the safest.If they reduce the components to the core and stay there, will be more difficult to a hacker to found new holes in a smaller footprint operative system. :P

Share this post


Link to post
Share on other sites

That's crazy, it's the last place I'd expect a hacker to come into your computer by: when my computer tells me to update I always allow it to automatically. My parents are always telling me to value updates over virus scans, because you need to be able to trap the newest viruses... How ironic is that? You download the latest updates to stop the latest viruses, and you get the latest viruses instead! :P As long as McAfee updates don't have viruses though, I'm cool... McAfee is the best virus protection in my opinion and I would *hate* it if I never knew whether I was downloading a virus or virus protection.

Share this post


Link to post
Share on other sites

Yeah I saw this on another site and didn't think much of it, till I realized the date of the article, and thought, "Oh crap, I might have downloaded it," and turned off Automatic Updates. Can anyone tell me the name of the malicious files? I don't think I'm infected, but I want to do a search for them just to make sure.

Share this post


Link to post
Share on other sites

Yeah I saw this on another site and didn't think much of it, till I realized the date of the article, and thought, "Oh crap, I might have downloaded it," and turned off Automatic Updates.
Can anyone tell me the name of the malicious files? I don't think I'm infected, but I want to do a search for them just to make sure.



Well I know msscan.exe is part of a bad trojan.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.