Round And Round We Go...
<...latest update closes the issue.>
Until the next time.
With the new patching system it is assured that new bugs are delivered together with patches for the old ones. The circus continues...
Miscreants can turn the tables on Microsoft and use its own antivirus engine against Windows users – by abusing it to install malware on vulnerable machines. A particularly nasty security flaw exists in Redmond's anti-malware software, which is packaged and marketed in various forms: Windows Defender, Windows Intune Endpoint …
"Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible."
Reactively, Shirley?
Of course. And don't call me... (Bloody Kentucky Fried Theatre!)
"We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection."
We also recommend that we never miss an opportunity to plug our latest shitware.
"It is possible for hackers to craft files that are booby-trapped with malicious code, and this nasty payload is executed inadvertently and automatically by the scanner while inspecting the data. The injected code runs with administrative privileges, allowing it to gain full control of the system, install spyware, steal files, and so on."
A malware scanner that executes code and infects the machine. Oh you couldn't make this up.
A malware scanner that executes code and infects the machine. Oh you couldn't make this up.
Which was pretty much my reaction..
Reading more - it seems that there is a language interpreter (akin to Javascript) called NScript included in the anti-malware suite and it's that that can be compromised. Which is a whole other Set of Fail..
Microsoft doesn't really seem to get it's own OS, there used to be alternatives, until they forced people to buy a shoddy product, because let's face it, Microsoft is all about "Revenue" in ad's and they still include "Bug's" in Windows, especially MSDOS. You can read about it on the Russian site called Multi-Boot.ru where you may also download a copy of MSDOS 8.0
The Chinese came along with MSDOS 7.0
The Free Software alternative FreeDOS provides even more fixes to what some people would call the malicious and deliberate error that people know as Windows!
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/hackers/2008-04/msg00071.html
I'm kinda loving the news that the government, managed to single handedly piss-off nearly every single computer security guru and expert on the planet and they attacked the single source of there revenue stream's by attempting to "hack" into there own systems as maintained by DARPA!
Why would anyone do that?
That would be: Stupid
I was looking at a Win 7 PC this morning that was exhibiting a lot of network activity but otherwise was hardly used - the user reported that it had been updating just fine and a regularly reported that it had been updated every week. But I completely failed to do a manual update and looking at the history the only thing that has been updated for a couple of months has been the Microsoft Security Essentials - at least that's what it "said" (MRD applies).
The machine had no mail access and very little browsing activity - I've just nuked it - factory reset with no restore.