Tuesday, December 02, 2008   
  Search   
 
 
Register  Login  
Forums  
     Minimize  

Welcome to MeraWindows forums.

Thank you for being at the Microsoft Windows Community Site. You may have to register before posting in forums. It's absolutely free. After registering, you can get all the benefits available to our registered members, you can access our Downloads section, you can participate in contests, etc. You can post in forums in English as well as in Hindi, in fact we encourage you to use Hindi in your posts. If you have any problem with registration or login, please contact us.
     
  


 
  Microsoft Windows Forums  News & Feedback  Latest News  Windows Vista Security Updates Infested with Malware
Previous Previous
 
Next Next
New Post 6/11/2007 7:19 PM
User is offline Shashwat
380 posts
Advanced Member


Windows Vista Security Updates Infested with Malware 

With the monthly Microsoft patch cycle drawing near, fake security updates addressing a vulnerability in the company's latest operating system, Windows Vista, spammed in connection with the security updates scheduled for June 12 2007, are infested with malware. According to F-Secure, at the end of May, emails masquerading as a security update for Windows Vista and various other titles of the Windows platform are designed to infect users with Backdoor:W32/VanBot.CA. The Redmond Company's monthly security bulletin cycle is exploited and used as incentive to
spread malware.

The spammed emails seem to originate from Microsoft Support, and even feature the support@microsoft.com address, containing information of an actual vulnerability affecting Windows 2000, Windows XP, Windows Server 2003 and Windows Vista. Among the seven vulnerabilities in GDI, there is also the Windows Animated Cursor Handling flaw, rated with a severity rating of critical by Microsoft and patched in April 2003.

The first clue pointing to the fact that the email alleging to be a security update notification from Microsoft is a fake is the actual message. "Critical WMF-Exploit patch. In program maintenance of Microsoft corporation, a critical vulnerability has been found in processing WMF-files. Exploits using the "SetAbortProc" GDI function were discovered in May 2007. The function, which registers an error handler normally intended for use when a print job is canceled during spooling, allows arbitrary code added to a WMF image to be executed without the permission of the user," reds a fragment of the text.

Additionally, there is no text formatting that would give a hint to whether this is a valid Microsoft update or not. There is no reference to the official "Security Bulletin MS07-017" designed to patch the GDI vulnerabilities. The email also contains a direct download link to an .exe file, and promises to update Windows 98. As Windows 98 is no longer supported by Microsoft, users will no longer receive security updates. At the time of this article, F-Secure had already revealed that the malicious file was no longer in its initial location.
 
New Post 6/11/2007 7:44 PM
User is offline Vishal Gupta
6364 posts
www.AskVG.com
Ultimate Member








Re: Windows Vista Security Updates Infested with Malware 

Ah. thnx for letting us know buddy.

Tweaking with Vishal

How to Use Smiley Code in Forum?
Promote MeraWindows at Your Blog / Site
Read Forum Guidelines
 
 Page 1 of 1
Previous Previous
 
Next Next
  Microsoft Windows Forums  News & Feedback  Latest News  Windows Vista Security Updates Infested with Malware


   Get Your Own E-Mail Account @MeraWindows.com Minimize  
New Page 1 New Page 1
Show your cool quotient with @merawindows.com email account
     
  
 
 
Terms Of Use   Privacy Statement  
© 2008 MeraWindows.com