[ISN] Microsoft security fixes infected with FunLove virus

From: InfoSec News (isnat_private)
Date: Wed Apr 25 2001 - 13:36:35 PDT

Next message: InfoSec News: "[ISN] Teen hacker escapes from juvenile facility"

Previous message: InfoSec News: "[ISN] Internet Security Systems Moves to Parry Drive-by Hackers"
Next in thread: Chris Wilson: "Re: [ISN] Microsoft security fixes infected with FunLove virus"
Reply: Chris Wilson: "Re: [ISN] Microsoft security fixes infected with FunLove virus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.theregister.co.uk/content/8/18516.html

By: John Leyden
Posted: 25/04/2001 at 17:20 GMT

A virus infection of security fix files on Microsoft's partner and
premier support Web sites has forced the software giant to suspend
certain downloads for more than a fortnight.

Microsoft issued an alert on Monday, which states that various Hotfix
files on its Premier Support and Microsoft Gold Certified Partners Web
sites are infected with the FunLove virus.

A copy of the notice said Microsoft has stopped access "in order to
protect customers" to an unspecified number of files, and expects to
be able to restore access later today. Customers were advised to
contact their technical account manager in the interim.

According to a copy of the notice sent to The Register: "Microsoft
expects the FunLove infection period spanned approximately two weeks,
from Friday, April 6, 2001 to Friday, April 20, 2001."

Microsoft was able to say that a US hosting partner ran both sites and
it wasn't able to put us in touch with someone familiar with the issue
by the time we went to press.

Eric Chien, chief researcher at Symantec's antivirus research centre,
confirmed the information supplied by our informant and said the
infection must have resulted in a breakdown of procedures that
normally proceed the posting of software by Microsoft.

Any software posted by Microsoft is normally scanned for virus using a
variety of anti-virus software, he said, and in this case there must
have being a "mix-up" coupled with the use of a virus infected PC in a
test and development environment by Microsoft.

Despite what is, by any standard, a monumental security cock-up by
Microsoft, Chien said the problem is likely to have a "low impact"
because FunLove is an older virus that almost all the security giants
partners and enterprise customers are likely to be protected against.

The FunLove virus stopped production at Dell for two days in November
1999 and the virus is considered a particularly nasty bug. In January
this year Hewlett-Packard unwittingly distributed printer drivers
corrupted by the FunLove virus.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERVat_private with a message body of
"SIGNOFF ISN".

Next message: InfoSec News: "[ISN] Teen hacker escapes from juvenile facility"
Previous message: InfoSec News: "[ISN] Internet Security Systems Moves to Parry Drive-by Hackers"
Next in thread: Chris Wilson: "Re: [ISN] Microsoft security fixes infected with FunLove virus"
Reply: Chris Wilson: "Re: [ISN] Microsoft security fixes infected with FunLove virus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 00:44:21 PDT