Microsoft Critical Updater Security

From: Erik Parker (netmaskat_private)
Date: Sat Jan 23 1999 - 03:34:06 PST

Next message: Ian O'Friel: "Re: Personal Web Server"

Previous message: J.A. Gutierrez: "Re: linux crashes irix6.3"
Next in thread: Lucky Green: "Re: Microsoft Critical Updater Security"
Reply: Lucky Green: "Re: Microsoft Critical Updater Security"
Reply: Gale S. Ringley: "Re: Microsoft Critical Updater Security"
Reply: Carson Gaspar: "Re: Microsoft Critical Updater Security"
Reply: Corwin J. Grey: "Re: Microsoft Critical Updater Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Microsoft's Critical Updater is a nightmare in it self anyway, because it
downloads and installs programs for you, but in the past has ALWAYS let
you choose what you wanted to update and such. Well, it announced today,
there ia "Critical Update", it was for a Y2K issue. (That is NOT critical
yet).

Well, The popup says "Hey, critical update available, shall we go check
it out?". Iexplorer opens up (note, you can't use netscape for updating).

It took longer to load than usual, because it downloaded and installed..
Soemthing, and then asked me to reboot BEFORE if even finished loading
their site. It asks you "Should we search your machine to see what you
have?" (It did this after it updated). It showed me a list of critical
updates that I dont have (just the y2k thing). So.. What did it install?
Why Didn't it ask? When I rebooted it told me it was updating system
settings and such. So it did something.

It does not list anything in the installation history, going to
"installation history" on their update site. It shows my last update was
over a week ago.

The exact update it was telling me was critical is:

Microsoft virtual machine
4443 KB/37 min
Experience animations and other advanced Web page features by using the
fastest and most reliable way to run Java applications on your computer.
This update corrects a minor issue associated with generating dates on
your computer on or after January 1, 2000.  Read this first

(Which I might add, I am sick of upgrading this stupid virtual machine)

Either way, think of the possibilies of that. If I go and hack microsoft
(god knows NT isn't the most secure environment (bhwahah)). And figure out
how they announce there are new updates, and put a bunk update in there,
and there is obvisously an option that says "Make em do it, we are
microsoft, and we are gods, we shall FORCE this update". Then hey, maybe I
can BO every machine in the world running Windows 98.



While I am at it, if anyone uses a program called HyperSnapDX, it sends
information back to their server without your authorization, or warning
you. I have tcp logs if any is interested.

Next message: Ian O'Friel: "Re: Personal Web Server"
Previous message: J.A. Gutierrez: "Re: linux crashes irix6.3"
Next in thread: Lucky Green: "Re: Microsoft Critical Updater Security"
Reply: Lucky Green: "Re: Microsoft Critical Updater Security"
Reply: Gale S. Ringley: "Re: Microsoft Critical Updater Security"
Reply: Carson Gaspar: "Re: Microsoft Critical Updater Security"
Reply: Corwin J. Grey: "Re: Microsoft Critical Updater Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:29:55 PDT