Microsoft finds Malware abundance during Windows security updates

[The Highlander]

 

Microsoft finds malware abundance during Windows security updates

 

New data from Microsoft reveals that about 1 in every 300 times its scans a PC while downloading security updates an infection by malware is identified, of which the most common type are Trojan horses.

The data, taken from scans using Microsoft's malicious-software removal tool of 270 million computers over a 15 month period, turned up 5.7 million computers that had been infected at some stage.

 

The malicious-software removal tool is a temporary program that is downloaded with security updates for Windows 2000, XP and Windows Server 2003 and then self deletes.

 

The majority of infections, according to Microsoft, which released the data at its TechEd 2006 conference, were potentially dangerous Trojan horse bot programs. Increasingly prevalent bot programs, are often used by attackers to gain remote control of computers and use them for criminal activities such as the circulation of spam and spyware.

 

After Trojans, the next most prevalent and a growing form of malware found by Microsoft was rootkits, software which acts as a cloaking device for malware such as a Trojan. Rootkits were found by Microsoft on 780,000 computers that it scanned during the 15 month period and one in every five computers which was found to have a rootkit also had at least one Trojan.

 

As some commentators have pointed out, the Microsoft data is revealing insofar as it only addresses the Windows 2000, XP and Windows Server 2003 platforms. Earlier platforms like Windows 98 and Windows ME are generally considered even less secure and Microsoft is in the early stages of ceasing security support for them.

 

Artical here

[Brendon]

Fancy that now!

 

Hands up those customers who were told by Microsoft that their machines would be scanned by Microsoft when they downloaded security updates over the last 15 months?

 

Did Microsoft ask the user's permission to install this scanner and do such a scan?

Did Microsoft's phone-home scanner tell users it had discovered malware?

Did they delete the malware, or just leave it there festering on the user's machine?

 

Isn't a malware trojan something which sneaks in attached to a legitimate program, and performs some action which you hadn't intended to happen? Apart from their claim that it should act 'to your Genuine Advantage' what makes this software any different from other trojans?

 

It seems to me they missed a great opportunity to scan the user's operating system for signs that it wasn't "genuine" under the guise of downloading "upgrades".

What? They did do that? Oh, sorry, forget I mentioned it then.

 

I wonder how many of the systems with rootkits belonged to purchasers of Sony's Sneaky CDs?

 

It's getting dangerous out there. I think I'd better increase my security settings in Internet Exploder.

What's that box I tick? "Trust anything which comes from Microsoft" Yeah, that's the one.

[ggrussell]

Did Microsoft ask the user's permission to install this scanner and do such a scan?

Actually, Windows update does allow the user to select or unselect any update if they first choose CUSTOM. Most user don't want to be bothered with such trivial things. So they get updated with what ever Microsoft sends. If people are to lazy to choose CUSTOM, then they have no reason to complain.

[Brendon]

Actually, Windows update does allow the user to select or unselect any update if they first choose CUSTOM. Most user don't want to be bothered with such trivial things. So they get updated with what ever Microsoft sends.

Does Windows Update say that this particular updater will install a scanner on your system, scan the system, and send a report back to Microsoft ?

If it doesn't, your point is moot Gary. There's no benefit in being allowed to choose if you're not told what you're choosing.

If people are to lazy to choose CUSTOM, then they have no reason to complain.

Whew! I don't think even a Microsoft spokesman would keep his job if he said that.

[golinux]

Actually, Windows update does allow the user to select or unselect any update if they first choose CUSTOM. Most user don't want to be bothered with such trivial things. So they get updated with what ever Microsoft sends. If people are to lazy to choose CUSTOM, then they have no reason to complain.

Exactly. I have this tool disabled. It does nag me to activate it everytime I check for updates but no thank you!

[cdanteek]

Does Windows Update say that this particular updater will install a scanner on your system, scan the system, and send a report back to Microsoft ?

If it doesn't, your point is moot Gary. There's no benefit in being allowed to choose if you're not told what you're choosing.

 

Agree "'critical update" Who would of installed it, if they had told you?

You don't have to be the anti Microsoft Taliban to ascertain that MS & Co have far overstepped here (again).

 

cdanteek

[Guest mlpasley]

The important sentence is the first one "New data from Microsoft reveals that about 1 in every 300 times its scans a PC while downloading security updates an infection by malware is identified, of which the most common type are Trojan horses."

 

Sounds to me like you're not given a choice if your PC is scanned and the information is sent back to Microsoft.

 

So they gather the information, but don't tell that your PC is infected. Not cool.

[pas66]

WOW! And all these years I naively believed by self removing Dubai origination malware (via newspapers of the region) and allowing ms to update my machine I would be able to Alice in W trip forward with photographic and corp responsibilities without crashing...and I thought the PShop CS2 was my learning curve! Maybe I am still in the 15th century...Between N Geog. Blind Courage and this forum I have climbed the ladder out of fear to ADVENTURE!!!Thankyou all...the eavesdropping broadens (as in DUMB OLD BROAD) the space around my isolation. You are all sooooo cccoooooooolllllll!

[vid2man97]

I wonder if MS pays my Spysweeper not to identify some of their junk as spyware?

 

Ok Bill G...I'm just kidding. mostly.

[grandpabruce]

I wonder if MS pays my Spysweeper not to identify some of their junk as spyware?

 

Ok Bill G...I'm just kidding. mostly.

 

LOL. I really like Spy Sweeper. The yearly subscription fee is well worth the cost.

[tbrewst]

I run Spy Sweeper also but I found another good one.It's Adware Away.It's the only thing I've found so far that will remove about:blank which attacks the Internet Explorer home page.I had a friend that had it and it removed it no problem.The first time he ran it the program found 475 instances of some kind of malware...lol.And he wondered why his machine was running funky...

[cdanteek]

The yearly subscription fee is well worth the cost

 

http://www.spybot.info/

 

Better & Free!

 

cdanteek

[grandpabruce]

http://www.spybot.info/

 

Better & Free!

 

cdanteek

 

You need to do your homework. Free it is. Better, or anywhere near as good as Spy Sweeper......NO! I have used it in the past, and dumped it. It missed things that AdAware found, and AdAware isn't that good.

[lynn98109]

You need to do your homework. Free it is. Better, or anywhere near as good as Spy Sweeper......NO! I have used it in the past, and dumped it. It missed things that AdAware found, and AdAware isn't that good.

AdAware decided "about:blank" was evil, and replaced it with msn.com (and I had to undo the "help") - eventually, without using the program again, I deleted it, and haven't gotten a newer version. It's in the FREQUENT ANSWERS post because Juergen requested it.

 

Sorry, I have "about blank" as my "home" because it downloads a lot faster than msn.com and doesn't have ads.

 

Lynn