Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2015-09-30 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Mistakenly-deployed test patch leads to suspicious Windows update

Published: 2015-09-30
Last Updated: 2015-09-30 19:41:24 UTC
by Brad Duncan (Version: 1)
0 comment(s)

Earlier today, various sources reported a highly-suspicious Windows update.  According to Ars Technica, a Microsoft spokesperson stated the company had incorrectly published a test update and is in the process of removing it [1].  The update is no longer available, and ZDNet has confirmed this was a test update "gone errant" [2].


Shown above: A screenshot someone posted on a Microsoft community forum [3].

Thanks to everyone who notified us at the ISC.  See the references below for further information.

---
Brad Duncan
Security Researcher at Rackspace
Blog: www.malware-traffic-analysis.net - Twitter: @malware_traffic

References:

[1] http://arstechnica.com/security/2015/09/nerves-rattled-by-highly-suspicious-windows-update-delivered-worldwide/
[2] http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/
[3] https://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-appears-to-be-compromised/e96a0834-a9e9-4f03-a187-bef8ee62725e​

Keywords:
0 comment(s)
ISC StormCast for Wednesday, September 30th 2015 http://isc.sans.edu/podcastdetail.html?id=4677
Diary Archives