Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Mistakenly-deployed test patch leads to suspicious Windows update - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Mistakenly-deployed test patch leads to suspicious Windows update

Earlier today, various sources reported a highly-suspicious Windows update.  According to Ars Technica, a Microsoft spokesperson stated the company had incorrectly published a test update and is in the process of removing it [1].  The update is no longer available, and ZDNet has confirmed this was a test update "gone errant" [2].


Shown above: A screenshot someone posted on a Microsoft community forum [3].

Thanks to everyone who notified us at the ISC.  See the references below for further information.

---
Brad Duncan
Security Researcher at Rackspace
Blog: www.malware-traffic-analysis.net - Twitter: @malware_traffic

References:

[1] http://arstechnica.com/security/2015/09/nerves-rattled-by-highly-suspicious-windows-update-delivered-worldwide/
[2] http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/
[3] https://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-appears-to-be-compromised/e96a0834-a9e9-4f03-a187-bef8ee62725e​

Brad

337 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!