flat assembler
Message board for the users of flat assembler.

Index > Heap > Microsoft sneaks updates in now? [RESOLVED]

Author
Thread Post new topic Reply to topic
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
EDIT: Ok, it was just stupid windows update. I downloaded some updates through Windows Update about 2 weeks ago, and I guess it never installed them. And now, all of a sudden, it tries installing them...


Ok, first things first, I have auto update set to tell me about updates, but not do anything about them, and I haven't manually downloaded any updates recently.
As I was going to shut my computer down for probably the 5th time today(didn't want it on during the storms as they came through), I got the message that windows was "installing update 1 of 1...", "Do not turn off your computer, Windows will shut down automatically."...SCREW THAT! I hard booted it and did some investigation.
I found a new folder in my C: directory thats name was just a bunch of random characters. Inside, I found 25 subdirectories, all containing the file "eula.rtf" and "hotfixinstallerui.dll", Each folder had the files in a different language. Back in the main directory, I found these files:
Code:
DHtmlHeader.html
header.bmp
HotFixInstaller.exe
NDP20SP2-KB958481.msp
ParameterInfo.xml
watermark.bmp
    

The .bmp's were the words "Microsoft .net framework" with some blue background.
It looks like an update to the .net framework, BUT HOW DID IT GET ON MY COMPUTER? Did Micro$hit download it and try to install it without my permission?

_________________
----> * <---- My star, won HERE


Last edited by windwakr on 21 Aug 2009, 01:49; edited 3 times in total
Post 21 Aug 2009, 00:43
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
windwakr wrote:
It looks like an update to the .net framework, BUT HOW DID IT GET ON MY COMPUTER?
Check your net setup. I don't have it so I can't really advise but perhaps it has some sort of update for itself that does not use the normal autoupdate?
windwakr wrote:
Did Micro$hit download it and try to install it without my permission?
I doubt it, they tend to get into serious trouble if they start dong that. My best guess would be a configuration you have set, or perhaps you have some unwanted program (malware or other 3rd party program) that did it for you.
Post 21 Aug 2009, 01:04
View user's profile Send private message Visit poster's website Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
I didn't do ANYTHING from the restart before that to the time I shut it down and got the message. I don't see anything that could've caused it. The EXE's are signed by Microsoft.

_________________
----> * <---- My star, won HERE
Post 21 Aug 2009, 01:27
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
windwakr wrote:
I didn't do ANYTHING from the restart before that to the time I shut it down and got the message. I don't see anything that could've caused it. The EXE's are signed by Microsoft.
If it is just some setting somewhere (and remember I am not saying it is, just a guess) then the setting could have been set a long time ago (weeks or months) and only just now the update is available?
Post 21 Aug 2009, 01:35
View user's profile Send private message Visit poster's website Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Hmm, upon viewing the windows update website, it says a few of the updates are "ready to be installed". They're already on my computer....But the last time I ran the update was like 2 weeks ago, why did it wait so long to finally install them?(Come to think of it, I don't actually remember it installing anything last time...just downloading.)

_________________
----> * <---- My star, won HERE
Post 21 Aug 2009, 01:43
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
If you have downloaded them then that means they are ready to install.

My last autoupdate took 3 days to download. Might be my ISP or the MS server load or perhaps the whole Internet was slow, I don't know, but I do know it was a lot longer than I expected.
Post 21 Aug 2009, 01:49
View user's profile Send private message Visit poster's website Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
revolution wrote:
I doubt it, they tend to get into serious trouble if they start dong that.
Microsoft doesn't care. They install a .NET add-on to Firefox without your knowledge or permission with no way to uninstall it.
Post 21 Aug 2009, 04:10
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
drhowarddrfine wrote:
Microsoft doesn't care. They install a .NET add-on to Firefox without your knowledge or permission with no way to uninstall it.
You might be right about MS not caring but they did get in trouble because of it.

http://www.geek.com/articles/news/microsoft-net-update-installs-firefox-add-on-without-permission-2009061/

[edit] But you are not correct about "no way to uninstall it", more correctly is "no easy or simple way to uninstall it'.
Post 21 Aug 2009, 04:18
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:
This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC.


Is this true as it is commented or the user needs to accept something before the software is installed easily and quietly?
Post 21 Aug 2009, 04:43
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
LocoDelAssembly wrote:
Quote:
This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC.


Is this true as it is commented or the user needs to accept something before the software is installed easily and quietly?
The user has to click to install it, but that could (presumably) be easily faked to look like a link to something else. I would expect (hope) that the .net code needs to be correctly signed before any installation occurred. But all the same, I am pleased that I don't have .net installed, for a number of reasons.
Post 21 Aug 2009, 05:19
View user's profile Send private message Visit poster's website Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
revolution wrote:
LocoDelAssembly wrote:
Quote:
This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC.


Is this true as it is commented or the user needs to accept something before the software is installed easily and quietly?
The user has to click to install it
Not really. It comes as part of Windows Update. During the update process, it checks for Firefox and installs that add-on without you knowing it or approving it.

Yes, it can be uninstalled but, iirc, it requires hacking the registry and deleting some folders, something most people won't want to do. There is no uninstall button.
Post 21 Aug 2009, 11:55
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
drhowarddrfine wrote:
Not really. It comes as part of Windows Update. During the update process, it checks for Firefox and installs that add-on without you knowing it or approving it.
No, the quote is referring to the behaviour of the addon after is has been installed. The user has to click on something on the website before anything is installed.
Post 21 Aug 2009, 12:15
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
Isn't it obvious why they did it? They want to make Firefox insecure as IE so they can no longer use the excuse that IE is weak or something.

_________________
Previously known as The_Grey_Beast
Post 21 Aug 2009, 14:28
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1160
Azu
revolution wrote:
drhowarddrfine wrote:
Not really. It comes as part of Windows Update. During the update process, it checks for Firefox and installs that add-on without you knowing it or approving it.
No, the quote is referring to the behaviour of the addon after is has been installed. The user has to click on something on the website before anything is installed.
So what? It's easy to make it look like a link.. and if not, they could just ask you to double click a certain spot and bam, lol. Typical windows bullshit.
You don't see the Linux kernel installing risky plugins into your browser without your knowledge or consent and preventing you from uninstalling them, now, do you? Nope!
Post 21 Aug 2009, 14:52
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
You sure it's so hard to uninstall the add-on from Firefox? I just went into my add-ons and pressed uninstall on it, restarted Firefox afterwards, and it's nowhere to be found. Maybe this .net update I just got allowed for it to be uninstalled. Before I updated .net, the uninstall button was greyed out.
Post 21 Aug 2009, 16:31
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Same here. I haven't tried earlier because I assumed the complexity would be still present and that the security risk was not as high as commented Razz
Post 21 Aug 2009, 16:39
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
MS changed the behaviour after so many complaints. You see, they got in trouble, then they fixed it so it was easier to uninstall. But, notice that they did not fix it so that it doesn't install in the first place. Same old shit, "it is easier to beg for forgiveness than to ask for permission".
Post 21 Aug 2009, 22:25
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.