Feeds

back to article Windows 7 'security' patch knocks out PCs, knackers antivirus tools

Windows 7 users should uninstall a security patch Microsoft issued on Tuesday because some PCs failed to restart after applying the update. The software giant advised users of Win 7 and Windows Server 2008 R2* to roll-back a patch within MS13-036, a security update that closed two vulnerabilities in the Windows file system …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge
Meh

Ouch, ouch, ouch ouch.....

5
1
Bronze badge
FAIL

RE: Ouch, ouch, ouch ouch.....

I know!!!

I had a relative call me up after his WindblowZE 7 box crapped out after installing this botched update.

He was so unhappy when I informed him that like the maid, I don't do Windows anymore, since I switched to Linux in 2008.

He was so desperate!!!!

Icon says it all!!!!

5
8
Anonymous Coward

Re: RE: Ouch, ouch, ouch ouch.....

Maybe someone could tell Steve Baller to stop working on his basketball-theme cookbook and fix MSoft!

0
0
Anonymous Coward

Re: RE: Ouch, ouch, ouch ouch.....

@Fatman

Auto downvote for using the term "WindblowZE" as I do for anyone using terms like "Micro$oft" or "crApple", even if I liked the rest of the post.

0
5
Silver badge
Devil

Re: stop working on his basketball-theme cookbook and fix

No, leave him where he is. There's a better chance of things getting fixed if he's there instead of in the shop.

0
0
Pint

So for people who use Win7 at home, who have automatic updates turned on but don't follow tech news outlets like El Reg, how are they going to know to roll this update back and/or apply a fix?

Pint, because it's Friday and I've dealt with enough issues today.

23
0
Anonymous Coward

Because their PCs will be tits-up?

This is quite a rare issue that only hits certain combinations of corporate focused software - so unlikely to effect the vast majority of home users....

1
8
Coat

As the majority of home and/or small business users don't permit updates to run automatically and apply patches to Windows at gunpoint or other threat of iminent death or pain I reckon they're probably safe.

1
11
Silver badge

Er...

Do you have actual figures to back up that statement? It would fly in the face of the Windows 7 nagware which suggests you turn on automatic updates. Indeed, if you got you machine from Dell, it is in all likelihood turned on for you before it leaves the shop.

7
0
Silver badge

Re: Because their PCs

If you had left it at just that first line, you would have been in line for lots of up votes.

0
0
Mushroom

Oh dear. That will cause serious issues. A good example of why never to use auto updates..

5
1
Bronze badge
Mushroom

I apply updates when I shutdown, I can't help that I am lazy (Well ok I can but I am so lazy I demand Automatic updates take place when it doesnt bother me).

2
2
Anonymous Coward

Updates

Indeed, but even users who do not auto update will be affected by this. I checked this patch out, decided I needed it, then had it not been for an El Reg email today, on a day that I do not normally read El Reg, then I would not have now just installed it as a precaution despite not been affected.

2
0
Bronze badge
Joke

Win 7 PCs in Samba-loving Brazil are apparently hardest hit.

Well if you will use an open source network protocol, what do you expect?

19
3
Pint

Took me a second to figure out they weren't talking about network protocols. Pint, because I need one.

1
1

This post has been deleted by a moderator

Anonymous Coward

Re: Windows Security Patches + Anti-Virus considered Harmful

"Windows is not ready for the desktop"

Erm. You mean not ready for the ~ 5% of desktops it isn't yet installed on?

At least Microsoft's patches go through regression testing unlike many Linux vendors....It won't catch everything, but its a good start. You should test patches in you own environment before deployment.

My standard approach is deploy the critical ones to Dev / UAT the 2nd weekend after release which gives ~ 10 days for evaluation and initial testing, and then to Prod / DR the following weekend, and then everything else non critical goes in next months patch cycle....

12
12
Silver badge
Linux

Re: Windows Security Patches + Anti-Virus considered Harmful

We know windows is crap so stfu thanks

13
8

Re: Windows Security Patches + Anti-Virus considered Harmful

@Eadon "Linux is virus-immune......."

Erm, it most certainly is not dear boy, it just isnt profitable for malware writers to bother with much due to its tiny home machine market share (less than 4% isnt it?). Most Linux users are more tech savy , due in part to all the command line pissing about to get it working properly, and thus its harder to write a sneaky program that goes unnoticed, but it does happen. It only takes a click on the admin account `allow` button to install god knows what, just like any other os. This is the attack vector for most malware these days, let the user approve and install it themselves.

There was also a state sponsored trojan that sat in an irq client included in many distributions for years unnoticed, as no one bothered checking the source before including it.

Im not anti-linux btw, but you are talking bollocks on the trojan/virus thing.

24
13
Silver badge

Re: Windows Security Patches + Anti-Virus considered Harmful

"due in part to all the command line pissing about to get it working properly"

FUD !

15
8
Silver badge

Re: Windows Security Patches + Anti-Virus considered Harmful

"due in part to all the command line pissing about to get it working properly"

Just to clarify - I've installed Linux ~6 times a year since ~2000 without needing to use the command-line. That's almost always SUSE or OpenSUSE. The only exception to this was installing x86 Android to a VM when a bit of tinkering was needed to get the networking going.

13
0
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful

> due in part to all the command line pissing about to get it working properly,

What command line pissing about?

> It only takes a click on the admin account `allow` button to install god knows what, just like any other os.

Which button is this? I've never seen this allow button in any of the linux distributions I use.

> There was also a state sponsored trojan that sat in an irq client included in many distributions for years unnoticed, as no one bothered checking the source before including it.

Reference please. I would like to know about this.

12
2

This post has been deleted by its author

Re: Windows Security Patches + Anti-Virus considered Harmful

"Just to clarify - I've installed Linux ~6 times a year since ~2000 without needing to use the command-line. That's almost always SUSE or OpenSUSE. The only exception to this was installing x86 Android to a VM when a bit of tinkering was needed to get the networking going."

Heh, I must just be really unlucky with my choice of machines, I always end up with a non working wifi/ethernet/sd reader driver that needs the command line to fix.

And please dont take my statement so seriously, I like and use Linux. What I ment to say was that Linux users are by default more tech savy due to the mere fact they chose to seek it out and install it over the default Windows install in the first place. Tinkering with the command line is part of that. It wasnt a criticisim, just a badly worded quip.

"What command line pissing about?"

See above.

"Which button is this? I've never seen this allow button in any of the linux distributions I use."

The `ok` button on the admin popup u get when u install something through the gui.

"Reference please. I would like to know about this."

http://www.pcworld.com/article/198686/linux_trojan_raises_malware_concerns.html

http://forums.unrealircd.com/viewtopic.php?t=6562

Quote from the above forum:

"This is very embarrassing...

We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (trojan) in it.

This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user

restrictions (so even if you have passworded server or hub that doesn't allow any users in).

It appears the replacement of the .tar.gz occurred in November 2009 (at least on some mirrors). It seems nobody noticed it until now.

Obviously, this is a very serious issue, and we're taking precautions so this will never happen again, and if it somehow does that it will be noticed quickly.

We will also re-implement PGP/GPG signing of releases. Even though in practice (very) few people verify files, it will still be useful for those people who do.

It was in a repository for quite a while."

8
7
Silver badge

Re: Windows Security Patches + Anti-Virus considered Harmful

"I must just be really unlucky with my choice of machines"

Well I've installed on a dual-core atom ITX, Asus netbook, 5 misc desktops and Lenovo & HP laptops. I've got 3G dongles, USB/serial convertors, Epson scanner/printer, 3 WiFi , laser printer and heaps more all without problems. Maybe the distribution ?

7
0
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful @Eadon

"Linux is virus-immune, has no need for any of these dodgy anti-virus products"

You obviously didn't read this recent article: "Researcher sets up illegal 420,000 node botnet for IPv4 internet map" http://www.theregister.co.uk/2013/03/19/carna_botnet_ipv4_internet_map/

By not actually running security software on Linux you are in effect running blind, as you don't actually know if you are running unauthorised code until it bites you!

4
6
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful

Unreal3.2.8.1.tar.gz isn't linux. It isn't part of the kernel or "many" distributions. It wasn't "state sponsored". Had the trojan been part of the kernel or the core distribution and had it been able to escalate its privileges, you might have had a point.

"The `ok` button on the admin popup u get when u install something through the gui."

If I am installing anything I have to enter a password. So it takes more than a click on the admin account `allow` button.

11
3
Anonymous Coward

Re: Windows Security Patches + Anti-Virus considered Harmful

Eadon has his moments, this is not one of them.

1
0
Anonymous Coward

Re: Windows Security Patches + Anti-Virus considered Harmful @Eadon

http://www.theregister.co.uk/2013/03/19/carna_botnet_ipv4_internet_map/

Rubbish - the standard firewall and lack of activated telnet would not let this happen !

5
2

Re: Windows Security Patches + Anti-Virus considered Harmful

""The `ok` button on the admin popup u get when u install something through the gui."

If I am installing anything I have to enter a password. So it takes more than a click on the admin account `allow` button."

Yeah, ok, you put in a password then click ok on the admin popup thing that appears, application gets installed and can do whatever it likes within the limitations of the account type its installed into, happy now?, you know exactly what i mean, stop being so bloody pedantic :-).

"Unreal3.2.8.1.tar.gz isn't linux. It isn't part of the kernel or "many" distributions. It wasn't "state sponsored". Had the trojan been part of the kernel or the core distribution and had it been able to escalate its privileges, you might have had a point."

Irrelivent, it can still rape your data from the user account its installed in and I never said it was in the kernel, but it was certainly in many distro`s repositories. I cant find the source at the moment, but there were rumours that a certain government planted the thing to monitor conversations betwix ner-do-wells.

3
9
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful

> Yeah, ok, you put in a password then click ok .... stop being so bloody pedantic

Here is what you actually said:

"It only takes a click on the admin account `allow` button to install god knows what, just like any other os."

Other OS'es might allow you to install with a single click, but linux doesn't.

> Irrelivent, it can still rape your data from the user account its installed in and I never said it was in the kernel, but it was certainly in many distro`s repositories.

It wasn't in many distro's repositories. It was in the mirrors of the unreal distribution. Not the repositories of many distros. The only distribution that I know off that might have got caught is Gentoo. All of the others used the source from Unreal's primary site and so never distributed it.

> I cant find the source at the moment, but there were rumours that a certain government planted the thing to monitor conversations betwix ner-do-wells.

A rumour. Must be true then. I'm sure that if I look hard enough I can find a rumour that aliens did it.

Don't let the fact that the inserted code was to execute commands and not to listen in on chats get in the way of you conspiracy theory.

8
3

Re: Windows Security Patches + Anti-Virus considered Harmful

Eadon, you've excelled. I don't like Windows particularly, and currently run Slackware 14 on most of my computers, including the laptop I'm using to type this. I'm pretty confident I'm in control of them because I installed all of the packages myself, although I'll admit I only built a few of them myself and read and verified each and every line of source of fewer (i.e. none). Do I think it's virus-immune? Do I think it's secure? Of course not.

As others said, Windows is only subjected to malware because it's the most common OS out there. And most malware is distributed through phishing nowadays anyway. Assuming Linux (or any other OS for that matter) is secure is naive to say the least.

Comments like yours really don't help your cause. They're entertaining though, I'll give you that.

5
6
Bronze badge
Coat

Re: Windows Security Patches + Anti-Virus considered Harmful

If you don't know what "command line pissing about" means, then you don't use Unix, you use Mac (had to sneak in!).

P.S. I use nothing but Linux. Let me rephrase that. I use nothing but some malformed kernel that used to be stable that I have now broken so badly I've caused more problems for myself than anyone else every has. Oh the joys of not understanding kernel code properly...but pretending I do.

2
4

This post has been deleted by its author

Re: Windows Security Patches + Anti-Virus considered Harmful

"Other OS'es might allow you to install with a single click, but linux doesn't."

Aaaaaaaargh, it doesnt matter how many clicks it takes, If the user installs something with hidden malware in it, it could take a million passwords and clicks, but it still gets installed and the malware still does its stuff.

Maybe i phrased the "It only takes a click on the admin account `allow` button to install god knows what, just like any other os." a bit wrong, it was a generalisation, not a technical explanation, but my point still stands, if the user installs something that has a hidden function, it doesnt matter what os he/she is using because it still runs with the users consent (like the irc thing).

My original point was to counter Eadons "Linux doesnt get malware" comment, which was wrong, as it can and does. I have no idea how this turned into a debate into how many clicks it takes to install something.

"Don't let the fact that the inserted code was to execute commands and not to listen in on chats get in the way of you conspiracy theory."

Commands to install keyloggers and rat tools, doesnt matter how you do it if the end result is the same.

And gentoo has a pretty big userbase, even if it was just that distro (which im pretty sure it wasnt), its still a serious security issue, especially as it went unoticed for so long.

Also makes you wonder what else is in all that open source software, does anyone check every single line of source regularly in the thousands upon thousands of current and legacy apps in various distros and repositories?

5
3

Re: Windows Security Patches + Anti-Virus considered Harmful

I once had to install - I dread to say it - Redhat Linux - on my laptop. It was about 10 years ago. No modem driver available, no printer driver, don't even think Bluetooth or wireless mouse. I rest my case. As an os it was smooth, convoluted and minimum support. Basically my laptop was as much use as a heavy calculator.

I am not anti-any os, just a sheep who goes for the one with the most support and ease of use...

1
5

This post has been deleted by a moderator

Bronze badge
FAIL

Re: Windows Security Patches + Anti-Virus considered Harmful

"Preventing viruses from operating is trivially EASY. You set the execute flag to OFF. It's a problem that was solved in the 1970's. However, Windows cannot do this without breaking backwards compatibility, hence the need for these Windows virus scanners.

Any exploitable buffer overflow etc. that allows a process to take control to write virus files to the file system would also have the ability to chmod +x the file.

If the users of the system are really just casual users, your only option would be to mount the whole user partition as no-execute (or set on a per-directory level on some-unix-systems-that-names-don't-rhyme-with-pinux

3
3
Silver badge

Re: Windows Security Patches + Anti-Virus considered Harmful

"It was about 10 years ago."

Right !

4
1
Silver badge

Re: Windows Security Patches + Anti-Virus considered Harmful @Eadon

"http://www.theregister.co.uk/2013/03/19/carna_botnet_ipv4_internet_map/"

You are joking ? How many Linux desktops have telnet activated by default - none I've used since ~~1998

5
2
Silver badge

Re: Windows Security Patches + Anti-Virus considered Harmful

"Most Linux users are more tech savy [sic], due in part to all the command line pissing about to get it working properly..."

Slightly out of date. On the same basis, one could criticize Windows for being layered on top of MS-DOS.

7
1
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful

Lets review how many falsehoods there were in your original comment.

due in part to all the command line pissing about to get it working properly

False. Modern distributions "just work" for the vast majority of hardware out there.

It only takes a click on the admin account `allow` button to install god knows what, just like any other os.

False. You have to enter a password to install applications.

There was also a state sponsored trojan that sat in an irq client included in many distributions for years unnoticed

False. No evidence of anything being state sponsored. This is just a conspiracy theory.

False. It wasn't included in many distributions. Gentoo is the only distribution I can find that *might* have distributed it.

False. It didn't go unnoticed for years. It was compromised in November 2009 at the earliest and corrected at the beginning of June 2010, a little more than 6 months.

8
4
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful

Talk about missing from right in front of the posts. If there is an article with as much Microsoft fail as this you should have been able to get +40 rather than -40.

0
0
Anonymous Coward

Re: Windows Security Patches + Anti-Virus considered Harmful

(less than 4% isnt it?).

Linux desktop share has never so far exceeded 1%.

1
8

This post has been deleted by its author

Anonymous Coward

Re: Windows Security Patches + Anti-Virus considered Harmful

"Preventing viruses from operating is trivially EASY. You set the execute flag to OFF. It's a problem that was solved in the 1970's. However, Windows cannot do this without breaking backwards compatibility, hence the need for these Windows virus scanners"

Windows has no execute file system ACLs available since NT3.5 without breaking anything.

It doesn't seem to prevent Viruses spreading in Linux though: http://news.cnet.com/New-worm-targets-Linux-systems/2100-7349_3-5938475.html

0
6
Anonymous Coward

Re: Windows Security Patches + Anti-Virus considered Harmful

Interesting. The "New worm" your link refers to is from November 7th 2005. It exploits a vulnerability that was patched on 18th January 2005 or 10 months before the worm appeared.

If sys admins don't keep up to date then their systems are going to be vulnerable irrespective of the OS.

6
0
Bronze badge
FAIL

Re: Windows Security Patches + Anti-Virus considered Harmful

@Eadon, you do realise, of course, that the term malware is the umbrella for what is referred to as malicious software? I hope the term isnt too subtle for you.

And you do realise that, by definition, all software that could be labelled a virus falls under this term? Of course you do - because you never spout BS at all, do you?

To highlight your 'Linux is immune' standpoint, you also are aware that one of the most prominent threats to desktop computing right now is the concept of the cross-platform virus? You know, like badbunny - the crossplatform virus that hit OpenOffice.org on Windows and Linux?

I also assume that you have never heard of the following Linux threat tools, rkhunter and Volatility? I guess not, given you also seem to provide the universal cure for preventing all malware attacks on both Windows and Linux by pointing to some esoteric nonsense about the "execute flag".

I sincerely hope this helps.

6
4
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful

Re: Eadon

> You set the execute flag to OFF

The execute bit isn't necessary for running a program.

If it is a script then you run the appropriate shell (bash, ksh, perl, php5 etc) with the script as an argument.

If it is a binary you use the dynamic link loader to execute it.

/lib/ld-linux.so <some binary without the execute bit set>

1
1
Bronze badge

Re: Windows Security Patches + Anti-Virus considered Harmful

"Any exploitable buffer overflow etc. that allows a process to take control to write virus files to the file system would also have the ability to chmod +x the file."

+1

Note that Unix-like operating systems are actually much more vulnerable to this, because the existence of the setuid bit means that malware can create files that run under permissions other than those the user has, which can lead to additional escalation of privileges problems. This is a very long known flaw in the Unix security model, but it can't easily be removed due to, get this Eadon, backwards compatibility concerns. Windows doesn't suffer this since it doesn't provide any mechanism for automatically impersonating another user without credentials.

2
7

Page:

This topic is closed for new posts.