Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > malware problems & news
Reload this Page Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old February 5th, 2011, 05:58 PM
ronjor's Avatar
ronjor ronjor is offline
Global Moderator
  
Join Date: Jul 2003
Location: Texas
Posts: 46,190
Default Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update
Quote:
by Randy Abrams

Aryeh Goretsky posted a blog about a trojan program in a Microsoft catalog update. I thought it might be a little interesting to know how this can happen and why it doesn’t happen more often.

As it turns out, it was once my job to make sure that Microsoft did not release infected software. Initially my responsibility was only for retail software, but eventually grew to encompass virtually everything that Microsoft releases and virtually everything that Microsoft hosts on Microsoft.com or in Microsoft update sites. It quickly became known that inside of Microsoft if there was an infected release it was immediately escalated to very high levels and was taken very seriously. Almost all detections I encountered at the end of the time I did scanning at Microsoft were in third party drivers.
http://blog.eset.com/2011/02/05/anat...catalog-update
  #2  
Old February 6th, 2011, 05:32 PM
katio
 
Posts: n/a
Default Re: Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update
Quote:
Originally Posted by ronjor
He makes it look like it was nobody's fault. But why the hell is this dll listening on a port? A battery charger, seriously?
  #3  
Old February 6th, 2011, 05:34 PM
Cudni's Avatar
Cudni Cudni is offline
Global Moderator
  
Join Date: May 2009
Location: Somethingshire
Posts: 6,944
Default Re: Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update
also a prior thread in Eset forum
http://www.wilderssecurity.com/showthread.php?t=291873
__________________
once we only had ideals, today they are the only things we are missing
Microsoft MVP, 2006 - 2013/14
  #4  
Old February 6th, 2011, 11:04 PM
siljaline's Avatar
siljaline siljaline is offline
Security Expert
  
Join Date: Jun 2003
Location: Montréal, Canada
Posts: 4,126
Post Re: Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update
Also @ the ESET Blog here, here, more specifically from US CERT, Energizer DUO USB battery charger software allows unauthorized remote system access
Last edited by siljaline : February 7th, 2011 at 03:01 AM. Reason: more information
 

Wilders Security Forums > Other Security Topics > malware problems & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 02:19 AM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums