If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has been hacked ...
I got the "updates are available" popup, looked at them, and accepted.
One is the periodic "Malicious Software Removal Tool" - I usually accept that; I know it only does a few common ones, but I've not hear of it doing _harm_. I then got a EULA popup containing two boxes. The top, small, box says: "Windows Malicious Software Removal Tool - November 2018 (KB890830)" fair enough. The lower, large, box says: "Prerelease Version of Service Pack 2 for Microsoft Windows XP Professional, Home, Media Center, or Tablet PC Edition END-USER LICENSE AGREEMENT FOR PRERELEASE CODE IMPORTANT-READ CAREFULLY: This End-User License Agreement for Prerelease Code ("EULA") is a" then goes on to give the rest of the EULA, with accept and decline buttons. Anyone else (who has "notify" for updates) got this? If so, is it just a booboo on MS's part - they've used the text from XP-SP2 (and the pre-release version of that) in the EULA box - or has the update mechanism been hacked? Running 7 Hope Premium, SP1, 32 bit, if that makes any difference. -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Quantum particles: the dreams that stuff is made of - David Moser |
Ads |
#2
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has beenhacked ...
J. P. Gilliver (John) wrote:
I got the "updates are available" popup, looked at them, and accepted. One is the periodic "Malicious Software Removal Tool" - I usually accept that; I know it only does a few common ones, but I've not hear of it doing _harm_. I then got a EULA popup containing two boxes. The top, small, box says: "Windows Malicious Software Removal Tool - November 2018 (KB890830)" fair enough. The lower, large, box says: "Prerelease Version of Service Pack 2 for Microsoft Windows XP Professional, Home, Media Center, or Tablet PC Edition END-USER LICENSE AGREEMENT FOR PRERELEASE CODE IMPORTANT-READ CAREFULLY: This End-User License Agreement for Prerelease Code ("EULA") is a" then goes on to give the rest of the EULA, with accept and decline buttons. Anyone else (who has "notify" for updates) got this? If so, is it just a booboo on MS's part - they've used the text from XP-SP2 (and the pre-release version of that) in the EULA box - or has the update mechanism been hacked? Running 7 Hope Premium, SP1, 32 bit, if that makes any difference. By any chance, does the C: volume have a boot.ini on it ? Paul |
#3
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has been hacked ...
In message , Paul
writes: [] I then got a EULA popup containing two boxes. The top, small, box says: "Windows Malicious Software Removal Tool - November 2018 (KB890830)" fair enough. The lower, large, box says: "Prerelease Version of Service Pack 2 for Microsoft Windows XP Professional, Home, Media Center, or Tablet PC Edition END-USER LICENSE AGREEMENT [] I've since scanned briefly through the EULA, and it really is the one for XPSP2 - "solely in connection with a licensed copy of Microsoft Windows XP Professional Edition, Windows XP Home Edition, Windows XP Media Center Edition, or Windows XP Tablet PC Edition operating systems for which the Software is designed", and other such snippets. Running 7 Hope Premium, SP1, 32 bit, if that makes any difference. By any chance, does the C: volume have a boot.ini on it ? Paul Not that I can see, using Everything (looking everywhere - it stops finding anything as soon a I've typed as far as "boot.i"), XTGold (looking in the root), or Windows Explorer (looking in the root - and I do have show hidden files etc.). Is KB890830 the right identity for the November 2018 Malicious Software Removal Tool? -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf More people watch live theatre every year than Premier League football matches. - Libby Purves, RT 2017/9/30-10/6 |
#4
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has beenhacked ...
J. P. Gilliver (John) wrote:
In message , Paul writes: [] I then got a EULA popup containing two boxes. The top, small, box says: "Windows Malicious Software Removal Tool - November 2018 (KB890830)" fair enough. The lower, large, box says: "Prerelease Version of Service Pack 2 for Microsoft Windows XP Professional, Home, Media Center, or Tablet PC Edition END-USER LICENSE AGREEMENT [] I've since scanned briefly through the EULA, and it really is the one for XPSP2 - "solely in connection with a licensed copy of Microsoft Windows XP Professional Edition, Windows XP Home Edition, Windows XP Media Center Edition, or Windows XP Tablet PC Edition operating systems for which the Software is designed", and other such snippets. Running 7 Hope Premium, SP1, 32 bit, if that makes any difference. By any chance, does the C: volume have a boot.ini on it ? Paul Not that I can see, using Everything (looking everywhere - it stops finding anything as soon a I've typed as far as "boot.i"), XTGold (looking in the root), or Windows Explorer (looking in the root - and I do have show hidden files etc.). Is KB890830 the right identity for the November 2018 Malicious Software Removal Tool? Yes. KB890830 is used everywhere. It has a version number. It's been issued a bunch of times, so the version number should be pretty high. In effect, it's a Windows Update that keeps getting re-issued, each time with a one-higher version number. The version number is not a "visible" property, most of the time. https://www.catalog.update.microsoft...%20windows%207 There are two files listed per update. The delta isn't the one you want. I downloaded this sample for a look. windows-kb890830-x64-v5.66_324d7f131dd4bd5ede96c9526a81970efeaa9d4e.exe L:\mrt.exe\.rsrc\ version.txt FILEVERSION 1,279,836,0 PRODUCTVERSION 1,279,836,0 FILEFLAGSMASK 0x3F FILEFLAGS 0x0 FILEOS VOS_UNKNOWN | VOS__WINDOWS32 FILETYPE VFT_APP FILESUBTYPE 0x0 { BLOCK "StringFileInfo" { BLOCK "040904b0" { VALUE "CompanyName", "Microsoft Corporation" VALUE "FileDescription", "MSRT Definition Database" VALUE "InternalName", "itw" VALUE "LegalCopyright", "Copyright (c) Microsoft Corporation. All rights reserved." VALUE "OriginalFilename", "itw.vdm" VALUE "ProductName", "Microsoft Malware Protection" VALUE "FileVersion", "1.279.836.0" VALUE "ProductVersion", "1.279.836.0" } } BLOCK "VarFileInfo" { VALUE "Translation", 0x409, 1200 } } No mention of WinXP in that dump. The MRT.exe file is version "5.66.15456.1". In the one I downloaded for Win7 32 bit. Paul |
#5
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has beenhacked ...
J. P. Gilliver (John) wrote:
I got the "updates are available" popup, looked at them, and accepted. One is the periodic "Malicious Software Removal Tool" - I usually accept that; I know it only does a few common ones, but I've not hear of it doing _harm_. I then got a EULA popup containing two boxes. The top, small, box says: "Windows Malicious Software Removal Tool - November 2018 (KB890830)" fair enough. The lower, large, box says: "Prerelease Version of Service Pack 2 for Microsoft Windows XP Professional, Home, Media Center, or Tablet PC Edition END-USER LICENSE AGREEMENT FOR PRERELEASE CODE IMPORTANT-READ CAREFULLY: This End-User License Agreement for Prerelease Code ("EULA") is a" then goes on to give the rest of the EULA, with accept and decline buttons. Anyone else (who has "notify" for updates) got this? If so, is it just a booboo on MS's part - they've used the text from XP-SP2 (and the pre-release version of that) in the EULA box - or has the update mechanism been hacked? Running 7 Hope Premium, SP1, 32 bit, if that makes any difference. OK, now I see what you're talking about. I didn't realize you could get a EULA prompt in the Windows Update dialog, microseconds after clicking the install button (after making your selections in the list). https://i.postimg.cc/X7P6G6qj/MSRT-EULA.gif Paul |
#6
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has been hacked ...
In message , Paul
writes: J. P. Gilliver (John) wrote: In message , Paul writes: [] I then got a EULA popup containing two boxes. The top, small, box says: "Windows Malicious Software Removal Tool - November 2018 (KB890830)" fair enough. The lower, large, box says: [] I've since scanned briefly through the EULA, and it really is the one for XPSP2 - "solely in connection with a licensed copy of Microsoft Windows XP Professional Edition, Windows [] Running 7 Hope Premium, SP1, 32 bit, if that makes any difference. (Home) [] KB890830 is used everywhere. It has a version number. It's been issued a bunch of times, so the version number should be pretty high. In effect, it's a Windows Update that keeps getting re-issued, each time with a one-higher version number. The version number is not a "visible" property, most of the time. So I can't check from the Windows that appear as part of Windows Update. All I can see about it is that it's 11.7 MB. [] windows-kb890830-x64-v5.66_324d7f131dd4bd5ede96c9526a81970efeaa9d4e.exe I'm on 32-bit 7? [] No mention of WinXP in that dump. [] See http://255soft.uk/temp/Clipboard01.jpg (you may need to refresh). -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Does God believe in people? |
#7
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has been hacked ...
In message , Paul
writes: [] OK, now I see what you're talking about. I didn't realize you could get a EULA prompt in the Windows Update dialog, microseconds after clicking the install button (after making your selections in the list). No, I hadn't seen one before either. https://i.postimg.cc/X7P6G6qj/MSRT-EULA.gif Paul I _think_ that's the same as mine http://255soft.uk/temp/Clipboard01.jpg (other than Window colour); I couldn't tell for sure at the default zoom level, and when I clicked on it I got a full-window blank rectangle, so I presume i.postimg.cc runs some script when you click-to-zoom-in. Anyway, which do you think is the case - someone at MS has boobed and used (and set whatever flag makes it pop up) some ancient EULA and accepting it will actually install (and probably run) the November 2018 MSRT, or: the update site has been hacked and it's malware? (_Seems_ unlikely, as I'd have thought any hacker good enough to have hacked that site wouldn't have caused the popup.) Or, of course, they've had a real brain fart, and if you proceed it'll try to install XP-SP2 pre-release version on your Windows 7 machine! -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Have the courage to be ordinary - people make themselves so desperately unhappy trying to be clever and totally original. (Robbie Coltrane, RT 8-14 Nov. 1997.) |
#8
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has been hacked ...
In message , John K.Eason
writes: [] "Windows Malicious Software Removal Tool - November 2018 (KB890830)" fair enough. The lower, large, box says: "Prerelease Version of Service Pack 2 for Microsoft Windows XP Professional, Home, Media Center, or Tablet PC Edition Yes. I got the EULA and 'Prerelease bla bla...' alert, but assumed it said Windows 7 SP2 so let it continue as normal. It's just the usual update as far as I can see and ran as normal. I don't think I've seen any hint of a 7 SP2; it seems unlikely, as MS fairly clearly want to kill 7. (Plus there's the fact that the selection options for this "update" - and the upper box - said it was the MSRT for November 2018.) ISTR seeing that once before although certainly not regularly. I'm letting it proceed. I do have an image from not _too_ long ago (-:. -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf resentment is like drinking poison and expecting the other person to die - attributed to Carrie Fisher by Gareth McLean, in Radio Times 28 January-3 February 2012 |
#9
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has been hacked ...
|
#11
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has been hacked ...
|
#12
|
|||
|
|||
Rather fine booboo on MS's part! Or, update mechanism has beenhacked ...
J. P. Gilliver (John) wrote:
Or, of course, they've had a real brain fart, and if you proceed it'll try to install XP-SP2 pre-release version on your Windows 7 machine! It's just a EULA. We don't know whether it's hurting anything or not (in terms of version selection). If there was an actual screwup, the update would fail. The update would do a dependency check. If it was a WinXP scanner, it would check for WinXP first and find it was running on Windows 7. The update history would then show it failed to install. Paul |
Thread Tools | |
Display Modes | Rate This Thread |
|
|