You are here: Dorian's Gallery > Screenshots > Windows Update Agent 7-6-7600-256 installed on 6-24-2012

Windows Update Agent 7-6-7600-256 installed on 6-24-2012

Windows Update Agent 7-6-7600-256 installed on 6-24-2012 by Dorian MuthigThumbnails

View Full Size Image [+]

Date:
June 25th 2012 2:06 PM

Location:
None

Description:
So, this apparently installed automatically, despite the setting being "download & install later". It has no knowledge base number, even though the correct one would be KB949104 (this link uses TLS, but will redirect to simple HTTP *cough*). This is bad, and extremely suspicious, because the certificate tree is compromised and/or the update server could have been altered, intercepted or spoofed (doesn't use TLS and configuring TLS will have the TLS server serve redirection to the non-TLS URLs).
Such updates should follow three things:
1. Be correctly titled to include a knowledge base number that matches an existing and correctly titled knowledge base article for the update.
2. Be listed as a new update and install alongside all other updates issued on patch day (second Tuesday of the month)
3. Obey the rules set forth in the automatic updates settings as defined by the administrator and not install automatically no matter what that setting says.

Camera:
Print-Screen key

Lens:
None

Film:
Clipboard

Darkroom manipulation:
None

Digital manipulation:
Cropped window

Copyright:
Dorian Muthig

Viewed:
7305 times

Screen Shot 2012-08-23 at 11.44.59 PM by Dorian Muthig Windows Update Agent 7-6-7600-256 installed on 6-24-2012 by Dorian Muthig Why do I have to use an administrator account to sync with Exchange? by Dorian Muthig

Previous    Thumbnails    Next

All rights reserved. Images may not be reproduced in any form without the express written permission of the copyright holder.
Powered by singapore Page created in 0.128 seconds | Log in