Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows update with dubius title and links to help and support


  • This topic is locked This topic is locked
21 replies to this topic

#1 snowyman

snowyman

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 30 September 2015 - 11:41 AM

I went to Windows update and checked for new updates today. One important update appeared under the heading "Windows 7 Language updates"

 

The details were:

 

 

 

gYxseNjwafVPfgsoHnzLblmmAxZUiOnGcchqEAEwjyxwjUIfpXfJQcdLapTmFaqHGCFsdvpLarmPJLOZYMEILGNIPwNOgEazuBVJcyVjBRL

Download size: 4.3 MB

You may need to restart your computer for this update to take effect.

Update type: Important

qQMphgyOoFUxFLfNprOUQpHS

More information:
hckSLpGtvi.PguhWDz.fuVOl.gov      and  jNt.JFnFA.Jigf.xnzMQAFnZ.edu               Help and Support:   IIKaR.ktBDARxd.plepVV.PGetGeG.lfIYQIHCN.mil

 

I haven't run the update and have taken the option of hiding the update. I have also changed the settings on autoupdate to inform me of updates and not install them without my input.

 

Is it possible my computer has been hacked or far more unlikely Microsoft has been hacked?

 

I ran Kaspersky and Spybot Search and Destroy, they found nothing nasty and Malwarebytes found a PUP.Optional.Hicosmea Registry key.

 

I'm running Windows 7 service pack 1.


Edited by snowyman, 30 September 2015 - 11:49 AM.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 30 September 2015 - 12:07 PM

Hi snowyman :)

Please do not install that update. This is new from today and it seems like there's something happening with it, since the results on Google starts to grow bigger and bigger as the hours pass by. We don't know exactly what caused this update to appear, nor what it does.

Related links:
https://www.google.ca/search?q=test&oq=test&aqs=chrome..69i57j0l2j69i61j0l2.5457j0j8&sourceid=chrome&es_sm=93&ie=UTF-8#q=hckSLpGtvi.PguhWDz.fuVOl.gov
https://security.stackexchange.com/questions/101520/weird-windows-update
http://forum.electricunicycle.org/topic/1366-hacked-windows-andor-windows-update-server/
https://www.reddit.com/r/techsupport/comments/3mykv1/weird_windows_update/
http://www.geekstogo.com/forum/topic/356298-very-unusual-windows-update/

It was also posted on Microsoft Community forums, but no Microsoft Rep. replied to it yet, so I suggest you to follow it in the meantime.

https://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-appears-to-be-compromised/e96a0834-a9e9-4f03-a187-bef8ee62725e?auth=1

Thank you.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 30 September 2015 - 02:08 PM

Update: This update isn't malicious, like many thoughts, a test update was pushed by mistake in production and Microsoft is working on calling it back.

http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/

This being said, one person reportedly installed the update and said that it "screwed up" his system, so I still advice you to not install it, nor attempt to install it.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 snowyman

snowyman
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 30 September 2015 - 03:46 PM

Update: This update isn't malicious, like many thoughts, a test update was pushed by mistake in production and Microsoft is working on calling it back.

http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/

This being said, one person reportedly installed the update and said that it "screwed up" his system, so I still advice you to not install it, nor attempt to install it.

Many thanks for your consideration and updates. :)



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 30 September 2015 - 04:03 PM

No problem snowyman, you're welcome :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 sparklestar

sparklestar

  • Members
  • 348 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 30 September 2015 - 07:10 PM

I haven't run the update and have taken the option of hiding the update. I have also changed the settings on autoupdate to inform me of updates and not install them without my input.

 

FYI, windows is not going to inform you, as described here:  http://www.bleepingcomputer.com/forums/t/590730/why-doesnt-windows-notify-me-about-updates/


Edited by sparklestar, 30 September 2015 - 07:10 PM.


#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 30 September 2015 - 07:11 PM

Hum? My Windows 7 VMs still informs me of Windows Updates just fine and they are fully updated.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 sparklestar

sparklestar

  • Members
  • 348 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 30 September 2015 - 07:30 PM

It has popups from the system tray telling you there's new updates available when you have it set to check for updates but let me choose?  In that thread 4 different people with 6 different machines are having the same problem I am, you are the first person I have heard from who doesn't have the problem. I'd love to get some help fixing it



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 30 September 2015 - 07:31 PM

Well, I doubt I have any Windows Updates pending right now (since like I said they are fully updated). I can check them however. If not, next week is supposed to be Patch Tuesday so we'll see then :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 sparklestar

sparklestar

  • Members
  • 348 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 30 September 2015 - 07:35 PM

Oh yeah. Heh, as we speak my system tray is not notifying me about any updates, but if i go into windows update there is 1 important update available (it's the gibberish one lol). Same deal over the last few weeks though with normal updates.



#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 30 September 2015 - 08:32 PM

Alright so I tested it and it notifies me as soon as Windows starts downloading and installing updates, and once they are installed. Not when they are available. However, the two of them were "Recommended" and I have "Give me recommended updates the same way I receive important updates", so maybe that notification doesn't show up in that particuliar situation. I'll check on the next Patch Tuesday.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 cafejose

cafejose

  • Members
  • 1,066 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 01 October 2015 - 12:16 AM

What else should users do?  I just set the update options to "Never check for updates", at least temporarily.  I would like to see what users have to say here for the next few days,  and then make the Windows 7 machine just accept all the updates that are safe and not take that one bad update.



#13 sparklestar

sparklestar

  • Members
  • 348 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 01 October 2015 - 12:54 AM

Depends on how you feel about the windows 10 related (and telemetry) updates. If you don't want those then you can never set Windows 7 back to automatic updates. In that case what you have to do is just manually check for updates every day and inspect each one of them.



#14 cafejose

cafejose

  • Members
  • 1,066 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 01 October 2015 - 01:38 AM

Depends on how you feel about the windows 10 related (and telemetry) updates. If you don't want those then you can never set Windows 7 back to automatic updates. In that case what you have to do is just manually check for updates every day and inspect each one of them.

I just did what you said could not be done, TWICE.  The setting can in fact be changed back to Automatically Check And Install Updates after being in the Never Check... setting.  Also, the only important update listed upon the Window Update doing its check was just a NET Framework 4.5.2 update for x64, and no other important updates listed.  Neither was that bad "gibberish..." update listed.  Still I'm interested in "what else should users do..." question.



#15 sparklestar

sparklestar

  • Members
  • 348 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 01 October 2015 - 04:13 AM

Of course you can change the settings, that's not what I said...






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users