Wierd Critical Update

Articles Metasploit Framework Windows Tutorial Remote Desktop Connection Windows Processes That May Be Dangerous How-To use NetCat a Tutorial Common Linux Commands Common Ports Netcat Commands HTTP Response Codes War-Google Hack Terms Wardriving Avoiding Social Engineering and Phishing Attacks Intrusion Detection on Linux Linux Intrusion Detection Penetration Testing Guide Penetration Testing Tools Social Engineering Fundamentals, Part I: Hacker Tactics Social engineering (computer security) The Psychology of Social Engineering The Archives General GSO GovernmentSecurity.org News & Suggestions In The News Open Topic General Security Information Trash Can Exploit & Vulnerability Mailing List Archives Trial Member Forum Product and Program Reviews GSO Tutorials System Security Windows Systems Beginners Section Linux & Unix Systems File Downloads Exploit Research & Discussion Trojan & Virus Errata Networking Security / Firewall / IDS / VPN / Routers System Hardening E-Mail Security Wifi Security Trial Member Uploads Upload discovered Trojans & Mal ware GSO Programming Section C , C++ , VC++ Visual Basic .NET Perl /CGI Java/Javascript PHP/XML/ASP/HTML Assembly + Other The Cork Board Network Security Consultant Directory Network Security Jobs The Archives Encryption Information General Network Security Internet Anonymity HTTP Protocol Security Linux Security MS IIS Information Exploit Articles Programming / Tool Design GSO Software Projects Public Downloads Microsoft Security Questions and Papers		Help - Search - Member List - Calendar Full Version: Wierd Critical Update GovernmentSecurity.org > System Security > Beginners Section GhostCow Aug 13 2005, 12:20 AM i was working on my computer a few days ago when suddenly it restarts and afterwards the windows said it was an automatic restart for a critical windows update... what is this update and why install itself secretly and restart my computer without any warning? btw i have microsoft antispyware beta installed if that has anything to do with it... is there some sort of invasion of my privacy here some verification of my windows key (which is bought and paid for)? i mean what if microsoft found i had an illegal copy what then? would my windows lock up? is this some kind of advanced activation? btw i have SP2 installed. sEc0nd Aug 13 2005, 12:34 AM Hi! yes i think... windows wants to check the serial keys -.- Ca 3 weeks ago on M$ Windows Update Site you will be asked if you want to send your Serials Key and data... since 1 week you will not be asked... they just do it and u have to look So now M$ may have got a new "SerialKey-Check" and to force the people to make update, they published the following vulns as critical: # MS05-038 <#038>: Cumulative Security Update for Internet Explorer # MS05-039 <#039>: Vulnerability in Plug and Play Could Allow Remote code Execution and Elevation of Privilege # MS05-040 <#040>: Vulnerability in Telephony Service Could Allow Remote Code Execution # MS05-041 <#041>: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service # MS05-042 <#042>: Vulnerability in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing # MS05-043 <#043>: Vulnerability in Print Spooler Service could Allow Remote Code Execution So all People are realy asked to update their systems and send the Serial Keys to M$... thats my theorie In your case, M$ force the update harder, due install it secretly... cheers digital-flow GhostCow Aug 13 2005, 01:04 AM are there any known exploits for these vuln. or are they bogus and unjustified updates made only to plant new sht on your computer against piracy? apoc_neo Aug 13 2005, 03:18 AM QUOTE(GhostCow @ Aug 13 2005, 01:04 AM) are there any known exploits for these vuln. or are they bogus and unjustified updates made only to plant new sht on your computer against piracy? no there is exploit for every one of thoes....... JustAsFire Aug 13 2005, 09:20 AM hm... do you have automatic update turned on? sEc0nd Aug 13 2005, 03:52 PM GhostCow: yes thats are "realy vulns" but the point is, that M$ published this "critical" vulns at this time, they allready got the patch (to update) and not befor... This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here. Invision Power Board © 2001-2005 Invision Power Services, Inc.