Rootkit author offer fix for MS patch problem
in [Windows XP]
|
Prev: WinXP Driver Issue
Next: can't delete program
From: Bob I on 19 Feb 2010 08:29 Jose wrote: > On Feb 18, 3:14 pm, "PA Bear [MS MVP]" <PABear...(a)gmail.com> wrote: > >>I think it disingenuous at best to consider malware writers & botnet owners >>"developers." >> >>HeyBub wrote: >> >><blithersnippage> >> >> >> >>>This is not the first time Microsoft has changed an un-documented item to >>>the cost of developers. > > > Their efforts are sometimes clever, usually merely annoying and fairly > easy to outsmart. > > I think there is some sick, twisted and perverted reward (there - > that's all the good words) and competition between the authors to see > who can be the most likely to induce a complete reinstall of Windows > when some person on the receiving end is unable or unwilling to try to > figure out their products and fix the problem and just gives up. > Victory is theirs! > > They could certainly be malicious and destructive if they wanted to > be, but so far... they seem to be mostly just annoying. No the 'bot herders want to remain UNdetected. They DON'T want to lose control of a PC as it is in their best interest to keep the PC working for them.
From: MowGreen on 19 Feb 2010 21:43
VanguardLH wrote: > HeyBub wrote: > >> "According to security vendor Prevx, the authors of the rootkit which was >> the cause of a large number of unbootable systems which applied the MS10-015 >> patch issued last week have issued a patch to fix the incompatibility." >> >> http://blogs.pcmag.com/securitywatch/2010/02/rootkit_authors_issue_patch_fo.php >> >> All your roots belong to us... > > So rather than get RID of the rootkit malware, users are expected to get an > update to the malware. Uh huh. > > In similar manner, put the malware authors up against a wall and I'll SHOOT > them in their heads with hollow-point bullets. Then I'll offer to remove to > the flattened bullets, bend them into a slightly different form, and then > hammer them back into their dead brains. Works for me. I'll bring the popcorn and refreshments, Vanguard. MowGreen ================ *-343-* FDNY Never Forgotten ================ banthecheck.com "Security updates should *never* have *non-security content* prechecked |