Microsoft Screws Up Security Fix While Bing Takes You to More Malicious Sites

Image of Microsoft Screws Up Security Fix While Bing Takes You to More Malicious Sites

At times it seems that the words Microsoft and Malware go hand-in-hand. I do not think that a day goes by that we do not hear about a new malware threat (often simply an old threat that has been modified). This has put Microsoft in an interesting position. They are always working to shore up holes in their operating systems we can see this by the continuous patches and hotfixes that are in existence for Windows (all versions). Of course it is not an easy task to develop an OS that is safe(er) or secure(ish) and still make it easy to operate. However recently we have seen Microsoft go to some extremes in trying to keep up with things… sometimes they appear to go way too far.
When Microsoft was preparing Windows 8 and Windows RT there were concerns about the way the OS was locked down. Many existing anti-malware applications would not work properly with Windows 8 and not at all on Windows RT. If these applications would install at all they all too often did not have access to critical parts of the OS (and file system) and were not capable of removing threats they did find there. Microsoft claimed that simply enabling this extra security on the core parts of the OS and file system would server to mitigate many threats. Unfortunately it seems they did not learn their lesson when they tried this with both Vista and Windows 7. Those protected areas became primary targets for malware writers. Fortunately the anti-malware companies were able to find a way to work within the new framework and we have options to scan for and remove malware on x86 versions of Windows 8 (Windows RT is still another matter).

However is looks like Microsoft is not content with just locking down Windows 8, they have released two security patches that fix issues with the way that applications can elevate privileges. The two fixes were intended to prevent third-party applications (Malware) from being able to run with elevated privileges and install malware or compromise the security of the system. The patches were part of MS13-036; unfortunately Microsoft appears to have gotten the patch half right. It seems that one of the fixes (2823324) causes havoc with the file system and certain anti-virus software (Kaspersky). Some of the symptoms that this patch did not work as planned are errors on boot, application errors, applications failing to launch, Kasperrky showing that there is no valid license, and according to some reports a continuous boot loop.

Posted by dontclickon 1471 days ago in Patch  |  decryptedtech.com
 

Who Voted


Vote For The Best