Windows Defender already includes a (or the) xz backdoor signature:
right after the file was downloaded and saved to my desktop, Defender
sprang into action to keep me from infecting the Windows world [1].
On Wed, 17 Apr 2024 19:53:36 -0400, DFS wrote:
Windows Defender already includes a (or the) xz backdoor signature:
right after the file was downloaded and saved to my desktop, Defender
sprang into action to keep me from infecting the Windows world [1].
Wait until it mistakenly identifies something you're fond of and saves you from it.
On 4/17/2024 9:36 PM, rbowman wrote:
On Wed, 17 Apr 2024 19:53:36 -0400, DFS wrote:
Windows Defender already includes a (or the) xz backdoor signature:
right after the file was downloaded and saved to my desktop, Defender
sprang into action to keep me from infecting the Windows world [1].
Wait until it mistakenly identifies something you're fond of and saves
you from it.
That happened to you?
... their vulnerability to viruses is only as much as the incompetence
of the owner ...
I have a lot of respect for the early adopters of Linux in the '90s and beyond.
DFS <nospam@dfs.com> wrote:
On 4/17/2024 9:36 PM, rbowman wrote:
On Wed, 17 Apr 2024 19:53:36 -0400, DFS wrote:
Windows Defender already includes a (or the) xz backdoor signature:
right after the file was downloaded and saved to my desktop, Defender
sprang into action to keep me from infecting the Windows world [1].
Wait until it mistakenly identifies something you're fond of and saves you >>> from it.
That happened to you?
I tend to agree this is a silly, unfair attack on M$, their
vulnerability to viruses is only as much as the incompetence of the
owner, I have no more concern with malware under Winblows than I would
under Linux, although I would use Norton "just in case", but it's
safe.
Tried to download the source code for the recent xz backdoor
https://github.com/tukaani-project/xz/releases/tag/v5.6.1
Windows Defender already includes a (or the) xz backdoor signature:
right after the file was downloaded and saved to my desktop, Defender
sprang into action to keep me from infecting the Windows world [1].
The "severe" threat was identified as "Backdoor:Linux/XZBackdoorBuild.B"
(Defender identified a single archive file inside the .gzip: xz-5.6.1/tests/files/good-large_compressed.lzma)
With no interference or permission by me, Defender deleted the tar.gz.
I marked this threat as "allowed", but when I tried to download it
again, Defender deleted it again.
I really, really wanted to initiate a global malware meltdown, so I
turned off some portions of Win11 Defender security:
Start
Settings
Privacy & Security
Windows Security
Open Windows Security
Virus & Threat Protection
Virus & Threat Protection Settings - Manage Settings
Real-time Protection turned off (it comes back on automatically
after a while)
Went back to the web page and hurriedly downloaded the source. This
time I was successful.
A little later I turned 'Real-time Protection' back on and did a Quick
Scan and it detected the scary file and let me decide to keep it or not.
You Windows-using cola advocates are doomed...
1. Microsoft MVP Greg Carmack says:
Windows will not let you turn off basic built-in protection from
Defender and Firewall, unless another is installed in it's place which
should switch it off.
This is because being able to go unprotected would place the entire
WIndows eco-system at risk of easy infection by serious global malware infection which can spread like wildfire.
The threat is so great that Microsoft operates 24/7 global security
command centers on all continents which are constantly engaged in battle
with malware spread. Even one device without protection can give these infections a toehold.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 307 |
Nodes: | 16 (2 / 14) |
Uptime: | 49:41:13 |
Calls: | 6,911 |
Calls today: | 1 |
Files: | 12,379 |
Messages: | 5,429,814 |