Follow

Supply chain, Microsoft, rootkit 

Microsoft signed a driver containing a rootkit. This isn't just a "driver with bugs that can be exploited" situation. It's a "driver is calling out to a command and control server" thing.

bleepingcomputer.com/news/secu

re: Supply chain, Microsoft, rootkit 

@adam yep, been watching this unfold for a few weeks now.

*sigh*

re: Supply chain, Microsoft, rootkit 

@thegibson Microsoft's official reply downplaying it does not inspire confidence. The "well, people have to install it" excuse is weak. And to assert that it only affects Chinese gamers, as if they have a special version of Windows that makes only them vulnerable... that's pretty deceptive.

Carefully crafted to not be outright false, of course, which, frankly, makes it even worse.

re: Supply chain, Microsoft, rootkit 

@adam yep.

They know they fucked up.

Supply chain, Microsoft, rootkit 

@adam not even remotely surprising! Good thing they have that signing system…

Sign in to participate in the conversation
hax0rbana.social

Mostly hackers, mostly in Urbana, IL, talking to each other & our friends on like-minded servers without giving our personal data to the marketing machine.