The Tech Herald

Comodohacker: I can hack Windows Update

by Steven Mostyn - Sep 13 2011, 08:38

Hackable?

Following on from the recent hack attack carried out against Dutch security specialist DigiNotar (read), it would appear notorious hacker Comodohacker is setting his/her sights on a significantly bigger target. 

Moreover, while claiming to be “so smart, sharp, dangerous [and] powerful”, the hacker has offered up a statement conflicting directly with Microsoft’s recent insistence that its Windows Update system cannot be compromised.

“I’m able to issue Windows updates—Microsoft’s statement about Windows Update and that I can’t issue such [an] update is totally false,” the hacker wrote via Pastebin. “Simply I can issue updates via Windows Update!”

“I already reversed ENTIRE Windows update protocol, how it reads XMLs via SSL, which includes URL, KB no, SHA-1 hash of file for each update, how it verifies that downloaded file is signed using WinVerifyTrust API,” the post boasted.

Although Microsoft remains staunch in its belief that Windows Update cannot be circumvented “even to an attacker with a fraudulent certificate”, hundreds of millions of unwitting users could face a flood of malware if Comodohacker is able to make good on the claim.

“Attackers are not able to leverage a fraudulent Windows Update certificate to install malware via the Windows Update servers”, wrote the software giant via its official blog.

“The Windows Update client will only install binary payloads signed by the actual Microsoft root CA certificate, which is issued and secured by Microsoft,” it added.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Monaco Grand Prix Circuit Map

Infiniti Red-Bull have released a Monaco Grand Prix circuit map showing a string of G-Force and speedo readings recorded in their cars on a normal lap. The team also described the most complicated turns on the track: Turn 1, Sainte Devote, sees drivers hit the barrier if they come into corner just 1km/h too fast [...]

The post Monaco Grand Prix Circuit Map appeared first on Autosaur.

Daniel Day-Lewis and Yasmin Le Bon at Mille Miglia rally in Italy

Jaguar have released a cool little film about their experience at this year’s Mille Miglia car rally in Italy — featuring stars including triple Oscar-winner Daniel Day-Lewis and model Yasmin Le Bon. The video has short interviews with several of the famous participants about taking part in the 1,000-mile event, which celebrates the original Mille [...]

The post Daniel Day-Lewis and Yasmin Le Bon at Mille Miglia rally in Italy appeared first on Autosaur.

Man wins Batman version of Nissan Juke

A BATMAN fan has won a special version of the Nissan Juke inspired by the films — and which has a string of features more normally seen on the Batmobile. Adam Williams was presented with the matt black vehicle after a real Batmobile (well, as real as they get) was driven through the streets of the [...]

The post Man wins Batman version of Nissan Juke appeared first on Autosaur.