Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] WGA More Sneaky Than Most People Imagine

Cancelling WGA Installation sends a report to Microsoft

,----[ Quote ]
| They decided to cancel the installation and immediately after doing
| so the firewall reported that update.exe tried to connect to the
| internet. This caught their attention of course and they decided
| to analyze the data that was send after the connection was established.
| 
| They used Wireshark to analyze the traffic and found out that
| update.exe sends data to genuine.microsoft.com. Some of the data
| seems to be encrypted while some could be identified. It sends
| registry information, namely the SusClientID as well as information
| about the version of the WGA tool, the windows version and the
| language of the operating system. It also sets a cookie whichc
| ontains a GUID which could possibly be used to identify the computer.
`----

http://www.neowin.net/index.php?act=view&id=38614


Related:

Spyware Riddles Q3 of UK Companies

,----[ Quote ]
| Peapod, a leading security firm, recently reported that more than
| 73% of UK businesses were attacked by spyware in 2006, whereas 19%
| were found incapable of spotting the source. The security firm
| claimed that it gets highly difficult for the companies to give
| protection to their networks, and loads of have not found out
| all areas of risk so far.
`----

http://www.spywarehunter.org/entry/spyware-riddles-q3-of-uk-companies/

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index