Sujet : Windows tried to save the world from me
De : nospam (at) *nospam* dfs.com (DFS)
Groupes : comp.os.linux.advocacyDate : 18. Apr 2024, 01:53:36
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <uvpne0$1s9lr$1@dont-email.me>
User-Agent : Betterbird (Windows)
Tried to download the source code for the recent xz backdoor
https://github.com/tukaani-project/xz/releases/tag/v5.6.1Windows Defender already includes a (or the) xz backdoor signature: right after the file was downloaded and saved to my desktop, Defender sprang into action to keep me from infecting the Windows world [1].
The "severe" threat was identified as "Backdoor:Linux/XZBackdoorBuild.B"
(Defender identified a single archive file inside the .gzip:
xz-5.6.1/tests/files/good-large_compressed.lzma)
With no interference or permission by me, Defender deleted the tar.gz.
I marked this threat as "allowed", but when I tried to download it again, Defender deleted it again.
I really, really wanted to initiate a global malware meltdown, so I turned off some portions of Win11 Defender security:
Start
Settings
Privacy & Security
Windows Security
Open Windows Security
Virus & Threat Protection
Virus & Threat Protection Settings - Manage Settings
Real-time Protection
turned off (it comes back on automatically after a while)
Went back to the web page and hurriedly downloaded the source. This time I was successful.
A little later I turned 'Real-time Protection' back on and did a Quick Scan and it detected the scary file and let me decide to keep it or not.
You Windows-using cola advocates are doomed...
1. Microsoft MVP Greg Carmack says:
-------------------------------------------------------------------------
Windows will not let you turn off basic built-in protection from Defender and Firewall, unless another is installed in it's place which should switch it off.
This is because being able to go unprotected would place the entire WIndows eco-system at risk of easy infection by serious global malware infection which can spread like wildfire.
The threat is so great that Microsoft operates 24/7 global security command centers on all continents which are constantly engaged in battle with malware spread. Even one device without protection can give these infections a toehold.
-------------------------------------------------------------------------