Your browser is obsolete!

The page may not load correctly.

Unexpected guests

Незваные гости

Other issues in this category (70)
  • add to favourites
    Add to Bookmarks

The flip side of update rollbacks

Read: 16024 Comments: 2 Rating: 9

Thursday, April 26, 2018

Our readers are well informed about the need to install updates. But many users refrain from installing them, fearing the consequences. Indeed, things happen! That's why Microsoft allows updates to be rolled back—i.e., updated system files can be restored to their previous state.

Users can do this in several ways—via the Control Panel and the Update Log or via the command line.

To remove updates manually, run the command line as an administrator. You can do this by right-clicking on the Start button and then selecting Command Prompt (Admin).

#drweb

To begin, let's check what updates are installed to your system. Enter the command wmic qfe list brief /format:table, and press Enter.

#drweb

Select the update that you want to roll back by entering the command wusa /uninstall /kb:ID, where ID is the number of the update. For example, wusa /uninstall /kb:4022405. If you want to remove the update, automatically confirm this action, and, if necessary, automatically restart the computer, by entering the following command: wusa /uninstall /kb:ID /quiet /forcerestart.

And now let’s talk about the flip side of this option. If you can pull off such a trick, cybercriminals can, too. Here is a recent incident connected with Android:

Researchers have found that criminals can roll back an operating system to older versions, which are vulnerable to various security exploits.

For clarity, the researchers conducted an experiment on Samsung Galaxy S7, Huawei Mate 9, Google Nexus 5, and Google Nexus 6 devices. They replaced updated versions of the Widevine plugin with an older version that was vulnerable to CVE-2015-6639.

http://www.securitylab.ru/news/488255.php

As a result, attackers will be able to embed malware using whatever method suits them into the specific applications they are targeting.

#security_updates #Windows #Аndroid

The Anti-virus Times recommends

  1. Do not use a system administrator account. If you are working under an account with limited privileges, it is impossible for you to run commands that require administrator permissions.
  2. Use the Windows Startup Control Panel—it won't let any program launch itself invisibly.
  3. And, of course, you need an anti-virus. It will not allow an attacker to "carry" and embed malicious software into your system.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments

Comments to other issues | My comments