Gönderim Listesi ecs-t6x@2rosenthals.com Ar?vli ?leti #329

Gönderen: "Carl Gehr" <ecs-t6x@2rosenthals.com> Tam Ba?l?klar
Çözülmemi? ?leti
Konu: Re: [eCS T60/T61] Lenovo malware
Tarih: Sat, 22 Nov 2008 13:42:45 -0500 (EST)
Alacak: "eCS ThinkPad T60/61 Mailing List" <ecs-t6x@2rosenthals.com>

Jon,

Just a quick [I hope] question about this 'distribution'...

What, exactly, would someone have requested that would result
in this download from Lenovo?  I assume it is not part of what
a user would get as a result of normal XP updates, but I want
to be sure.

I don't use XP [or any 'Doze' stuff], but I have friends and
family who do use it on some TPads.  I just want to know what
to warn them about, if that should really be done.

Thanks,
Carl

=-=-=-=-=-=-= In Reply to Your ORIGINAL MESSAGE =-=-=-=-=-=-=
From: "Jon Harrison" <ecs-t6x@2rosenthals.com>
To:   "eCS ThinkPad T60/61 Mailing List" <ecs-t6x@2rosenthals.com>
cc:  
Date: Thu, 20 Nov 2008 20:33:47 -0800 (PST)
Subject: [eCS T60/T61] Lenovo malware

Although this info is not applicable to eCS I figure there may be some
readers here who  
occasionally use XP on their TP.  So here is something FYI.

Lewis:  If you think this is inappropriate then I apologise and please
remove this in that case.

jon


 Thursday November 20, 2008
Lenovo Ships Malware With Software

A Windows XP software package distributed by Lenovo earlier this week
was infected with malware.
The program has been removed from the Lenovo site.

The problem was in the Lenovo Trust Key software for Windows XP, a
digitally signed driver package
for Windows XP SP2 systems. The application is used for secure logon
and secure private folders.

Microsoft identified the infection as Win32/Meredrop, a Trojan dropper.
Such programs download and
install other malicious programs. Other anti-virus vendors are
detecting the threat as a 'hooligan'
virus or a porn dialer.

Even though the report indicates that it is the XP version which is
affected, the Vista version is
also no longer available on the Lenovo site. Perhaps the are the same
version.

In such cases it is good practice to revoke the digital certificate
used to sign the package. I
have no word yet on whether Lenovo will do this. If they do so and have
used the same certificate
to sign other packages, all of those will need to be resigned and
re-issued.

source:
http://blogs.pcmag.com/securitywatch/2008/11/lenovo_ships_malware_with_s
oft.php

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message is sent to you because you are subscribed to
  the mailing list <ecs-t6x@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-t6x-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to
<ecs-t6x-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-t6x-index@2rosenthals.com>
Send administrative queries to  <ecs-t6x-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-t6x-on@2rosenthals.com>
and reply to the confirmation email.
Web archives are publicly available at: http://lists.2rosenthals.com

This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


=-=-=-=-=-=-=-=-=-= END ORIGINAL MESSAGE =-=-=-=-=-=-=-=-=-=



Abone ol: Bildirim, Derleme, Fihrist.
Abonelikten ç?k
Liste Sorumlusuna Postala