Jump to content

Possible Stealth Win 7 Update?

2clutch

By 2clutch
in General Windows PC Help

 Share

Recommended Posts

2clutch

2clutch

Posted
Posted

So yesterday i was checking for updates after opening my pc (av fw windows itself) and everything was normal, until my hips software

 

alerted me about a 'Wusetupv.exe' trying to modify registry keys.I started to panic here as ive never heard of the file before and i began searching to see what it is.

 

It was related to windows update and required to run, or so i thought and didnt take any action but kept searching.At one point i came across people saying that they saw some updates during boot sequence despite the fact that they didnt allow automatic updates.Realizing this i closed my computer and see if something would happen at boot and it actually did.

 

While searching, i also saw that a virus named flame described as cyberwarfare, was using a method like this and i rushed to check update logs.

 

There weren't any 'signature not trusted' messages on the log file but NONE of the files' signatures were verified (it shows 'microsoft signed: NA instead of the usual yes), i checked to see if there was any instance of signed: NA but ive never seen one in the logs that dated back as far as june 2014

 

so im trying to learn if windows stealth updated itself or if im targeted by a really complex malware at this point

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello and welcome.

 

What you are seeing is likely related to the July Microsoft Security Advisory 2982792
on Digital Certificates.
From time to time, MS will make a security release related to the area of digital certificates.

Related to this see the post marked as Answer on the Microsoft Answers forum at this link
 

p.s. It is not a "stealth" update by MS.  They publish notices on all their security updates on their Technet site.

http://technet.microsoft.com/security/dn440717

Link to post
Share on other sites
2clutch

2clutch

Posted
  • Author
Posted

Hello and welcome.

 

What you are seeing is likely related to the July Microsoft Security Advisory 2982792

on Digital Certificates.

From time to time, MS will make a security release related to the area of digital certificates.

Related to this see the post marked as Answer on the Microsoft Answers forum at this link

 

p.s. It is not a "stealth" update by MS.  They publish notices on all their security updates on their Technet site.

http://technet.microsoft.com/security/dn440717

first of all thank you for your fast response and im sorry but im a bit confused at this point, should i download mbam and do a full scan with my av just in case,? do i need to install somehing else, and more importantly it's normal after all right?

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

Windows update agent has a rolling update in prosess to version 7.6.7600.320 . I allowed it on two machines yesterday.

 

That's probably what you saw.

 

http://www.sevenforums.com/windows-updates-activation/339895-windows-update-agent-7-6-7600-320-a.html

 

Yes, I got it today and saw the same "Configuring Windows Updates" message a little while ago upon cold-starting my main production DT. :o :o

 

>>I must confess, it did startle me a bit, as well.  This was neither patch Tuesday, nor the "4th Tuesday" and I hadn't heard anything about out--of-band updates.

 

Just cold-started my other DT and have not gotten it, yet.

So, it does seem to be throttled/rolling, as usual.

Haven't booted the LT to check.

 

Minor wracking of the noives. :D

post-29793-0-84354800-1407004552_thumb.p

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

I don't auto-update, either (notify only!), on all my boxes.

That's why this was so weird.

I should have been notified, but was NOT.

 

So, I think this might indeed have been an over-ride of WU settings???

 

At least I won't freak as much for the next 2.

 

Thanks for the fright, M$! :angry:

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

http://www.sevenforums.com/windows-updates-activation/339895-windows-update-agent-7-6-7600-320-a.html#post2845204

 

From NoelDP, THE Windows Update guy:

 

Windows Update Agent updates are mandatory - and will happen in the background whatever the WU settings (read your Windows License Terms).
The only thing that will prevent them is turning BITS off completely - which means no updates, ever, unless you do them manually from standalone downloads.

The update is designed to increased the stability of WU, and the security.

 

Not sure why I missed seeing this when I checked SF forums earlier (must be that dropping Geritol titer again).

 

Cheers!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.