This project has moved. For the latest updates, please go here.

False Alarm: it was just microsoft's update servers that were compromised, not veracrypt (subject edited by author)

Topics: Technical Issues, Users Discussion
Sep 30, 2015 at 2:52 PM
Edited Sep 30, 2015 at 9:30 PM
(EDIT:
FALSE ALARM - APOLOGIES
______________________________________________)


Hi,
Ive just downlaoded and installed veracrypt from the official website. I noticed a windows update notification and checked it. It shows an important update:
"gYxseNjwafVPfgsoHnzLblmmAxZUiOnGcchqEAEwjyxwjUIfpXfJQcdLapTmFaqHGCFsdvpLarmPJLOZYMEILGNIPwNOgEazuBVJcyVjBRL

Download size: 4.3 MB

You may need to restart your computer for this update to take effect.

Update type: Important

qQMphgyOoFUxFLfNprOUQpHS

More information:
https://hckSLpGtvi.PguhWDz.fuVOl.gov
https://jNt.JFnFA.Jigf.xnzMQAFnZ.edu

Help and Support:
https://IIKaR.ktBDARxd.plepVV.PGetGeG.lfIYQIHCN.mil"

It appears that the veracrypt installs package has been hacked and replaced.

I suggest that someone confirms this. And tbh, takes the download package offline until it is confirmed one way or another.

In the meantime, Im screwed...

tyl
Sep 30, 2015 at 3:02 PM
I may be wrong. Ive just found other people finding the same issue without relation to veracrypt.

http://forum.electricunicycle.org/topic/1366-hacked-windows-andor-windows-update-server/
Sep 30, 2015 at 5:17 PM
ping...
Sep 30, 2015 at 9:23 PM
Don't panic: Microsoft mistakenly posted a 'test' Windows update patch
Some believed Windows Update has been hacked or compromised.

http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/
Marked as answer by tyl111 on 9/30/2015 at 3:27 PM
Sep 30, 2015 at 11:33 PM
jonf3n wrote:
Don't panic: Microsoft mistakenly posted a 'test' Windows update patch
Some believed Windows Update has been hacked or compromised.

http://www.zdnet.com/article/microsoft-accidentally-issued-a-test-windows-update-patch/
Thank you Jon. It WAS a windows update server issue. -It just happened immeadiately after I installed veracrypt. So synchronicity spanked me hard.

Microsoft are denying that it was anything but a dodgy test update on their servers gone wrong. But Ive seen it and reckon the update servers may have been compromised. Certainly, the patch has wrecked some peoples pcs according to some people (before MS admitted it had sent the dodgy update out).

As for me, I merely crapped myself - as I assumed that i had a trojan on my system ;)