Be careful of Windows update

For some reason Windows update is offering people to install an ATI
driver and claiming it is an important update instead of optional. I
already have latest driver so there is no way I need this driver. If you
have auto-update on, which I don't, it will install automatically which
has happened to a few people already. The drivers at Windows update do
not have OpenGL driver so if you have any games that use OpenGL and this
update installs you will have to mess around with installing ATI
download driver again.

* Anton Kolakov:
> For some reason Windows update is offering people to install an ATI
> driver and claiming it is an important update instead of optional. I
> already have latest driver so there is no way I need this driver. If you
> have auto-update on, which I don't, it will install automatically which
> has happened to a few people already. The drivers at Windows update do
> not have OpenGL driver so if you have any games that use OpenGL and this
> update installs you will have to mess around with installing ATI
> download driver again.

I noticed the same problem, Windows update installed an older driver
(identified as Catalyst 9.7 by CCC) when I had 9.9 already installed, so
I had to reinstall 9.9 afterwards.

It doesn't seem to be limited to ATI drivers. On my laptop with Nvidia
gfx I was offered an older driver as "critical update" today.

Ben

Eric Shune wrote:

> I have never been offered drivers, even when running much older versions.
>
>

Probably because you turned off the option to show optional updates. The
problem now is that Microsoft has flagged them as critical updates,
which they are not. If you run update now you should see the video
driver update unless Microsoft has fixed their gaff already.

First of One wrote:
> Automatic Updates is one of the first things I disable after installing
> Windows, along with about 20 other useless Windows Services.
>
Me too, but I installed MSSE on XP and Win7 today and Microsoft thought
it would be a good idea to turn auto-updates back on without notifying
me it would. Soon turned it off again though. I know when to check for
updates and I even turn off auto-updates in AV software which might not
be a good idea for some people but I manually have it check for updates
daily.

First of One wrote:
> Checking for AV updates daily is really overkill. :-) I update my Avira
> Antivir definitions once a month and I download all kinds of cracks and
> no-CD patches without infection.
>
Never heard of Zero Day virii? AV should be checked for updates every
day if you are going to bother running AV software. AV software is
usually updated every day too.

In message <> "First of
One" <root@127.0.0.1> was claimed to have wrote:

>A few things make daily AV software updates overkill:
>
>- Just because a zero-day virus is in the wild doesn't mean it has infected
>the file you happen to be downloading today. In fact virus propagation on
>the internet takes time.
>- When an AV software developer is made aware of a new virus in the wild,
>they still need time to analyze it and develop the signature, so even daily
>AV updates will lag behind virus threats by a few days.

Right... So why add additional latency to the process?

* First of One:
> Checking for AV updates daily is really overkill.

No, it isn't.

> :-) I update my Avira
> Antivir definitions once a month and I download all kinds of cracks and
> no-CD patches without infection.

Just because you were lucky so far doesn't mean your approach is
sensible. In fact, you can be infected without knowing it.

Updating your AV software daily only takes seconds and is done
automatically. There is absolutely no sane reason to not do it.

Benjamin

* First of One:
> A few things make daily AV software updates overkill:
>
> - Just because a zero-day virus is in the wild doesn't mean it has infected
> the file you happen to be downloading today. In fact virus propagation on
> the internet takes time.

This is not true, as the past has shown. Many zero day exploits are
widely used within a few days.

> - When an AV software developer is made aware of a new virus in the wild,
> they still need time to analyze it and develop the signature, so even daily
> AV updates will lag behind virus threats by a few days.

No. Just because you (the public) haven't heard of it before does not
mean the AV software developers haven't, too.

> - Signatures is only one means of detecting viruses, the other being
> heuristics.

Heuristics is very unreliable and only works when the malware is already
on your system.

Sorry, but your relaxed and very naive approach is a prime example why
bot net operators never run out of zombie PCs.

Benjamin

In message <> Benjamin Gawert
<> was claimed to have wrote:

>> - Signatures is only one means of detecting viruses, the other being
>> heuristics.
>
>Heuristics is very unreliable and only works when the malware is already
>on your system.

*all* desktop AV software only works when malware is already on your
system.

Heuristics are trivially defeated by any virus author with a copy of the
AV software they're trying to defeat and are therefore not particularly
reliable, but that's another debate entirely.

* DevilsPGD:

>> Heuristics is very unreliable and only works when the malware is already
>> on your system.
>
> *all* desktop AV software only works when malware is already on your
> system.

Well, yes (it was badly worded, sorry). However, heuristics only works
once the malware is *active* while signature-based scanning works when
the malware is still *inactive*

> Heuristics are trivially defeated by any virus author with a copy of the
> AV software they're trying to defeat and are therefore not particularly
> reliable, but that's another debate entirely.

Heuristics is a last chance of detecting something nasty but the chance
that it works is minimal. Once malware is running then the whole system
should be considered compromised and cleaned up appropriately.

Benjamin