Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
MP3rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code
p2pnet - rss feed: http://p2pnet.net/p2p.rss | p2pnet celebrities: http://p2pnet.net/celeb.rss | Mobile? http://p2pnet.net/index-wml.php

WGA worm shows up

p2p news / p2pnet: It was inevitable: someone’s apparently crafted a worm to take advantage of Windows Genuine (dis)Advantage, the Microsoft application Bill and the Boyz say isn’t spyware.

The program was designed to poke around inside your PC to make sure you’re not running Microsoft counterfeits and to rat you out if you are, calling Redmond every day with updates.

Then, following an attack of Bad PRitis, the company decided once every two weeks was enough, but too late because in Seattle, close to where Microsoft lives, Brian Johnson had already asked for class-action status, claiming the company failed to adequately disclose details when WG(dis)A was downloaded through Automatic Update.

Now, “IT security experts have warned of a worm that purports to be Microsoft’s Windows Genuine Advantage (WGA) anti-piracy tool,” says venunet.com, going on:

“The Cuebot-K worm spreads via AOL Instant Messenger, registering itself as a new system driver service called ‘wgavn’. It carries the display name ‘Windows Genuine Advantage Validation Notification’, and runs automatically during system startup.

“Users who view the list of services are told that removing or stopping the service will result in ’system instability’.”

Once in place, Cuebot-K disables the Windows firewall and opens a backdoor, “which allows hackers to gain remote access, spy on users, and potentially launch distributed denial-of-service attacks,” ads venunet.com.

Meanwhile, firewallleaktester.com has a diminutive application dubbed, appropriately, RemoveWGA which nullifies the notification part without touching Validation.

Get RemoveWGA here, and we’ve also filed a copy here.

Also See:
class-action status - Microsoft sued over WGA, June 29, 2006
Bad PRitis - Disable Microsoft WGA, June 24, 2006
venunet.com - Worm poses as Windows Genuine Advantage, July 4, 2006

Digg this.

p2pnet newsfeeds for your site.
rss feed: http://p2pnet.net/p2p.rss
Mobile - http://p2pnet.net/index-wml.php

This entry was posted on Tuesday, July 4th, 2006 at 8:16 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2350 times

« previous Should ISPs guard your privacy?
Big Music sues Yahoo next »

2 Responses to “WGA worm shows up”

  1. Reader's Write Says:
    July 4th, 2006 at 2:26 pm

    Well BBC is reporting that WGA is putting Microsoft customers off Windows.

    http://news.bbc—————————–17161233595329
    Content-Disposition: form-data; name=”page”

    reply

  2. Reader's Write Says:
    July 4th, 2006 at 2:27 pm

    Well BBC is reporting that WGA is putting Microsoft customers off Windows.

    http://news.bbc.co.uk/1/hi/technology/5144698.stm

Leave a Reply
    Advertisments
Teksavvy