In a curious role reversal, users looking to crack the new Windows Vista OS are in fact getting their PC's security "cracked" as well.
Malware makers have capitalized on the rising demand of users looking to crack downloaded pirated copies of Vista, and have made a new one that is actually a a trojan-carrier which will install "Trojan-PSW.Win32.LdPinch.aze" onto your PC.
The crack download is circulating as "Windows Vista All Versions Activation 21.11.06," and claims to be able to activate any version of Vista.
According to BitTorrent useres who have posted reviews of the crack, apparently most anti-virus scanners can recognize the Trojan, but NOD32 and the latest software from Norton doesn't.
In another disturbing bit of news for those looking to upgrade to Vista, its is reported that one can bundle software into a Vista install DVD. Thus, the copy of Vista you may be downloading may not necessarily be what was shipped from Redmond and could include malware.
In a recent interview with Dan Warne and James Bannan , Microsoft's John Pritchard warns about how pirated copies of Windows Vista could easily be bundled with malware.
 James Bannan: Out of interest, this all does rely on the image having been sysprepped, is that right? Because even though it is a similar deal with XP, even if the drivers are there, it does still need to run through that setup process of assigning drivers to hardware. With WIM, I assume you couldn’t just do a clean build, capture, inject the drivers, and drop it back on? It would still need to run through the driver allocation?
John Pritchard: With the actual released build of Vista, a user can mount the install.wim file on the Vista install DVD, mount it and put the drivers in themselves through the command line utilities.
When they unmount it, they’d have to burn another DVD of course, but they could have put drivers in there with it mounted into the file system. The drivers are actually injected into the right locations in there.
That’s with an image that comes from Microsoft; if they want to build their own golden machine, they have to reboot it, boot into something like WinPE, and then use ImageX to capture the image, and once you’ve got that WIM image, you can inject drivers into it just like the Microsoft-supplied WIM.
Dan Warne: A lot of drivers nowadays come bundled up into EXE files that install everything into the right place for you. How would you inject those into a WIM image?
John Pritchard: You can actually do that with the unattend.xml file. You would put those EXE files on the disk and let the unattend process install them. If you look at the Windows System Image Manager, it has the capability to say, “look at these packages on a distribution share, and run these drivers as an application after you have built the system.”
James Bannan: at what point in the install do those apps run?
John Pritchard: They’re done in part seven, that’s after the system has been built, before logon. Now, with the EXE packaged drivers, you can install them onto your golden machine, then build an image based on that. That’s the other way of doing it, of course.
Dan Warne: I know that I have a cynical journalist’s mind, but isn’t that a bit of a risk for malware to be injected into Vista install DVDs, given that those apps are executed before logon?
John Pritchard: Yes, well I would certainly recommend when people are looking at any content they make sure they have the approved and hologrammed DVDs to make sure they’re dealing with the genuine product, to get away from not knowing where the source comes from. But if they have got control of the unattend and built it themselves then hopefully they know what they are putting on it.
Either way, the whole story reminds me of just how much I dread upgrading to the new Vista OS. XP works fine, and I see no real reason to have to take my system apart for a whole "wipe and swipe" when nothing's broken and somebody has yet to tell me just what is so great about Vista. I mean, does it make me a cup of coffee in the morning or what?
RELATED NEWS and "HOW TO" GUIDES
SOULXTC: "walkin' the streets of P2P"
 |
http://blogs.zdnet.com/Bott/?p=125
the sad thing is MS spent like 10 billion dollars creating it! What a huge waste of capital and effort.....
think of all the ingenuous things they couldve come up by throwing all that cash into R&D!....but then again it is MS, they wouldve just used it to buy somebody elses work...:)