Leaked copies of Windows 7 RC contain Trojan

By Gregg Keizer, Computerworld |  Security, BitTorrent, Windows 7 4 comments

May 04, 2009, 1:47 PM Pirated copies of Windows 7 Release Candidate (RC) on file-sharing sites contain malware, according to users who have downloaded the upgrade.

Windows 7 RC, which Microsoft Corp. will officialy launch tomorrow, leaked two weeks ago, with copies first appearing on BitTorrent tracking sites on April 24.

Some of the pirated builds include a Trojan horse, numerous users said in message forums and in comments on BitTorrent sites such as Mininova.org.

"Just a warning for anyone downloading the new RC builds of windows 7. Quiet [sic] a lot of the downloads have a trojan inbedded [sic] in the setup EXE," said someone identified as Frank Fontaine on a Neowin.net discussion thread. "The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe."

Fontaine's antivirus software identified the "codec.exe" file as a generic Trojan.

"Suspicious codec.exe!" reported someone labeled as "UltimateGTR" on Mininova, commenting on one of the 32-bit builds.

Another Mininova commenter, "WuNgUn," identified the malware as the "Falder" Trojan, which downloads fake security software, dubbed "scareware," to PCs and installs a rootkit to hide from legitimate antivirus products.

Microsoft, which has cited potential infection as a reason to steer clear of unauthorized downloads, jumped on the news. "This unfortunately shows that there are those out there who see the significant interest in something such as Windows 7 as an opportunity to try to take advantage of others," said Alex Kochis, director of Microsoft's Genuine Windows anti-piracy technology group, in a post to a company blog on Friday.

Windows 7 RC is not the first leaked software found to harbor attack code. In January 2009, for example, security experts warned that pirated copies of Apple Inc.'s then-new iWork '09 suite contained a Trojan horse that hijacked Macs.

Microsoft will let the general public download Windows 7 RC on Tuesday, but has not said what time it will make the upgrade available. Subscribers to TechNet and the Microsoft Developers Network (MSDN) have been allowed to download the RC since last Thursday.

4 comments

    Anonymous 2 years ago
    I have tried so many different types of scans to help keep my PC running at its best and one thing that I discovered is that they all tend to find the same types of bugs. The main difference between them all is the price that you pay. Recently I discovered Search-and-destroy Antispyware at http://www.Search-and-destroy.com and I really like it a lot. Antispyware solution from Search-and-destroy is one of the best scans I have ever used and I’m sure that you will be very happy with it as well. Go ahead and give it a try, you will be glad you did!
    Flag comment  |  Permalink Reply
    Anonymous 2 years ago
    You are obviously a USER. Don't stifle the innovation and drive of the the folks who wish to use the latest and greatest. YOU benefit from it. Seriously. Think about it. They work out the bugs, then YOU can use it... Bug free. Well, it is software.. You get my point (I hope.) You obviously don't know how the computer industry works, and you fancy yourself a geek. You sir, are not! You are a typical user who WANTS to be a geek. Get with the program! You remind me of Harry Potter's uncle. Maybe you could get someone to explain it to you.
    Flag comment  |  Permalink Reply
    Anonymous 2 years ago in reply to Anonymous
    First of all, please excuse my English as it is not my native language.I'm sorry to say that unfortunately, if Microsoft (MS) made good and reliable products, we (IT professionals) would have noticed a long time ago.Despite the fact that we (users) have waited for MS to deliver stable software, there will be no discussion (I hope....) about the fact that only XP qualifies for an acceptable Operating System (OS), that is if you comply to formatting your hard drive every other year.Let us not even talk about the "blue screens", the Vista fiasco.....Finally, if we (users) want to take advantage of our machines (not everyone, especially now, has a Cray system at hand....), how about trying ANY major Linux flavor (Ubuntu, Kubuntu, Xubuntu, Suse, ZenWalk,.....) ? Now we're talking about reliable software. And guess what ? It's FREE !!!Of course, you could choose to stick with software developed by a handful of people who HAVE to do it (or look for a new job...) or try something that millions of people work on BECAUSE THEY LOVE TO DO IT......Of course, if you have MS shares...... (and it's a bad time to sell too.....)
    Flag comment  |  Permalink Reply
    Anonymous 2 years ago
    Quit tryin to get the latest and greatest before it's released. I wish MS would officially laugh in their faces!
    Flag comment  |  Permalink Reply

      Add a comment

      Post a comment using one of these accounts
      Or join now
      At least 6 characters

      Note: Comment will appear soon after you have activated your account.
      Obscene/spam comments will be removed and accounts suspended.
      The information you submit is subject to our Privacy Policy and Terms of Service.

      ITworld LIVE

      SecurityWhite Papers & Webcasts

      White Paper

      Overcome Top 7 Admin Challenges of Active Directory

      As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable, enforceable processes that reduces administrative overhead and enables robust, customizable reporting and auditing capabilities. Brought to you by NetIQ.

      White Paper

      Insiders Can Ruin Your Company. Take Action.

      Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in organizations worldwide. This white paper from NetIQ, discusses key technology solutions that help to prevent and detect insider threats.

      White Paper

      Top Solutions and Tools to Prevent Devastating Malware

      Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts. This white paper has been brought to you by NetIQ, the leader in solving complex IT challenges.

      White Paper

      Streamline Compliance and Increase ROI

      Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will help your business gain the maximum return on investment possible while aligning your compliance programs.

      White Paper

      X-Ray of the PCI Process-4 Proactive Steps

      This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into creating a compliant and secure IT environment. Follow these four proactive steps now before your next audit. Brought to you by NetIQ.

      See more White Papers | Webcasts

      Answers - Powered by ITworld

      ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

      Join Now

      New questions

      How well does facial recognition work for device security?
      0 answers
      What type of enterprise user is going to use Ubuntu Business Desktop Remix?
      1 answer
      How much will the security flaws in Google Wallet set back the transition to "digital wallets"?
      2 answers
      What can be done to control noise levels in data centers?
      1 answer
      What mobile apps are the worst offenders to user privacy?
      2 answers
      View more questions

      Ask a question

      Join Now or Sign In to ask a question.
      Ask a Question