Sophos Cloud Optix
Naked Security reader Thu Win commented on my recent Patch Tuesday article to remind me that Micrososft, sorry, Microsoft, blundered into spell-check shock territory during the latest batch of updates.
There’s quite a bit of online laughter at the mistake, in which the software giant mis-spelled its own domain name in one of the update notifications presented by Windows Update:
I’m guessing that most users don’t bother to research the details behind every Windows Update announcement, so many of you may have applied this update without even noticing the glitch. Sadly for Micrososft, sorry, Microsoft, this one is going to be easy to find online for weeks, thanks to the embarrassingly definitive search term!
(This reminds me wryly of the 1990s Word macro virus, WM/Wazzu. This once-rampant virus randomly added the word “Wazzu” – the nickname for Washington State University – into documents as it spread. In a pre-Google-era form of Google Hacking, you could quickly find out which companies were lax at security simply by searching the web for officially-published corporate documents which contained this otherwise-unlikely word.)
But there’s a serious side to this Microsoft glitch: what about the well-informed users who clicked on the link? It’s not as though it arrived in an email, solicited or otherwise. It was presented by Windows itself, in an official dialog.
Fortunately – at least when I checked – the micrososft.com domain redirects to a domain parking site. (These are websites which collect click-through revenue – possibly only small amounts, but with near-zero effort – using elementary search and redirection facilities. They often aim to find prospective buyers for potentially-interesting domain names.)
It could have been much worse. If the “typosquat” domain name micrososft.com had belonged to cybercrooks, they would have enjoyed an endorsed-by-Microsoft opportunity to foist the malevolent code of their choice on trusting users.
Word is that Microsoft quickly altered the offending link, which now takes you where it should have all along.
Two pieces of advice:
* Look before you leap. If you can, double-check every link before you click it, even if it’s an official link from a well-known brand. If in any doubt, leave it out.
* Proofread everything. That especially includes messages delivered by your software. Don’t rely merely on a spell-check, which can’t easily tell if a web link is correct, since many domain names aren’t real words.
Thanks to Thu Win, who in turn passes on his thanks to the folks on #wikipedia-en and #freenode.
The spelling was fixed when I downloaded the update.
Copy and Paste… always copy and paste, never type by hand… bad micrososft programmer
He probably did Copy and Paste. And then pressed Ctrl S, but Ctrl didn't quite catch. Can happen to the best of us.
MS has fixed this, it is now a non-issue.
But those installed the updates can still see the typo if they look in the view history for that update. In fact, I think it would be forever there until it is pushed off the front page when more updates are released. Hope that doesn't give Microsoft any ideas to many release junk or plasebo updates to push that update off the list.
Malware can often be identified by its typos…
Are you implying Microsoft is releasing Malware to their customers?
. . .but sometimes it can't. Remember that the guys who are serious about FakeAV and so on can easily afford to hire the services of an unscrupulous but good proofreader/copyeditor/UI designer/etc.
Just taking the opportunity to make a joke…
Points taken. I know serious malware authors can spell, and that MS would not intentionally release malware.
I just had a client who picked up a Sophos product and received this email:
http://imageshack.us/photo/my-images/3/welcomeema…
Looks like Sophos fat-fingers keys too 🙂