[Utilizer]

Tor users beware -you may already be infected.

Related link:

http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/

[Utilizer]

Updated link:

http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/

[ImJustAnotherOkie]

There is no escape. The internet is a rigged game.

[Vendome]

Use a virtual machine.

[Tainan]

I read this 3 times - I still do not understand it.

Can someone post a clear explanation. Thanks.

No disrespect meant to the OP - I'm just 'geek-lite.'

[Swordmaker]

It strikes me that no one should be updating their Operating System software using an anonymized TOR connection. . . which is what a TOR is used for. It is a network for persons who want to connect to the Internet anonymously. If you want to update your software, connect without the TOR. Then return to your secret surfing after your software has been updated.

Perhaps software pirates might want this for stolen software? If so, they might deserve what they get.

[Henry Hnyellar]

Shocking.

Or maybe, well duh.

[zeugma]

It was probably a government node.

[TChad]

I bet Steve Gibson's Fingerprint service would have caught this attack.

http://www.computerworld.com/article/2475102/cybercrime-hacking/steve-gibson-s-fingerprint-service-detects-ssl-man-in-the-middle-spying.html

It's good that the modified Windows update files failed their integrity checks and were not installed, but they should never have been downloaded at all.

I just checked, and Windows fixit file downloads are from http://diagnostics.support.microsoft.com. That's not even an https connection.