back to article Microsoft warns of worm ransomware, finds fix in Windows 10 upgrade

Microsoft is warning of a wormable ransomware that infects removable drives on versions of its operating system below Windows 10. The ZCrypt scumware is distributed through old but effective methods of phishing emails, Word document macros, and fake Adobe Flash installers. It drops a warning notice in a HTML file informing …

  1. hplasm

    How very...


    1. Anonymous Coward
      Anonymous Coward

      Re: How very...

      Indeed, given the disgusting levels of malware like tricks to trick users into upgrading, I really wouldn't put it past Microsoft to have written this themselves....

    2. a_yank_lurker

      Re: How very...

      I wonder if Slurp is not mentioning that W10 is also vulnerable because they are trying to use the panic to force migration W10. Though the accusation that Slurp may actually be behind this can not be totally ruled out.

  2. Destroy All Monsters Silver badge

    In time for 1st of June!

    Nice non-WiX "operating system" you got there. Shame if something infected it, right?

  3. Anonymous Coward
    Anonymous Coward

    I wonder..

    I wonder .. just how much Microsoft paid people to develop that :)

    Quick reality check on last remaining copy of Win XP in a VM:

    The ZCrypt scumware is distributed through old but effective methods of phishing emails, Word document macros, and fake Adobe Flash installers.

    - phishing emails: I use Thunderbird, don't read email on Windows, and yet I still check such things anyway (left over Windows habit). No problem.

    - Word document macros: LibreOffice doesn't execute them. No problem

    - fake Flash installers: removed Flash ages ago, and my browser tells sites it's an iPad. Not a problem*.

    So no problems at all, really.

    * I suppose I could get caught out with a fake Flash UNinstaller, but I've done that now :). That being said, I do check where things are downloaded from (as before, left over Windows habits).

    1. Robert Helpmann??

      Re: I wonder..

      ...pirate... sites [should be] avoided.

      - Hear no evil.

      The ZCrypt scumware is distributed through old but effective methods of phishing emails, Word document macros, and fake Adobe Flash installers.

      - See no evil.

      Macros should also be banished

      - Say no evil

      ...and porn sites [should also be] avoided.

      - Have no fun.

  4. Dan 55 Silver badge

    Win 7, 8, and IE11 still receive security updates

    So where are they?

  5. Anonymous Coward
    Anonymous Coward

    If microsoft are telling people to upgrade OS to avoid viruses that's probably a good idea. Linux mint is a much better alternative.

    1. Anonymous Coward
      Anonymous Coward

      No inbuilt spyware "telemetry" either B-)

      ...although I'm more inclined to switch to OpenSUSE myself

  6. Anonymous Coward
    Anonymous Coward

    Dear MS.

    The EOL for windows 7 is 2020 i believe.

    So, get the vuln patched. Immediateamont-toot-sweet(sic)

    I dont WANT WinX

    I dont want Edge.

    I DO want you to honour your promise of security updates for older OS's.

    Fuck me, how many more times are WE going to have to tell YOU that a significantly large proportion of us DONT WANT WinX... Scare tactics like this will NOT change that stance.


  7. Anonymous Coward
    Anonymous Coward

    Get Windows 10

    We'd hate to see anything happen to that nice working PC you have.

    And we'll be round for the protection money after you do.

    Love, the Microsoft Gang

  8. Rich 11 Silver badge


    ...recommends users protect themselves by first upgrading to Windows 10

    F off.

    and porn sites avoided.

    See above.

  9. King Jack


    Just when I thought they could not sink any lower. Well they said they weren't finished with cranking it up.

    1. Mark 85

      Re: Scum

      There's probably more to come... see Icon for instructions.

  10. anthonyhegedus Silver badge

    Use Edge? The browser with the search bar that is never where you think it is (try it, I dare you..!)? Why not give proper advice like "Use a modern browser that isn't IE"? Seriously, they can't use security advisories as advertising, that's unfair practice.

    1. Updraft102

      It's the new Microsoft. Nothing is off-limits if it gets them closer to 1 billion Win 10 devices.

      Using Windows Update, a formerly trusted mechanism for updating Windows and other MS software to spread adware? Not a problem!

      Using Windows Update to disseminate adware disguised as a security update for IE? Sure!

      Pushing people who have no idea what a backup is to perform a potentially risky in-place upgrade without letting them know about that risk (we can't have anyone backing out of the upgrade just because it might bork their PC)... Certainly.

      Changing their nagware so that the "X" that has always meant "No" now means "Yes?" Why not?

      There appears to be no depth to which Microsoft will not sink to spread their malware to 1 billion devices.

  11. Captain Badmouth

    Desperate times....

    require desperate ideas.

    Still M$ are giving us all a good laugh.

  12. VinceH

    Wait - I'm confused. Are they talking about GWX? That's been likened to Malware - and it doesn't run on Windows 10!

  13. Anonymous Coward
    Anonymous Coward

    I am about as likely to avoid porn sites as I am to install windows 10.

  14. jason 7

    And it could all go away... standard user accounts were the default instead of Admin ones.

  15. Anonymous Coward
    Anonymous Coward

    I see Microsoft is now employing the "Touch your toes and take one for the team" method of forcing windows 10 upgrades by opening back doors.

    Shame on you Microsoft.

  16. inmypjs Silver badge

    Not a vulnerability

    Installing a trojan by running something from a dodgy website is not a vulnerability that can or needs to be patched.

    Installing from an Office macro - would be an Office vulnerability if anything.

    That the trojan doesn't work on Windows 10 is either a bug in the trojan or Windows 10 failing to run a legacy application. Don't know what Microsoft thinks it is bragging about.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not a vulnerability

      Installing a trojan by running something from a dodgy website is not a vulnerability that can or needs to be patched.

      It should not be "patched", it should not be possible to install said trojan unawares in the first place.

  17. Anonymous Coward
    Anonymous Coward

    Windows 10 IS the new worm ransomware!

    nuff said

  18. Aodhhan

    Appears a lot of 11 year old girls are posting.

    Let's all bitch about having to upgrade... something you have to do with any OS, application, architecture etc. What, you don't want to upgrade so a problem is fixed? ...then stop griping; you've made your decision so stand by it like an adult.

    ...and give a pass to the morons and cheats who write the malicious code. This way when you do become a victim, you can be happy with the fact you didn't upgrade.

    1. Anonymous Coward
      Anonymous Coward

      Re: Appears a lot of 11 year old girls are posting.

      I'm quite concerned you associate being forced to do something with 11 year old girls.

      Upgrading is one thing, being forced to accept a completely alternative operating system is another.

      1. aghasee

        alternative operating system

        "Upgrading is one thing, being forced to accept a completely alternative operating system is another."

        I've been forced by Redmond to accept a completely alternative operating system.

        It goes by the name of Linux.

        The transition was in no way painless, but I'll never look back. SWMBO loves it and the kids went "Hey how nice! Our computer now has Android on it!"

    2. zero2dash

      Re: Appears a lot of 11 year old girls are posting.

      Not upgrading to Win10 ≠ not wanting to fix a problem.

      Apparently you don't know the definition of a "trojan horse".

      Forgetting about the questionable telemetry and encrypted data transmission - if you're OK with your OS removing your ability to control updates, thereby changing >20 years of policy, then by all means enjoy.

      Home users shouldn't have to concede control over their own bought & paid for hardware just to satisfy the whims of whatever blowhard is the flavor of the month at MS. If you think for one second that MS has never published and released an update (or a few dozen) that have 'never' hosed machines rendering them non-bootable, well I've got ocean front property in AZ to sell you. Heck, there are still unresolved issues with 10 (such as the disappearing task bar and non-working Start menu) that they haven't even fixed yet, despite the OS being "rapid rollout". But surely, the future will be better though, eh?

      There are plenty of other options out there, from "not upgrading" to "running *nix". The backhanded compliment of "making upgrading EASY" that MS has bestowed upon everyone running 7 or 8.1 makes the fruit even more rotten because over the last year they have made it increasingly more difficult for someone who DOES NOT want the upgrade, to NOT GET the upgrade. Disabling updates completely is not an acceptable solution when the OS is supported for 4 more years with security patches and updates; however, disabling updates completely IS THE ONLY WAY to NOT get the upgrade.

      The notion that "you MUST upgrade to not be affected" and the insinuation that "by not upgrading we're not going to patch your OS even though we've promised to do so because there's 4 years left on the clock" is gutter trash.

      1. Updraft102

        Re: Appears a lot of 11 year old girls are posting.

        If the vulnerability still exists in 7 or 8, MS had better get to patching, as they're still obligated to keep them up to date until 2020 and 2023 respectively.

    3. Ropewash

      Re: Appears a lot of 11 year old girls are posting.

      I think I'll copy/paste this to a .txt so the next time (and it's coming) MS push out a brick patch I can open that file up and have a laugh.

      Here's how updates should go;

      I have two Manjaro boxes with different UI's and software for differing tasks. Each day at midnight a little box pops up to let me know what updates are available and which issue(s) each update fixes. I can pick and choose what I'd like to upgrade from that list and the dependencies will be listed for each one so I can choose whether or not the ends justify the means.

      See what they did there?

      "I" choose what to update and when, they aren't just hammering 650+ program patches at me when I'm not looking and then tell me it's for my own good when my system no longer boots.

      If you love forced updates and in fact forced whole OS 'upgrades' then feel free. I'll just wait here for the next infinite boot loop article.

      P.S. Yes, one of those machines (that I'm typing this on) has 650+ updates waiting. Why a rolling release if I'm not going to let it roll? Again, My choice.

      1. a_yank_lurker

        Re: Appears a lot of 11 year old girls are posting.

        Antergos as my main OS, a close relative of Manjaro, and it does the exact same thing. There is a pop saying updates are available. I can review the updates, choosing the ones I want, review the update if I want. Also, the updates state which packages are being updated and the installation occurs when I give my explicit permission.

  19. CompUser

    Microsoft has tried every dirty trick they could to get people to upgrade to Windows 10.

    Now they are trying to scare people into upgrading.

    I suppose its implied that Microsoft intends to throw the users of all the earlier versions of Windows under the bus.

    Microsoft is gettting more and more desperate.

  20. Mark 85

    And then this past weekend I read that the Chinese are really pissed with the MS tactics and the problems with Win10...

    Sent the link to El Reg but so far it seems to have been ignored.

    1. Captain Badmouth

      Re : Fortune cookie link

      Sounds really interesting. Perhaps the Chinese will get the litigation ball rolling on win10.

      OOps new update

      Looks like M$ are starting to play real hardball as you lot say over there.

  21. Updraft102


    In order to minimize the risk of some very bad software that I very much do not want getting on my PC, I have to install some other slightly less bad software that I also very much do not want on my PC?

    The odds of me picking up the malware in question are slim, given that I am reasonably sensible in my online activities. The consequence is terrible, but it's also very unlikely.

    If I install Windows 10, the negative impact will certainly be far less objectionable than than getting ransomware, but the odds of that impact will be 100%.

    I'll take my chances.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like