The manager who approved this need to be fired. Programs need to ask permission to the user before installing, especially when they’re not device drivers.
This is literal malware and there’s also a chance that it might be exploited (example: a mitm Attack exchanges the file that armory crate is downloading)
This kind of Easter egg is not funny at all, developers must avoid undocumented time bombs. I still remember that day 15 years ago when I turned on my Wii and it said that the system files were corrupted. After hours of reverting a full nand backup via bootmii (and losing 2 years of game saves) it turned out that it was a funny April’s fool by crediar, which put a fake system corruption message when you run his program on April 1st. Problem is that his program was a loader for the system menu so it was unavoidable if you didn’t know that.
Like me, there must be someone paranoid that saw that black bar on the screen, saw a weird Christmas.exe running on their system, and starting wiping or restoring old images to “clean” that.
“do not panic – your device is not compromised.”
meme(always has been)
if someone not you installing crap you dont want isn’t compromised then i dont what is
There is nothing wrong with your device. Do not attempt to adjust the picture. We control the horizontal. We control the vertical.
…We control the treble, and all your bass belongs to us too.
/incredibly ancient joke
If you think the zoomers don’t know about Zero Wing you got another thing coming, buster 😎
I suddenly have the UHF theme song stuck in my head. We gonna make a couch potatah outta you!
the wreath has a memory leak
modern app design and its consequences
More like old app design. It’s much harder (but of course fully doable) to have a memory leak in modern languages.
WDYM “malware like”? It is malware.
it is a very subtile ad for linux
everyone submit a help desk ticket to Asus asking wtf is going on
Another reason to not buy any Asus stuff.
Somebody should create a windows executable to be placed in the WPBT that silently install Linux on first windows boot…
Now ask the non-Christians need to do a class action lawsuit lol
Wot?
awesome, merry christmas
Just like the Mozilla Mr. Robot “Easter egg”
The what?
Windows is a choice. You made it. Congratulations.
This doesn’t have anything to do with Windows. This is ASUS’s fault
Nothing to do with Windows? Are we sure about that? Asus is a Windows OEM that pre installs Windows and has enough privileged access to insert a surreptitious executable compiled specifically for Windows.
Yes, agreed, if they chose a *nix like OS and they had root, they could do the same thing and that would be equally shitty. It is Windows OEMs that exhibit this kind of fsckery and yes we do have a choice.
Nobody could ever execute an installer as root on a Linux system 🙄
Linux squashes root over ssh. An OEM could preinstall a sudo user to get around this but that kind of BS would be their death knell as a vendor.
Found the Linux community admin 🤣
Neither Linux nor Windows but it’s a sensible guess :)
And again, don’t have to deal with this corporate nonsense on my Linux machine. Maybe at work just ask IT to switch your machine to Linux. They likely won’t, but if enough people complain and ask, they might actually start thinking about using sane systems
Maybe at work just ask IT to switch your machine to Linux.
Good luck lmao
Linux on enterprise user endpoints is an insane proposition for most organizations.
You clearly have no experience managing thousands of endpoints securely.
Can confirm, from the IT side of things my hands are tied until the people talk management into it.
But good luck getting them to give up on Microsoft 365. 🤢
I’m the CTO 😈
Having said that, it’ll take at least a year to shift, I have little illusion about it being fast and easy. Well also always need some teams because most of our customers use it and if you want customers, you now need teams.
Fuck you Microsoft
365 is the web browser one isn’t it?
The godawful web browser drek, yeah
Microsoft rebadged their cloud stuff from office 365 to Microsoft 365. This was to harmonize their offerings for enterprise customers. But it also incorporates all of the desktop software too.
If it’s unwanted, disruptive, and (allegedly) impacts performance, that’s not “malware-like”. It’s malware.
It also automatically reinstalls itself through a BIOS feature. That’s advanced level malware.
Right? I thought I read that wrong!
To disable future crap like this you gotta do it in the FUCKING BIOS? Wtf Asus…
Confirmed, windows 11 is malware.
The seven windows 11 users disagree with you
(I am not one of them)
Removed by mod
I did not reply because it was obvious I made a mistake (as a partially blind person does when reading small text.) And you took a widely accepted community name and format and gave it your own twist, then sent a PM that was obviously looking for drama. Which is further obvious here.
before you guys upvote him, please read the discussion.
this guy came to my instance, read what I wrote, typed out a report and submitted it; he blames blindness and small text for not knowing which instance he was on, but neither of those issues prevented him from reading my post (it was a post about abuse, in a community I created, on my own instance) and reporting it. That’s why I banned him. He’s using a disability as an excuse to get away with offensive behavior (ignoring me when I tried to discuss the issue privately first).
Yes, disabled people can behave offensively. Some disabled people can be selfish. Some of them hurt people, then walk away without apologizing, and blame their disability instead of themselves. To me, that’s abusive, and I call it out instead of letting people get away with it, because I’ve suffered enough at the hands of people who make excuses instead of being accountable.
This doesn’t help you at all, even if we ignore the other users disability.
Someone reported your post on your instance and community because they thought it broke a rule, even though it didn’t. That happens all the time in communities, we see it here multiple times per day.
Then you PM them, which they didn’t feel the need to reply to. So you then looked for one of their recent comments to attempt to publicly shame them and force them to respond, and are now trying to save face when people tell you you’re wrong.
This isn’t acceptable behavior from a mod or an admin, do better.
Edit: and replying “banned lol” to anyone who disagrees with you, hope after the 3 day ban here you’ll matured a bit.
The post was on all, I never went to your instance until after I sent the report and realized I made a mistake, to which I already admitted to having made a mistake publicly. Now you are following me to other instances and harassing me, and trying to bully me because I did not reply to a PM that I saw at about the same time I saw your reply to this unrelated thread.
You are acting like the report hurt you in some way. If you are this thin skinned about moderating and instance administration you may want to step back.
ok
thanks!
Removed by mod
Not a good look
Removed by mod
From where, exactly?
Ban me too, please? I’d prefer to not stumble across whatever you’re hosting.
Preach.
Thanks for cleaning up, I am sorry my error spilled over into this thread.
Why are you offended by someone else’s disagreement?
I think the title indicates that it’s like the malware known as “Christmas.exe”.Edit: I have too much faith in humanity…
The title is pushing the narrative that “real companies” doing hostile bullshit isn’t “real malware”.
When companies ship malware, it should be called malware.
Most malware is corporate shitware.
Compared to the wealth of pop-ups, ads and tracker cookies ubiquitous in every website that are burning down forests so they can run black box algorithms to optimize dark patterns for extracting as much revenue as possible while working the sweatshop poor to the bone - worming their way into everything without the condom of extensions - a cryptostealer disguised as ChatGPT_NFT_money_explosion.exe made by some teenager in albania feels… benign.
From the article:
Even worse, the malware-looking Christmas wreath is linked to a process called “Christmas.exe.”
So the process was actually called that. It popped up on my machine this morning and I immediately started scanning the whole system for malware and searching to see if anyone else had this problem.
Jesus Christ what the fuck.
When you turn on your PC and notice that there’s a huge Christmas banner on your desktop, do not panic – your device is not compromised.
Hah, well a vendor just pushed unapproved executable to the device and ran it without consent. Under any definition or other context it’s definitely compromised.
This is why I boycott Logitech, they started pushing the Logitech Download Assistant through Windows Update as soon as you connect a Logitech mouse/keyboard.
It autoruns not only when it is first installed but on every startup.
It is rather annoying to try and uninstall it, I don’t get why there has been so little backlash against this…
Microsoft permitting this is devaluing Windows Update, the driver (.inf) should be installed automatically, any executable file that WU wants to download and run on your computer should just bring up a small Windows notification saying something like this:
The device you just installed requests to download and run the following program from Windows Update:
Logitech Download Assistant
Will you approve or reject this request? Approve/Reject
It is just terrible that this is permitted
I get this request sometimes on my work machine. Guess what? I don’t even have the rights to install it. Insanity
It’s almost as if the PC doesn’t belong to you anymore
This is why I boycott Logitech
You should boycott Microsoft instead. As you say, they’re the ones permitting it.
I would if I could, but I work with Windows and if I migrate to Linux at home, my skills in Windows would dimminish
Wouldn’t your skills be kept sharp by using it at work?
It doesn’t work like that for me I am afraid.
“skills in windows” is a hilarious thing to type. Merry Christmas.
Sigh, why, why do you do feel the need to put other’s down over something as irrelevant as an operating system?
But since Windows require zero skills, then even you may stand a chance to solve the following tasks that I have had to deal with within Windows.
- List all users in the local admin group of all workstations, if a group is part of the local admin group, expand it and list individual users, oh and some users/groups are still on an old domain.
- Whitelist a new USB device in GPO.
- Make a report of all computers in the organization, get the current system model number, memory, storage space, free storage space, check weather or not the computer is ready for Windows 11, sort the list by department and primary user.
These weirdos have Linux as their entire identity and it’s become all consuming for some of them.
I just block anyone who is shilling Linux too much as it gets boring quickly, and I use Linux myself as of recently but it isn’t all that amazing and it requires a good amount of configuration, contrary to what people on here will tell you.
Linux is amazing, I use it regularly for diferent projects.
I even dailied Ubuntu 15 years ago, but then switched back to Windows for gaming and work.
I’m in IT too. My experience is that if you use Linux at home and Windows at work you just end up skilled at both. At one point I was even using a Macbook at work (wouldn’t have even been a consideration if WSL was just a little better), using a Windows jump server or a VM for my Windows-y ops, and I became skilled at all 3 OS’s.
All of that is to say that your skill won’t decrease if Windows is still being used, especially if you’re using it in a professional context.
This is really the wrong sub thread to discuss this, this was my reply to someone laughing at the concept of Windows skills.
As for you comment, I am glad that it works like that for you, it doesn’t for me.
Removed by mod
How likely are any of those at home?
Powershell is very useful to use at home, maybe not in those exact tasks, but it is a Windows skill.
Work a help desk shift supporting windows users and see if you still say that.
im guessing you use arch btw
Cannot confirm, I have a g903, paired mouse pad, and their brio webcam. I only have the G Hub, which I installed manually. Maybe they stopped this behavior?
It won’t be listed under programs and features, here you have more info:
https://www.tenforums.com/software-apps/147661-how-remove-logitech-download-assistant.html
Yeah, I have neither the mentioned files in sys32 or the entry in dev mgr. This might be discontinued?
I had windows update try to brick the BIOS on my Lenovo workstation recently. I can’t believe Microsoft and manufacturers do this kind of shit. Luckily my workstation had dual BIOS so I could recover it. Between that and the fact that lenovo manufacturer locks their processors I would have waited until I could afford a supermicro had I known.
That shits on Lenovo because I never had an issue with Microsoft updating the UEFI of HP machines of our clients.
I’m not trying to protect lenovo. I think they are a shit company now, and I should have some my research better before buying my computer, but they aren’t the only ones doing this. Anyone who’s done BIOS updates knows that shouldn’t be done automatically, but manufacturers and Microsoft seem to think it’s a good idea to push it through automatic updates.
Especially when there’s a chance that the bios update resets the tpm and if the user has enabled bitlocker (automatically done in background without user consent on windows 11 if using a Microsoft account) then they need to type the decryption key to boot again.
Happened twice on my laptop
Never said HP are saints either. Just my anectode of it not happening (yet).
I never knew about this (using Linux) but when I plugged my mouse onto a friend’s laptop and suddenly a big banner animated onscreen, my heart sank lol. No idea how this works but it was pretty unexpected.
I try not to be too Linux fanboish these days, but what in the ever loving fuck is that about? Windows sounds like it’s reverted to 90s/early 2000s novelty crap and browser toolbars.
It sucks because I’ve always liked Logitech hardware. Though I suppose you don’t need to run the software suite (or if you’re on Linux it isn’t an option anyway).
Welp, seems ASUS motherboards also push this by default: https://www.techpowerup.com/248827/asus-z390-motherboards-automatically-push-software-into-your-windows-installation
During testing for our Intel Core i9-9900K review we found out that new ASUS Z390 motherboards automatically install software and drivers to your Windows 10 System, without the need for network access, and without any user knowledge or confirmation. This process happens in complete network-isolation (i.e. the machine has no Internet or LAN access).
This is how cheats are installed on LAN competitions
Similarly (above), I can’t confirm this either, on two different Asus boards, still in support/updates. I’m assuming this requires their software to be installed, which there’s no point to, so I didn’t bother… Maybe it’s part of their armory crate system, which can (should) be disabled in the bios…
What does it do with Linux?
The ASUS UEFI firmware exposes an ACPI table to Windows 10, called “WPBT” or “Windows Platform Binary Table”. WPBT is used in the pre-built OEM industry, and is referred to as “the Vendor’s Rootkit.” Put simply, it is a script that makes Windows copy data from the BIOS to the System32 folder on the machine and execute it during Windows startup - every single time the system is booted.
So, sounds like a Windows-specific
vulnerabilityfeature.Make a read only file/folder with the same name and the script should fail. But that is horseshit.
Holy shit. I got Logitech peripherals, and an ASUS motherboard. I’m glad I’m on Linux. I still have Windows installed, and booted into it around 2 weeks ago, after it having lied dormant for four months. I didn’t notice anything being installed, but maybe I had to reboot first.
Quite possibly, my peripherals and motherboard are all too old to have this anti-feature. Do you know if there is a list of which of their hardware this is the case for?
Damnit, I always preferred Logitech mice. I guess I might have bought my last one.
What’s Logitech have to do with it
deleted by creator
