|
|
|
|
|
|
by cyberpunk
689 days ago
|
|
|
The driver is some kind of AV/Signature detection hook. E.g check every open() for this list of checksums and refuse to open known viruses style system. The 'update' was a borked definition file which triggered a bug in that system. It's not code execution without signing, and I think probably they do want these files to be updated hands free. The real problem was the lack of testing, rather than the actual mechanism I think. |
|
|