Closed The-NinToaster closed 1 year ago
We live to serve! Thanks!
very happy to see this! ❤️
Thank you so much for forwarding this! We hope to hear back soon!
No problem guys, I'm forwarding any important updates (specially the one where Curseforge may not have been the initial vector) and I'm asking if there is any way we can get this expedited to Microsoft as this is starting to look like a NASTY security issue, has the team considered giving Oracle a call?
I can send a message to Oracle and see if they say anything back to me if it helps Edit: went to the irc channel and so far it seems this isnt a jvm level issue so i'm holding off for now
for easier communication and instant update on our findings, you can join the corresponding irc: https://webchat.esper.net/?channels=cfmalware Ask a mod to get the ability to write
for easier communication and instant update on our findings, you can join the corresponding irc: https://webchat.esper.net/?channels=cfmalware Ask a mod to get the ability to write
Yeah I am on the irc channel, i have dms open with emi as well
The best action to do here is to really alert MS of this to add to their windows defender signatures, that will reduce the current infections.
The best action to do here is to really alert MS of this to add to their windows defender signatures, that will reduce the current infections.
my supervisor has basically put this issue on blast all over github offices teams, and may have reached out to microsoft proper, right now I have no updates as to what microsoft is doing, but i am updating github on the matter as we speak
The best action to do here is to really alert MS of this to add to their windows defender signatures, that will reduce the current infections.
my supervisor has basically put this issue on blast all over github offices teams, and may have reached out to microsoft proper, right now I have no updates as to what microsoft is doing, but i am updating github on the matter as we speak
I BRING UPDATES: MY SUPERVISOR HAS CONTACTED THE DEFENDER TEAM AND MOJANG AS WELL
Does it ultimately matter who their supervisor is?
yes, they need a medal
Can confirm defender is detecting at least 1 part now if not more, downloading a bundle of a bunch of the malicious files causes it to react
Can confirm defender is detecting at least 1 part now if not more, downloading a bundle of a bunch of the malicious files causes it to react
Sick!!
Thanks for your work and to everyone here for letting me work with you for a decent amount of time
Since we can comment on issues again, I am posting this update here for future reference
Wonderful news. Does that mean users should be able to update their definitions to detect this, or not yet? Sorry, I'm not sure how Windows versioning works, in my experience Windows just updates when it wants to.
Great news! Glad to hear that GitHub and Microsoft are working together to stop Fractureiser. Hopefully Microsoft and Mojang stops this soon. Thanks for letting us know about this virus and your work into stopping it.
Great news! Glad to hear that GitHub and Microsoft are working together to stop Fractureiser. Hopefully Microsoft and Mojang stops this soon. Thanks for letting us know about this virus and your work into stopping it.
All work is already done tho.
Great news! Glad to hear that GitHub and Microsoft are working together to stop Fractureiser. Hopefully Microsoft and Mojang stops this soon. Thanks for letting us know about this virus and your work into stopping it.
All work is already done tho.
I know. I realized I was late to the party. Still nice to know tho.
It occurs to me one thing we may want to ask for next time we get an audience such as this with Microsoft or one of its subsidiaries: Better sandboxing support in Windows. Granted this was github and not Microsoft directly, but it was close enough to be discussing Defender patches so.... 💀
People keep replying to this long after it has run its course, so I've locked it.
Hey everyone, I am part of the GitHub Campus Experts program and I just want to let you know that I have raised this issue to my supervisor, who is forwarding it to his team on GitHub, who can reach out to Microsoft and by extension, probably Mojang.
Let's hope this reaches Mojang's ears soon! If there is anything the team needs help with from GitHub proper, I can deliver the message to my supervisor.
Good Luck!