Skip to main content

BitDefender flags Tiworker.exe as ransomeware



On 11/23, Bitdefender flagged Tiworker.exe as manifesting ransomware behavior


TiWorker.exe, (Windows Module Installer Worker) , is a system process related to Windows Update. When I checked, there is a failed windows security update . When i retried to install the security update, BitDefender thrown same error. It makes me believe this update is doing something, which BitDefender is flagging as Ransomeware behavior



2018-11 Security update is addressing security vulnerabilities in Adobe Flash player. More details of Security advisory Microsoft released can be found Adobe Security Bulletin APSB18-44
More details of the vulnarability itself can be found here

Essentially this vulnerability if not addressed, will allow Remote code execution through adobe flash player version 31.0.0.148 and earlier running on windows desktops, Linux or Mac.

To know which version of flash you are running, go to adobe website here and right click on Adobe player. It will give version information.


The easiest way of addressing this vulnerability is to keep your windows updated with latest security patch. Since BitDefender is flagging this update as dangerous Ransomeware behavior, I will give BitDefender benefit of doubt and wont install this patch until Microsoft and BitDefender figure it out. 
    1. This issue was already reported to Microsoft. You can follow those update here
    2. This issue was already reported to BitDefender. You can follow those update here

Work around

  1. Microsoft recommends "Preventing Adobe Flash player".  I am not a big fan of this as it will block all Flash content on websites.
  2. The other work around is to use Google Chrome browser.   Google Chrome doesn't depend on Adobe flash player version installed on your machine, Instead it maintains it's own internal version and wont be blocked by BitDefender 😃😃😃😃😃😃😃😃



👉👉👉This thread will get updated as progress is made

Labels:

Comments

Post a Comment

Popular posts from this blog

Netbeans 6.0 - Code generation

The Java editor is capable of generating often used constructs for you automatically. Press Alt+Insert to invoke the code generation menu and pick what you want to generate To add import statements: Use error hints : Click on the error mark with the light bulb or press Alt+Enter . It will offer you a list of possible classes to import. Pick the proper hint and you are done Use the import class dialog : Put the caret into the name of an unimported class and press Alt+Shift+I . A list of possible classes to import will appear. Use the smart fix import : Press Ctrl+Shift+I . You will get a dialog that lists all unresolved identifiers in the source. If there is more than one option for resolving the identifier you may choose using the combo box. Classes shown in gray do not fit for some reason. Method exit points : Putting the caret on the return type of a method definition will highlight all places where the method can exit Exception throwing points : Putting the caret on an...
Post a Comment
Read more

Artist got automated

Here is my first Tensorflow run to convert images to different styles of famous painters I am using the code that is available at  https://github.com/lengstrom/fast-style-transfer It uses specific versions of below libraries !apt install ffmpeg !pip install tensorflow==0.12.1 !pip install numpy==1.11.2 !pip install scipy==0.18.1 !pip install pillow==3.4.2 I started with latest version and that triggered failure after failure. If you are like me, add below changes to their respective files #This is to make tensorflow behave as if it is in v1 File : evaluate.py and ./src/transform.py import tensorflow.compat.v1 as tf tf.disable_v2_behavior() #Image functions are removed from scipy.misc module. so use imageio instead import imageio scipy.misc.imsave(out_path, img) --> imageio.imwrite(out_path, img) img = scipy.misc.imread(src, mode='RGB') --> img = imageio.imread(src, pilmode='RGB') Refer this post on more details on imageio changes Here is the ...
Post a Comment
Read more

OnePlus 6T - Android 10 (OOS 10)

Its been more than 3 months since August security patch update. Out of curiosity I checked Oxygen Updater. To my surprise, Oxygen OS v 10 (based on Android 10) is available. Since this is a stable release, i went head and updated it. Its ended up being a buggy release. For those of you, who didnt get update over OTA, its better to wait for OOS 10.1. Here are the list of issue and the workarounds. Issue #1 :  Phone randomly restarts and then goes to boot loop Workaround : when the phone stuck in boot loop (with OnePlus logo animation), Press Power Button and Volume Down button to restart it Issue #2 : Google play wont work Work Around : Booting to recovery and clearing cache is expected to fix this. will update after testing To booting to recovery, Firstly, turn off your phone: press and hold the Power button for a while or press the Power key once and choose ‘power off’. Once the switch off process is completed start pressing and also holding down the Volume Dow...
Post a Comment
Read more