F
frank.secada
I don't know if anyone has seen this here, but I noticed that after
running windows update in August (about 2-3 weeks ago), my backups were
failing for having too many files changing after they were copied into
a new directory.
The way I run backups, I add a step to restore files to a spare hard
drive and compare against the originals. usually, the result is that,
out of almost a million files, maybe two or three hundred differ, and
that can be explained by downloaded updates, changes to itunes or real
player libraries, software I'm writing or changes to documents, etc.
but after my latest backups, I'm finding thousands of files not
matching on compares. And these are files which haven't changed in a
long time. Like Java libraries, source samples or docs, etc.
I tested this without the backup, just copying files from one directory
to another, and found it was easy to reproduce just using xcopy. I ran
a posix 'cmp' on two copies of a .jpg file and found that the new one
was filled with bytes containing 'df'. I'm assuming that MS is padding
all data files with a set pattern, to prevent malicious code being
hidden there in a buffer overflow ?
Has anyone else seen this? Has MS published the nature of this change
and what filetypes it affects? Thanks much for the help
running windows update in August (about 2-3 weeks ago), my backups were
failing for having too many files changing after they were copied into
a new directory.
The way I run backups, I add a step to restore files to a spare hard
drive and compare against the originals. usually, the result is that,
out of almost a million files, maybe two or three hundred differ, and
that can be explained by downloaded updates, changes to itunes or real
player libraries, software I'm writing or changes to documents, etc.
but after my latest backups, I'm finding thousands of files not
matching on compares. And these are files which haven't changed in a
long time. Like Java libraries, source samples or docs, etc.
I tested this without the backup, just copying files from one directory
to another, and found it was easy to reproduce just using xcopy. I ran
a posix 'cmp' on two copies of a .jpg file and found that the new one
was filled with bytes containing 'df'. I'm assuming that MS is padding
all data files with a set pattern, to prevent malicious code being
hidden there in a buffer overflow ?
Has anyone else seen this? Has MS published the nature of this change
and what filetypes it affects? Thanks much for the help