this post was submitted on 28 Jul 2024
24 points (83.3% liked)
Cybersecurity
5685 readers
7 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
from the page itself
Removing Edge may cause update failure loop. Install Edge, install all Windows updates, then remove Edge.
Some reports of Windows Defender blocking this. Disable Defender first.
those as separate cases would make it second guess using it, the fact they both are there, I wouldn't personally use it. there is also reports from virustotal that it isnt safe, if you used this software already, I highly recommend a deep cleanse of your system
that being said, the "source" page of it looks genuine, but definitely a hard hack, if it is as the commit claims and it is the MS setup executable, which can't be confirmed source
That Python script is basically just running
setup.exe
(which has no apparent source code). Definitely doesn't look genuine in the slightest.its running setup.exe with the values --uninstall --system-level --force-uninstall, which sound good as long as the setup.exe is actually the MSedge setup file as it claims, current checksums do not match though, but this could be that the setup was changed from now and when it was added last year, but you can't verify it. That being said, the rest of the code does indeed remove the residue edge from the system, which if the exe wasnt uninstalling it would cause problems as you operated it. That being said, yes you can't verify it without knowing the current setup file version, and having the original to validate the checksum.
Didn't realize Edge actually had a file named setup.exe used for uninstalling. Though it's quite suspicious they'd include their own file instead of using the one already included with Edge.
I'm still looking into it myself tbh, so far I checked the checksums of the file itself, and the one that was active for the commit date 1/6/23 and the current edge installer exe, none of them match the file in the repo I don't personally trust it either. The command line parameters are valid though, as in they appear to match the expected command line for the setup.exe file that should be in
%PROGRAMFILES(X86)%\Microsoft\Edge\Application\xxx\Installer
, with XXX being your edge version.