The bug affects anyone who downloaded CCleaner version 5.33 or updated their version between August 15 and September 12. Talos is advising anyone who's worried to roll back their systems to a time before August 15, or reinstall them. They will also need to update to the latest version of CCleaner 5.34.
This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates
I guess Nirvana would be hacking Microsoft update servers or Google itself
Edited by bobbb, 18 September 2017 - 12:47 PM.