EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

12.29.08

Windows Vista Left Vulnerable Over Christmas

Posted in Microsoft, Samsung, Security, Vista, Windows at 7:49 pm by Dr. Roy Schestowitz

Broken glass

AS WE POINTED OUT on Christmas day, Microsoft left its users/clients vulnerable over the holidays. But there’s actually more than we mentioned at the time. One of our readers points out that new flaws were found — accompanied by exploits — that can hijack Windows Vista and predecessors (Vista was never secure anyway).

The following exploit utilizes the XML vulnerability in Internet Explorer to execute arbitrary code under Vista.

Here is another new one:

A vulnerability was reported in Windows Media Player. A remote user can cause arbitrary code to be executed on the target user’s system.

Over at The Register, it is being reported that Samsung picture frames are dangerous to Windows users (“The disc is needed to use the kit as a USB monitor on windows XP machines”). We’ve covered the follies of Samsung in the past because they stabbed Linux in the back by signing a patent deal with Microsoft.

The BBC labels 2008 an unprecedentedly bad year for security, but surely it won’t get any better in 2009, not when about 40% of all (Windows) machines are zombies and many people are out of work.

Criminal gangs generate so many viruses for two main reasons. Firstly, many variants of essentially the same malicious program can cause problems for anti-virus software which can only reliably defend against threats it is aware of.

Bearing in mind everything that people already know and witness, the BBC does write: “The vast majority of these malicious programs are aimed at Windows PCs. Viruses made their debut more than 20 years ago but the vast majority of that million plus total have been created in the last two-three years.” It later shows the Windows logo above a caption that says “Most attacks are aimed at PCs running the Windows operating system.”

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. Thomas Holbrook II said,

    December 30, 2008 at 5:18 am

    Gravatar

    This doesn’t surprise me in the least. It reminds me of the whole metafile fiasco in which users of Windows were left out in the cold for an entire year. Then Steve Gibson digs a bit deeper and discovers that it was not a bug, but yes… an actual feature. It was one of those things that probably sounded like a good idea at the time (though I personally can’t figure out for the life of me why pictures should be executing binary code in the first place), then was neglected for quite some time.

  2. aeshna23 said,

    December 30, 2008 at 9:01 am

    Gravatar

    I noticed that the vulnerabilities involved using Microsoft products on Vista. Now, I’m sure if one must use Vista or XP, you should Firefox and not IE for security. Should one also use foobar2000 or dbpowerAmp instead of Windows Media Player? I have my suspicions that MS own programs tend to be security risks on Windows platforms than do third party applications–not simply because the hackers hack them more, but by corporate policy of giving these programs greater privileges than ordinary (and sensible) programmers would. Does anyone know if this is the case?

  3. Roy Schestowitz said,

    December 30, 2008 at 9:31 am

    Gravatar

    “I have decided that we should not publish these extensions. We should wait until we have a way to do a high level of integration that will be harder for the likes of Notes, Wordperfect to achieve, and which will give Office a real advantage.”

    Bill Gates [PDF]

    Enough said.

    Think about ActiveX too. It’s about binding the Web browser and Web sites to one operating system.

    “Another suggestion In this mail was that we can’t make our own unilateral extensions to HTML I was going to say this was wrong and correct this also.”

    Bill Gates [PDF]

What Else is New


  1. IRC Proceedings: Monday, October 14, 2019

    IRC logs for Monday, October 14, 2019



  2. [ES] El Kernel de Linux está introduciendo Open Source Privative Software

    Linux, el kernel, continúa su trayectoria o el camino hacia convertirse en software propietario de código abierto (OSPS).



  3. Linux Foundation Board Meeting

    More sponsored keynotes and tweets — like more sponsored articles (or “media partners”) — aren’t what the Linux Foundation really needs



  4. Links 14/10/2019: Linux 5.4 RC3, POCL 1.4, Python 3.8.0

    Links for the day



  5. This Week Techrights Crosses 26,000 Posts Milestone, 3 Weeks Before Turning 13 (2,000+ Posts/Year)

    A self-congratulatory post about another year that's passed (without breaks from publishing) and another milestone associated with posting volume



  6. No Calls to "Remove Gates" From the Board (Over a Real Scandal/Crime), Only to "Remove Stallman" (Over Phony Distraction From the Former)

    Jeffrey Epstein's connections to Bill Gates extend well beyond Gates himself; other people inside Microsoft are closely involved as well, so Microsoft might want to cut ties with its co-founder before it becomes a very major mess



  7. “The Stupidest [Patent/Tax] Policy Ever”

    It’s pretty clear that today’s European patent system has been tilted grossly in favour of super-rich monopolists and their facilitators (overzealous law firms and ‘creative’ accountants) as opposed to scientists



  8. Meme: Software Patents at the EPO

    The evolution of “technical effect” nonsense at the EPO



  9. IRC Proceedings: Sunday, October 13, 2019

    IRC logs for Sunday, October 13, 2019



  10. Firm of Microsoft's Former Litigation Chief Uses Microsoft-Connected Patent Lawsuit Against GNU/Linux (GNOME Foundation) for New Breed of FUD Campaigns

    The patent troll of Bill Gates and Nathan Myhrvold has fed a patent troll that's attacking GNU/Linux and a firm owned by Microsoft's former litigation chief says it proves "Open Source Software Remains a Target"



  11. "Widespread Adoption" (Did You Mean: Takeover by Monopolies?)

    "Quite a few of them are people that would rather replace David with Goliath, just because he's bigger. Quite a few are already taking money from Goliath."



  12. Links 13/10/2019: Red Hat CFO Fired and KDE Plasma 5.17 Preparations

    Links for the day



  13. Bill's Media Strategy Amid GatesGate

    There are many ways by which to game the media’s news cycle — an art mastered by the groper in chief



  14. Hard-Core Micro-Soft

    The word "core" is increasingly being (mis)used to portray user-hostile proprietary software as something more benign if not "open"



  15. Free Software Timeline and Federation: When Free Software Advocacy/Support is a Monopoly Expansion Becomes Necessary

    Support for Software Freedom — like support for Free software (think Red Hat/IBM and systemd) — should be decentralised and compartmentalised to make the movement stronger and adaptable



  16. Projection Tactics

    The corporate media hasn't been doing its job lately; it has systematically defamed the wrong people, perhaps in an effort to distract from 'big fish'



  17. Meme: Richard Stallman Irrelevant

    Saint IGNUcius — Richard Stallman — just isn’t the Saint Bill Gates is



  18. IRC Proceedings: Saturday, October 12, 2019

    IRC logs for Saturday, October 12, 2019



  19. Links 13/10/2019: Mastodon 3.0, GNU Binutils 2.33.1, and the Road to KDE Frameworks 6

    Links for the day



  20. The New York Times About the Real Epstein-Software Scandal (Nothing to Do With Stallman)

    The media is belatedly catching up with and covering the real MIT scandal which extends far beyond MIT



  21. Openwashing Reports Are on Hold

    The need to stress Software Freedom and shun all that "open" nonsense has quickly become apparent; some of the people who oppose Stallman turn out to be "Open Source" proponents who don't even value freedom of expression (free speech)



  22. Support the GNU Project and Support Free Speech

    Techrights is loyal to Software Freedom and those eager to promote it; it cannot, however, support those who don’t support free speech



  23. Today's EPO is Working for Patent Trolls and the 'Aye Pee' (IP) 'Industry' Instead of Science

    The EPO is making allegiances and alliances with groups that represent neither science nor businesses but instead push for monopolies, litigation and extortion; lawlessness appears to have become the EPO's very objective instead of what it intends to tackle



  24. The Campinos Car Crash

    The EPO is crashing and we know who’s to blame other than Battistelli



  25. Software Patents (or Monopolies on Algorithms) Are Not 'Property' and They're Not Even Legally Valid

    The EPO insists that it's OK to grant patents on just about everything and propaganda terms are being leveraged to justify this dangerous attitude



  26. The EPO's Universal Patent Injustice Concealed With Polyglottic Tricks

    The EPO is fooling nobody; it's desperate to hide the very simple fact that Battistelli did something illegal and over the past few years every decision issued by the EPO was legally invalid (as per the EPC)



  27. Microsoft Tweets in Linux Platforms

    This observation about the Linux Foundation seems very appropriate (and true) now that Linux.com’s sole editor is (re)posting Microsoft tweets (shades of Jono Bacon)



  28. Links 12/10/2019: Rspamd 2.0, Kdenlive 19.08.2, Plasma Mobile Progress, FreeBSD 12.1 RC1

    Links for the day



  29. IRC Proceedings: Friday, October 11, 2019

    IRC logs for Friday, October 11, 2019



  30. MIT Scandal in a Nutshell

    What happened a month ago, explained using a meme


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts