EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

01.22.09

One Windows Worm, One Week, and Possibly 250,000,000+ New Windows Zombies

Posted in Microsoft, Security, Windows at 6:14 am by Dr. Roy Schestowitz

Time for urgent “Change”

THIS IS A HUGELY important issue that we tracked a few days ago. We already knew that almost 1 in 2 Windows PCs had become zombie PCs, but it keeps getting worse. According to this report, as many as one in three Windows PCs may have been occupied by one single worm in a matter of just days! That’s how serious it is.

The computer worm responsible for the biggest attack in years has infected at least 1 out of every 16 PCs worldwide, a security company said Wednesday, and may have managed to compromise as many as nearly 1 in 3.

This may be the right time to contract law-makers or regulators and make a request for new laws to be applied to bad platforms that can leave people dead.

The victims of this latest storm are so many and the BBC says that even a UK-based Fire and Rescue service is downed by its use Windows, which came under virus attack.

Strathclyde Fire and Rescue has said its IT network has “come under attack from a computer virus”.

Once again, this is costing lives.

Vista and Vista 7, as we pointed out a few days ago, are not immune. It’s more of the same.

Windows worm trickery for Vista

The Conficker virus has opened a new can of worms for security experts.

Drives such as USB sticks infected with the virus trick users into installing the worm, according to researchers.

Microsoft would like naive reporters to propagate the perception that this could happen to anyone, but it was Microsoft itself that said: “Our products just aren’t engineered for security.” Well, now they find out?

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

8 Comments

  1. David Gerard said,

    January 22, 2009 at 9:50 am

    Gravatar

    I’m quite pleased to see that press articles I’ve seen on the subject make it clear this is a Windows problem, not one that affects all computers.

    (One story suggested in the headline it would affect Linux systems running Wine – which is a real concern, as Wine is good enough to run most worms – but the end of the story asked if anyone had seen Conficker running in Wine and could verify it actually did anything. ?!)

  2. Roy Schestowitz said,

    January 22, 2009 at 10:27 am

    Gravatar

    That’s like saying that the chef is dangerous because he carries a knife (for chopping carrots and stuff).

  3. David Gerard said,

    January 22, 2009 at 10:38 am

    Gravatar

    Well, yeah. It’s quite easy for an app to break out of its WINEPREFIX (referred to as “bottles” in CrossOver), so Wine-aware malware could certainly trash your home directory, try to read your Firefox passwords, etc. (This is not easy to reliably secure against, and the Wine project isn’t bothering to try. If you really want to run toxic waste in Wine, create a new user and do it there.) However, much like theoretical Mac OS X or Linux viruses, there remain 0 examples in the wild.

  4. David Gerard said,

    January 22, 2009 at 10:39 am

    Gravatar

    The key point was, the article was basically an attention-grabbing headline that was actually a complete lie. Ad-banner trolling.

  5. Roy Schestowitz said,

    January 22, 2009 at 10:44 am

    Gravatar

    Which article?

  6. David Gerard said,

    January 22, 2009 at 3:25 pm

    Gravatar

    This one:

    http://network.itproportal.com/articles/2009/01/21/linux-windows-7-beta-could-be-hit-downadup-worm/

    Page 1: “Furthermore, there are rumours that even Linux could be affected by the Worm if they run Wine, an application that allows Linux to execute programs written for the Windows environment. In theory, the virus would only affect the Windows partition rather than the whole operating system.”

    Page 2: “It would be great if someone could confirm the Linux rumours and Wine’s autorun.inf capabilities.”

    i.e. we made up some rubbish to give a splash headline.

  7. Roy Schestowitz said,

    January 22, 2009 at 3:30 pm

    Gravatar

    Extra extra!

    Chef Could Murder Waiter

    Page X: “It would be great if someone could confirm the chef cut the waiter and not onions.”

  8. Yggdrasil said,

    March 31, 2009 at 7:18 pm

    Gravatar

    Where exactly do you get this figure of 250 million? That number is 100 million more than the total number of Internet users in the United States alone. One of your references from Panda Security suggests rates anywhere from 1 in 16, all the way to 1 in 3. Why so high? Because as the article states, Panda security based this data on machines that had come to the website to have their machine scanned. Imagine the percentage of people who go to the doctor due to symptoms of illness, you might find a high percentage who are sick. Everything else was pure speculation, with little hard evidence. While, I’m not surprised you use the worse figure you could find, I’m surprised you don’t better analyze the sources you use to test their integrity. This reflects poorly on you.

    Late January, UPI reported 15 million Conficker infections:

    http://www.upi.com/Top_News/2009/01/25/Virus_strikes_15_million_PCs/UPI-19421232924206/

    But the real nitty gritty from the article is here:

    “Symantec noted on its blog last week that very few computers in North America had been infected, a trend which it attributed to the greater prevalence of legal and fully patched software.”

    In several other places on this site you note that there is no way to be safe with Windows, yet as the article shows, legitimate installed were not affected. Not only because security updates are downloaded, but since XP SP2 the Windows Firewall is enabled by default.

    While you dispute the obscurity of Linux on the desktop, it’s interesting to note that even popular distros like Ubuntu do NOT have a firewall enabled be default. This is unwise, regardless of how many countless security updates are installed.

What Else is New


  1. Links 19/8/2019: Another Linux 5.3 RC, OpenSUSE's Richard Brown Steps Down, Slackware Creates Patreon Page, Qt 6 Initiated

    Links for the day



  2. Speaking Truth to Monopolies (or How to Write Guest Posts in Techrights)

    We need to have more articles tackling the passage of all power — especially when it comes to software — to few large monopolies that disregard human rights or actively participate in their abolishment in the digital realm



  3. Guarding and Rescuing the FSF Titanic: Free as in Speech

    "While a new breed of so-called anarchists campaign against expression that even the state allows, people are also foolishly overplaying the relevance of the state to free speech issues -- as if it's not a freedom issue when a project is increasingly thought-policed, because the thought-policing isn't on a state level."



  4. Toxic Culture at Microsoft

    Racism, intolerance, sexism and bullying are rampant at Microsoft; but Microsoft would rather deflect/divert/sidetrack to Google and so-called 'GAFA'



  5. Guarding and Rescuing the FSF Titanic: Introduction

    "The FSF isn't just threatened, it will hit a large iceberg in the future that changes it permanently."



  6. Linux Journal and Linux.com Should Have Been Kept Going

    There's apparently no good explanation for the effective shutdown of Linux Journal and Linux.com; London Trust Media Holdings (LTMH), owner of Linux Journal, saw numbers improving and the Linux Foundation, steward of Linux.com, is loaded with money



  7. 2019 Microsoft Glossary

    How Microsoft internally interprets words that it is saying to the public and to the press



  8. 2019 Surveillance Glossary

    Distortion of technical and nontechnical terms in this day and age of '1984'



  9. Openwashing Report: It's Getting Worse, Fast. Everything is Apparently 'Open' Now Even Though It's Actually Proprietary.

    The latest examples (this past week's) of openwashing in the media, ranging from 5G to surveillance



  10. GitHub is a Dagger Inside Free/Open Source Software (FOSS); This is Why Microsoft Bought It

    A year later it seems pretty evident that Microsoft doesn’t like FOSS but is merely trying to control it, e.g. by buying millions of FOSS projects/repositories at the platform level (the above is what the Linux Foundation‘s Jim Zemlin said to Microsoft at their event while antitrust regulators were still assessing the proposed takeover)



  11. Microsoft Grows Within and Eats You From the Inside

    Microsoft entryism and other subversive tactics continue to threaten and sometimes successfully undermine the competition; Microsoft is nowadays doing that to core projects in the Free/Open Source software world



  12. Links 18/8/2019: New KNOPPIX and Emmabuntus Released

    Links for the day



  13. Links 17/8/2019: Unigine 2.9 and Git 2.23

    Links for the day



  14. Computer-Generated Patent Applications Show That Patents and Innovations Are Very Different Things

    The 'cheapening' of the concept of 'inventor' (or 'invention') undermines the whole foundation/basis of the patent system and deep inside patent law firms know it



  15. Concerns About IBM's Commitment to OpenSource.com After the Fall of Linux.com and Linux Journal

    The Web site OpenSource.com is over two decades old; in its current form it's about a decade old and it contains plenty of good articles, but will IBM think so too and, if so, will investment in the site carry on?



  16. Electronic Frontier Foundation Makes a Mistake by Giving Award to Microsoft Surveillance Person

    At age 30 (almost) the Electronic Frontier Foundation still campaigns for privacy; so why does it grant awards to enemies of privacy?



  17. Caturdays and Sundays at Techrights Will Get Busier

    Our plan to spend the weekends writing more articles about Software Freedom; it seems like a high-priority issue



  18. Why Techrights Doesn't Do Social Control Media

    Being managed and censored by platform owners (sometimes their shareholders) isn’t an alluring proposition when a site challenges conformist norms and the status quo; Techrights belongs in a platform of its own



  19. Patent Prosecution Highways and Examination Highways Are Dooming the EPO

    Speed is not a measure of quality; but today's EPO is just trying to get as much money as possible, as fast as possible (before the whole thing implodes)



  20. Software Patents Won't Come Back Just Because They're (Re)Framed/Branded as "HEY HI" (AI)

    The pattern we've been observing in recent years is, patent applicants and law firms simply rewrite applications to make these seem patent-eligible on the surface (owing to deliberate deception) and patent offices facilitate these loopholes in order to fake 'growth'



  21. IP Kat Pays the Price for Being a Megaphone of Team UPC

    The typical or the usual suspects speak out about the so-called 'prospects' (with delusions of inevitability) of the Unified Patent Court Agreement, neglecting to account for their own longterm credibility



  22. Links 17/8/2019: Wine 4.14 is Out, Debian Celebrates 26 years

    Links for the day



  23. Nothing Says 'New' Microsoft Like Microsoft Component Firmware Update (More Hardware Lock-in)

    Vicious old Microsoft is still trying to make life very hard for GNU/Linux, especially in the OEM channel/s, but we're somehow supposed to think that "Microsoft loves Linux"



  24. Bill Gates and His Special Relationship With Jeffrey Epstein Still Stirring Speculations

    Love of the "children" has long been a controversial subject for Microsoft; can Bill Gates and his connections to Jeffrey Epstein unearth some unsavoury secrets?



  25. Links 16/8/2019: Kdevops and QEMU 4.1

    Links for the day



  26. The EPO's War on the Convention on the Grant of European Patents 2000 (EPC 2000), Not Just Brexit, Kills the Unitary Patent (UP/UPC) and Dooms Justice

    Team UPC continues to ignore the utter failures that have led to lawlessness at the EPO, attributing the demise of the Unified Patent Court (UPC) to Brexit alone and pretending that it's not even a problem



  27. Links 15/8/2019: GNOME's Birthday, LLVM 9.0 RC2

    Links for the day



  28. 'Foundation' Hype Spreads in China

    Nonprofits seem to have become more of a business loophole than a charitable endeavour; the problem is, this erodes confidence in legitimate Free software and good causes



  29. Links Are Not Endorsements

    If the only alternative is to say nothing and link to nothing, then we have a problem; a lot of people still assume that because someone links to something it therefore implies agreement and consent



  30. The Myth of 'Professionalism'

    Perception of professionalism, a vehicle or a motivation for making Linux more 'corporate-friendly' (i.e. owned by corporations), is a growing threat to Software Freedom inside Linux, as well as freedom of speech and many other things


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts