EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

01.22.09

One Windows Worm, One Week, and Possibly 250,000,000+ New Windows Zombies

Posted in Microsoft, Security, Windows at 6:14 am by Dr. Roy Schestowitz

Time for urgent “Change”

THIS IS A HUGELY important issue that we tracked a few days ago. We already knew that almost 1 in 2 Windows PCs had become zombie PCs, but it keeps getting worse. According to this report, as many as one in three Windows PCs may have been occupied by one single worm in a matter of just days! That’s how serious it is.

The computer worm responsible for the biggest attack in years has infected at least 1 out of every 16 PCs worldwide, a security company said Wednesday, and may have managed to compromise as many as nearly 1 in 3.

This may be the right time to contract law-makers or regulators and make a request for new laws to be applied to bad platforms that can leave people dead.

The victims of this latest storm are so many and the BBC says that even a UK-based Fire and Rescue service is downed by its use Windows, which came under virus attack.

Strathclyde Fire and Rescue has said its IT network has “come under attack from a computer virus”.

Once again, this is costing lives.

Vista and Vista 7, as we pointed out a few days ago, are not immune. It’s more of the same.

Windows worm trickery for Vista

The Conficker virus has opened a new can of worms for security experts.

Drives such as USB sticks infected with the virus trick users into installing the worm, according to researchers.

Microsoft would like naive reporters to propagate the perception that this could happen to anyone, but it was Microsoft itself that said: “Our products just aren’t engineered for security.” Well, now they find out?

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

8 Comments

  1. David Gerard said,

    January 22, 2009 at 9:50 am

    Gravatar

    I’m quite pleased to see that press articles I’ve seen on the subject make it clear this is a Windows problem, not one that affects all computers.

    (One story suggested in the headline it would affect Linux systems running Wine – which is a real concern, as Wine is good enough to run most worms – but the end of the story asked if anyone had seen Conficker running in Wine and could verify it actually did anything. ?!)

  2. Roy Schestowitz said,

    January 22, 2009 at 10:27 am

    Gravatar

    That’s like saying that the chef is dangerous because he carries a knife (for chopping carrots and stuff).

  3. David Gerard said,

    January 22, 2009 at 10:38 am

    Gravatar

    Well, yeah. It’s quite easy for an app to break out of its WINEPREFIX (referred to as “bottles” in CrossOver), so Wine-aware malware could certainly trash your home directory, try to read your Firefox passwords, etc. (This is not easy to reliably secure against, and the Wine project isn’t bothering to try. If you really want to run toxic waste in Wine, create a new user and do it there.) However, much like theoretical Mac OS X or Linux viruses, there remain 0 examples in the wild.

  4. David Gerard said,

    January 22, 2009 at 10:39 am

    Gravatar

    The key point was, the article was basically an attention-grabbing headline that was actually a complete lie. Ad-banner trolling.

  5. Roy Schestowitz said,

    January 22, 2009 at 10:44 am

    Gravatar

    Which article?

  6. David Gerard said,

    January 22, 2009 at 3:25 pm

    Gravatar

    This one:

    http://network.itproportal.com/articles/2009/01/21/linux-windows-7-beta-could-be-hit-downadup-worm/

    Page 1: “Furthermore, there are rumours that even Linux could be affected by the Worm if they run Wine, an application that allows Linux to execute programs written for the Windows environment. In theory, the virus would only affect the Windows partition rather than the whole operating system.”

    Page 2: “It would be great if someone could confirm the Linux rumours and Wine’s autorun.inf capabilities.”

    i.e. we made up some rubbish to give a splash headline.

  7. Roy Schestowitz said,

    January 22, 2009 at 3:30 pm

    Gravatar

    Extra extra!

    Chef Could Murder Waiter

    Page X: “It would be great if someone could confirm the chef cut the waiter and not onions.”

  8. Yggdrasil said,

    March 31, 2009 at 7:18 pm

    Gravatar

    Where exactly do you get this figure of 250 million? That number is 100 million more than the total number of Internet users in the United States alone. One of your references from Panda Security suggests rates anywhere from 1 in 16, all the way to 1 in 3. Why so high? Because as the article states, Panda security based this data on machines that had come to the website to have their machine scanned. Imagine the percentage of people who go to the doctor due to symptoms of illness, you might find a high percentage who are sick. Everything else was pure speculation, with little hard evidence. While, I’m not surprised you use the worse figure you could find, I’m surprised you don’t better analyze the sources you use to test their integrity. This reflects poorly on you.

    Late January, UPI reported 15 million Conficker infections:

    http://www.upi.com/Top_News/2009/01/25/Virus_strikes_15_million_PCs/UPI-19421232924206/

    But the real nitty gritty from the article is here:

    “Symantec noted on its blog last week that very few computers in North America had been infected, a trend which it attributed to the greater prevalence of legal and fully patched software.”

    In several other places on this site you note that there is no way to be safe with Windows, yet as the article shows, legitimate installed were not affected. Not only because security updates are downloaded, but since XP SP2 the Windows Firewall is enabled by default.

    While you dispute the obscurity of Linux on the desktop, it’s interesting to note that even popular distros like Ubuntu do NOT have a firewall enabled be default. This is unwise, regardless of how many countless security updates are installed.

What Else is New


  1. Links 27/8/2016: Torvalds and GPL, “DOD Must Embrace Open-Source Software”

    Links for the day



  2. Links 26/8/2016: Maru OS Resurfaces, Android More Reliable Than 'i' Things, PC-BSD Becomes TrueOS

    Links for the day



  3. Good Job, David Kappos, Says the 'Boss' (IBM)

    Responses to the latest call against Alice (eliminator of many software patents), courtesy of the man from IBM (still paid by IBM) who was responsible for the policy that blindly approved a lot of software patents in the US



  4. Being for Patent Quality or Against Patenting Excess Does Not Make You Anti-Patents

    Like IAM, which tries to portray sceptics and critics of software patents as "anti-patents", IP Watchdog (or Watchtroll as we call it) is 'trolling' the Electronic Frontier Foundation, simply because it expressed an opinion that patent maximalists cannot tolerate



  5. Erosion of Patent Quality Enables Patent Extortion With Large Portfolios of Low Validity Rate

    Revisiting the EPO's vision of poor patent examination and the effect of discriminatory granting practices, favouring patent bullies such as Microsoft (which actively attacks Linux using low-quality and usually pure software patents)



  6. The EPO's Francesco Zaccà Presenting in Turin Alongside Patent Trolls (Like the Patent Mafia Sisvel) and Lobbyists/Front Groups for Software Patents, UPC

    Benjamin Henrion (FFII) on seeing the EPO alongside patent trolls and other nefarious actors, doing what they do best, which is undermining public interests and harming patent quality



  7. The EPO, USPTO, and Patent Microcosm Peddle Myths About Patents in Public Universities and Research

    Tackling some of the commonly-spread myths about patents as "saving lives" and "promoting research" (in practice leading to the death of poor people and promoting trolls)



  8. Large Corporations' Lobbyist David Kappos Disgraces Former Employer USPTO by Meddling in Their Affairs on Software Patents, Downplaying the Supreme Court

    The latest lobbying from David Kappos, who blatantly exploits his connections in patent circles to promote software patents and work towards their resurgence after Alice v CLS Bank



  9. Journal of Intellectual Property Law and Practice Calls the European Patent Office “Rotten”, Other Sources Scrutinise Recent Moves

    The patent office which was once known for being the best bar none is rotting under the Frenchman Benoît Battistelli, who made himself and his friends the main clients of the Office



  10. PTAB Emerges as Hero of USPTO Because Quality of Patents Improves, Software Patents Are Effectively Dead (or Dying Once Reassessed)

    With help from the Patent Trial and Appeal Board (PTAB) -- not just patent courts -- software patents drop like flies by the thousands



  11. Creative Technology, Now Operating in 'Patent Troll' Mode, Shot Down by the ITC; Jawbone Too Shot Down

    Some good news from the U.S. International Trade Commission (ITC), which may have put an end to Creative's new war on Android (using old patents)



  12. Corporate Media in India Misrepresents Startups to Push for Software Patents

    A parade of misinformation as seen in Indian (but English-speaking) press this week as questions about patentability of software resurface



  13. Links 25/8/2016: Linux Turns 25, NetworkManager Turns 1.4

    Links for the day



  14. Links 24/8/2016: More From LinuxCon, Uganda Wants FOSS

    Links for the day



  15. Links 23/8/2016: GNOME 3.22 Beta, Android 7.0 Nougat

    Links for the day



  16. The Linux Foundation Gives Microsoft (Paid-for) Keynote Position While Microsoft Extorts (With Patents) Lenovo and Motorola Over Linux Use

    This morning's reminder that Nadella is just another Ballmer (with a different face); Motorola and Lenovo surrender to Microsoft's patent demands and will soon put Microsoft spyware/malware on their Linux-powered products to avert costly legal battles



  17. Not Just President Battistelli: EPO Vice-Presidents Are Still Intentionally Misrepresenting EPO Staff

    Evidence serving to show that EPO Vice-Presidents are still intentionally misrepresenting EPO staff representatives and misleading everyone in order to defend Battistelli



  18. Battistelli the Liar Causes a Climate of Confrontation in French Politics, Lies About Patent Quality (Among Many Other Things)

    Battistelli's lies are coming under increased scrutiny inside and outside the European Patent Office (EPO), where patent quality has been abandoned in order to artificially elevate figures



  19. The Collapse of Software Patents and Patent Law Firms Trying to “Overcome” Alice

    The United States continues its gradual crackdown on software patents (which are viewed as abstract and thus unpatentable), whereas in Europe things are murkier than ever



  20. Apple's Patent Wars Against Android/Linux Make Patent Trolls Stronger

    Apple's insistence that designs should be patentable could prove to be collectively expensive, as patent trolls would then use a possible SCOTUS nod to launch litigation campaigns



  21. Links 22/8/2016: Linux 4.8 RC3, Linux Mint 18 “Sarah” KDE Beta

    Links for the day



  22. Links 21/8/2016: Apple and Microsoft Down, Systemd Spreading to Mount

    Links for the day



  23. Links 20/8/2016: Android Domination, FSFE summit 2016

    Links for the day



  24. Patents Roundup: Trolls Dominate Litigation, PTAB Crushes Patents, Patent Box Regime Persists, and OIN Explains Itself

    Another roundup of patent news from around the Web with special focus on software patenting



  25. The Cost/Toll of the 'New' EPO and Where All That Money Goes or Comes From

    The European Patent Office has become a servant of the rich and powerful (including large foreign corporations) and even its own employees now pay the price associated with misguided new policies (or 'reforms' as Battistelli habitually refers to these)



  26. Links 19/8/2016: Linux Mint With KDE, Linux Foundation's PNDA

    Links for the day



  27. The End of an Era at the USPTO as Battistelli-Like (EPO) Granting Policies Are Over

    The United States is seeing the potency of patents -- especially software patents (which make up much of the country's troll cases) -- challenged by courts and by the Patent Trial and Appeal Board (PTAB)



  28. Battistelli's European Patent Office Goes to the United States to Speak About the UPC and Software Patents

    The European Patent Office is showing its utter contempt -- not just disregard -- for the very fundamental rules that put it in its place and brought it into existence



  29. Turkey Subjected to the European Patent Convention (EPC) But Benoît Battistelli is Not?

    The ‘constitutional crisis’ at the European Patent Office in the context of Turkey, which has signed "the EPC and as such recognises the competence and the decisions of the institutions which have been introduced in the convention."



  30. Links 18/8/2016: EFF Slams Vista 10, Linux Foundation Makes PNDA

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts