Eye on Microsoft: Ransomware, Botnets, Critical Flaws, and Insecure Microsoft File Types
- Dr. Roy Schestowitz
- 2009-07-28 07:18:43 UTC
- Modified: 2009-07-28 07:18:43 UTC
●
Smut page ransomware Trojan ransacks browsers
Russian cybercrooks have come up with a variant of ransomware scams, which works by displaying an invasive advert for online smut in users' browsers that victims are extorted to pay to remove.
●
The Business of Botnets
Kaspersky Lab released some interesting statistics recently in a technical whitepaper. As part of its research into the cyber-underground, the company took a look at how botmasters are pricing the networks under their control.
●
Microsoft to fix critical hole in IE
In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.
●
Microsoft to Issue Emergency Patches Next Week
The advance notification advisory that Microsoft released about these upcoming patches doesn't say so explicitly, but a spokesperson for the company confirmed that the updates will address a critical security flaw in collection of code that Microsoft uses in a number of places in Windows. Having a vulnerability in this so-called "code library" is especially dangerous because Microsoft also provides this library to third-party software makers to help them build programs that can leverage certain built-in features of Windows.
●
Insecure by design: MS Office formats
You see, when you're opening an Office document today, you're not just opening static words, images, or numbers. You're actually starting a program that uses Microsoft Office as its interpreter. And, no matter whether you're using Word 2,0 formats or the 2008's 7,000+ pages mis-mash of 'standard' ECMA-376 Office Open XML file formats, there is no built-in network security layer. Instead, there is a mis-mash of fixes for one problem or the other.
Also see:
Emergency, Botnets, and No Remedy
Recent Techrights' Posts
- Oracle's Debt Grew by Over 50 Billion Dollars in 6 Months
- Larry Ellison spent a lot of money buying a lot of the corporate media
- What Linus (Torvalds, the Linux Dude) Meant by "Show Me the Code"
- "Show Me the Code" is a common cultural reference
- XBox Will Not Last Much Longer, XBox Chief Admits Problems
- Microsoft's latest "results"
- What May 1 Means to Us (and to Many Others)
- To me, May 1 means something
- Microsoft Lunduke is 'Pulling a Garrett' by Turning Technical and Legal Debate Over Rust Into a 'Trans Debate'
- Don't fall for the demagogue
- Microsoft "Buyout" Offer is Less Than One Year's Salary
- So our assumption about this was correct
- In New Letter Sent to Chair and Heads of Delegation of the Administrative Council of the European Patent Organisation the Staff Union Explains How to End European Patent Office Strikes
- If Campinos continues to behave as he does right now, the Council can show him the door
- Microsoft Debt Rose Almost $50 Billion Since We Moved to Debian
- GAFAM has a new name for debt
-
- Links 01/05/2026: Microsoft 'Headcount' Decreasing, Apple Quietly Killing Vision Pro
- Links for the day
- In Praise of Debian
- 30 hours ago we began an upgrade
- Yes, GNU/Linux Can Run on Playstation 5, But Don't Buy It, Learn From Sony's Past of Rootkit and PS3 Betrayal
- Millions of Playstation 3 owners will never forget what Sony did to them
- Dealing With Demagogue in Free Software
- Don't spread their ideology and never participate in any of their projects
- Links 01/05/2026: Regulatory Trouble for Apple, Now Even Mozilla Pushes Back Against Google
- Links for the day
- The Corrupt Lecture the Non-Corrupt - Part X - European Patent Office Managers Have Crossed Red Lines, According to Themselves
- The girlfriend of the President of the European Patent Office (EPO) is trying to muzzle EPO critics
- Techrights is Still Growing, Attacking Techrights Does Not Weaken the Community
- Bullying us for 2+ years does not result in fear, it results in us feeling more emboldened and motivated
- SLAPP Censorship - Part 63 Out of 200: Graveley as a Stripped-Down Version of Garrett in the Particulars of Claim (5RB Barrister Could Do This in One Minute)
- Lazily and sloppily, it looks like the barrister took Garrett's claims and tweaked them a little (shortened) for Graveley
- Lots of People Leave IBM, Today IBM Has About 1,000 Workers Fewer Than Yesterday
- Confluent "last day" for 800+ people
- Been a Very Busy Week
- Next week, as we have no upgrades to prepare for, we should be able to publish at the usual pace of 20+ pages per day
- Links 01/05/2026: Poems and Continuous Privacy Policy
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, April 30, 2026
- IRC logs for Thursday, April 30, 2026
- Google News Sloppy Again
- Today was disappointing
- European Patent Office Management Mocked for Trying to 'Bribe' Staff With a Little Food
- The Office is having a crisis; a little breakfast treat won't solve it
- SLAPP Censorship - Part 62 Out of 200: Garrett and Graveley Issue Astounding Copy-Paste Masterpiece Asserting Publicly-Accessible Embarrassing Facts Must Remain Hidden
- Are Garrett and Graveley twins separated at birth but joined by GNOME and Microsoft?
- Links 30/04/2026: Barrage of Lawsuits Against Slop, Microsoft's Stock Crashes
- Links for the day
- Microsoft Says Mass Layoffs Are Coming and Puts a Price on Them
- Microsoft will shrink
- The Corporate Media Intentionally Overlooks How Google's Debt Trebles in Just Over a Year
- We'll soon see how much more money Microsoft has borrowed
- (Trigger Warning) Jeremy Bicha & Debian-Edu, TecKids, Ubuntu incest scandal at DebConf25
- Reprinted with permission from Daniel Pocock
- Upgrade Successful
- we had a downtime of only 1-2 minutes overall (for two reboots)
- Links 30/04/2026: Slop Industry Cannot Keep Up With Bills, "The World Is Getting Too Hot to Feed Itself"
- Links for the day
- Then Come the DDoS Attacks
- Is someone trying to 'kill' Techrights?
- The Corrupt Lecture the Non-Corrupt - Part X - Deliberately Violate European Patent Convention (EPC), Tolerate Cocaine Use in Management, Hide That From Staff and Stakeholders
- The "Alicante Mafia" (as staff calls it) is a disgrace to Europe
- The Register MS Running Spam Pieces for Huawei, a Banned Company
- Money does not excuse bad behaviour
- Apparently Last Day for Nearly 1,000 Confluent Workers IBM Laid Off Last Month
- IBM is a dying company pretending to be strong because of its age
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, April 29, 2026
- IRC logs for Wednesday, April 29, 2026
- Gemini Links 30/04/2026: Outdoor Time, Old Computers, and Joining Geminispace
- Links for the day
- In Past 6 Months IBM Lost About 100 Billion Dollars in 'Value' While Debt Ballooned to 70 Billion Dollars
- Welcome to a universe of fake finances and phony accounting based on fictional assets with made-up 'worth'
- Dr. Andy Farnell on Weaponising Morality Against Technofascism and Slop
- It's longer than a "tweet", so social control media addicts are likely mentally unfit to read it
- Six Months
- Techrights will be around (and active) for a very long time to come
- If We Move Everything to Devuan...
- IRC, Git, Apache and so on
- Why We Publish "The Corrupt Lecture the Non-Corrupt"
- We intend to report the facts, fearlessly, until real and lasting solutions are reached
- SLAPP Censorship - Part 61 Out of 200: Garrett and Graveley Must Understand That Reporting Women's Issues in the United States of America (“the US”) is Not Impermissible
- when you cover Microsoft corruption and have real effect
- Weeks After Mass Layoffs of Red Hat Engineers We Learn of European "Buyouts" and Layoffs at IBM
- At Microsoft, they tell us there are merely "buyouts", but they don't tell us what happens if you say "no!"
- OS Upgrade Tentatively Scheduled for Tomorrow
- We have some contingencies in case the upgrade goes wrong
- Campinos is a Lame Duck President This Year at the European Patent Office (EPO)
- The strikes are not ending. If anything, they intensify further.
- Links 29/04/2026: LLM Chatbot Usage Goes Down Sharply (as Do Stocks Associated With Them), Microsoft's Circular Financing Accounting Fraud at Risk
- Links for the day
- Gemini Links 29/04/2026: Returning to an Exodus and Farewell APU
- Links for the day
- Slop Has a Long Way to Go Before It Gets Basic Facts Right
- Please do not rely on slop for anything
- The Corrupt Lecture the Non-Corrupt - Part IX - European Patents That Are Illegal (But Serve Non-European Monopolists in Exchange for 'Quick Cash')
- People who shamelessly violate the European Patent Convention (EPC) have the audacity to lecture workers on "ethics"
- Canonical is Selling You, Ubuntu is a Data-Collecting Platform
- Canonical is looking for money in the wrong places
- Links 29/04/2026: "Snowden Affair 13 Years Later" and "Landmark Data Center Pause"
- Links for the day
- Seems Like Only Techrights Covered IBM Laying Off About 33% of Confluent Staff
- How can such a large round of layoffs evade today's media?
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, April 28, 2026
- IRC logs for Tuesday, April 28, 2026
- Gemini Links 29/04/2026: Bad Diet, New Middle Ages, and Temperature Model
- Links for the day
