Eye on Microsoft: Ransomware, Botnets, Critical Flaws, and Insecure Microsoft File Types
- Dr. Roy Schestowitz
- 2009-07-28 07:18:43 UTC
- Modified: 2009-07-28 07:18:43 UTC
●
Smut page ransomware Trojan ransacks browsers
Russian cybercrooks have come up with a variant of ransomware scams, which works by displaying an invasive advert for online smut in users' browsers that victims are extorted to pay to remove.
●
The Business of Botnets
Kaspersky Lab released some interesting statistics recently in a technical whitepaper. As part of its research into the cyber-underground, the company took a look at how botmasters are pricing the networks under their control.
●
Microsoft to fix critical hole in IE
In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.
●
Microsoft to Issue Emergency Patches Next Week
The advance notification advisory that Microsoft released about these upcoming patches doesn't say so explicitly, but a spokesperson for the company confirmed that the updates will address a critical security flaw in collection of code that Microsoft uses in a number of places in Windows. Having a vulnerability in this so-called "code library" is especially dangerous because Microsoft also provides this library to third-party software makers to help them build programs that can leverage certain built-in features of Windows.
●
Insecure by design: MS Office formats
You see, when you're opening an Office document today, you're not just opening static words, images, or numbers. You're actually starting a program that uses Microsoft Office as its interpreter. And, no matter whether you're using Word 2,0 formats or the 2008's 7,000+ pages mis-mash of 'standard' ECMA-376 Office Open XML file formats, there is no built-in network security layer. Instead, there is a mis-mash of fixes for one problem or the other.
Also see:
Emergency, Botnets, and No Remedy
Recent Techrights' Posts
- Techrights and Tux Machines Subjected to Cyberattacks for Several Weeks
- In the past I spoke to the cybercrime unit of British Police. Maybe it's time to do so again.
- Microsoft Under Investigation for Breaches of Law in the UK
- Just like the Microsofters
-
- The Corrupt Lecture the Non-Corrupt - Part XXX - Where Was "The Ethics and Compliance Team" When the Family of EPO President Campinos Was Caught Doing Cocaine?
- It remains to be seen if national delegates will tolerate this in future meetings
- Gemini Links 22/05/2026: Esperanto Music History, Suspicious Adoption of Signal, and Unauthorised LLM Slop in Code
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, May 21, 2026
- IRC logs for Thursday, May 21, 2026
- Links 21/05/2026: "Declining America" and Why Slop 'Code' is Made to Fail
- Links for the day
- The Register MS Has Become a 'Content' Farm Promoting Slop for Hostile Corporations
- Now they call it "PARTNER CONTENT" - not "SPONSORED" - as if semantics make the difference
- Latest Example of Widespread Fake Assertions (False News) About "Hey Hi"
- The false narrative of "Hey Hi layoffs"
- Links 21/05/2026: Facebook Rewarded With Tax Breaks to Destroy the Environment and Cause Global Warming, Shortages, Pollution; SpaceX (SPCX) Continues Losing Billions of Dollars
- Links for the day
- Codecs and Software Patents - Part VIII - GNU Audio/Video Team Has Chosen the AV1 Video Codec and It Explains Why (They've Researched Their Options)
- AV1 video codec will be used to encode and share GNU videos online
- Dr. Stallman Helps Establish Free Software Advocacy Outside the Free Software Foundation (FSF) as Well
- The ideals or principles of Free Software needn't be centralised or monopolised; they can be federated
- 22 Years of Tux Machines and a Community Stronger Than Ever Before
- We've already received some feedback from the community and improved it accordingly
- More Microsoft Layoffs on the Way (June and July 2026)
- with or without PIPs
- LWN Sponsored by the Linux Foundation (Monopolies)
- We must be able to casually point this out
- The Corrupt Lecture the Non-Corrupt - Part XXIX - European Patent Office (EPO) Tells Staff "Speaking up" is Good, But Not When the "Brother-in-law" of EPO's President Does Cocaine
- Do we still have a functioning democracy and potent press?
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, May 20, 2026
- IRC logs for Wednesday, May 20, 2026
- Gemini Links 21/05/2026: Immigration, Slop, and Slop 'Code' Suggestions Infesting Code Repositories
- Links for the dayGemini Links 21/05/2026: Immigration, Slop, and Slop 'Code' Suggestions Infesting Code Repositories
- GAFAM is Connected to Misogyny, Almost All Founders Divorced
- They're not good people, even if they pay the media to pretend otherwise
- SLAPP Censorship - Part 83 Out of 200: Religion is Still Alive, But for Many This Religion is Monetary (Greed, Monopolies, Corporate Power)
- If all you keep boasting about is being able to afford a hotel room and some domestic flight, then maybe you have no real accomplishments and are more like a "Facebook serf" with a credit card
- Oracle Seems to Have Popularised Overnight Layoffs, Now GAFAM Does the Same
- layoff emails at 4 a.m. local time
- A Lot of Fake News About Microsoft's LinkedIn Today, Some Comes From Slopfarms, Some Relies on Those Slopfarms
- As usual, slopfarms make the Web a huge pile of garbage
- IBM's Kyndryl is Circling Down the Drain, Say Kyndryl Insiders
- "IBM Dinosaurs who were recycled and catapulted into the orange trash heap by IBM"
- A Lot of Coverage Adding Hype Factor to Slop Bug Reports... is Made by LLM Slop
- Local Privilege Escalation [...] the slop motivates some actual people to keep writing about it
- Links 20/05/2026: Mass Layoffs at NPR (Bought by the Ballmers and Bill Epsteingate), Starbucks Korea CEO Fired Over ‘Tank Day’ Ad
- Links for the day
- Gemini Links 20/05/2026: Advantage of CD Collections, Geminaut's View of Nostr, and SSL / TLS Certificates
- Links for the day
- IBM is Becoming a Pile of Expired Patents and Abandoned Buildings, Assets of Little Actual Value
- Having laid off a ton of people, borrowed lots of money to fake growth (by acquisition), and sent some jobs to low-paid regions where innovation isn't done
- Links 20/05/2026: Looting of Americans for "White Grievance Reparations Fund"; "Mark Zuckerberg Used Shell Companies to Bully Native Hawaiians"
- Links for the day
- Web Browsers Are for Rendering Web Page, They Shouldn't Become PDF Editors
- Linus Torvalds is quickly learning and speaking about this
- SLAPP Censorship - Part 82 Out of 200: British Government Intervenes in the SLAPPs by Brett Wilson LLP
- At this stage our matters are dealt with by a layer below that of the Prime Minister (adjacent to it)
- LinkedIn Communications Reveal That LinkedIn - Like GitHub - Will Vanish Inside the Belly of Microsoft
- This is definitely going to happen.
- In Wall Street, Financial Difficulties Drive Shares Up
- Wall Street doesn't work that way
- The Corrupt Lecture the Non-Corrupt - Part XXVIII - European Patent Office (EPO) Guidebook Says Report Crimes Committed on EPO Premises. Some Did, But President Campinos Covers up for the Culprits.
- The staff has long been on strike and the union (SUEPO) organised an enhanced day of action just two days ago
- Gemini Links 20/05/2026: Fall of an Empire, "High Tech is a Social Exercise", and Big Cameras
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, May 19, 2026
- IRC logs for Tuesday, May 19, 2026
