Eye on Microsoft: Ransomware, Botnets, Critical Flaws, and Insecure Microsoft File Types
- Dr. Roy Schestowitz
- 2009-07-28 07:18:43 UTC
- Modified: 2009-07-28 07:18:43 UTC
●
Smut page ransomware Trojan ransacks browsers
Russian cybercrooks have come up with a variant of ransomware scams, which works by displaying an invasive advert for online smut in users' browsers that victims are extorted to pay to remove.
●
The Business of Botnets
Kaspersky Lab released some interesting statistics recently in a technical whitepaper. As part of its research into the cyber-underground, the company took a look at how botmasters are pricing the networks under their control.
●
Microsoft to fix critical hole in IE
In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.
●
Microsoft to Issue Emergency Patches Next Week
The advance notification advisory that Microsoft released about these upcoming patches doesn't say so explicitly, but a spokesperson for the company confirmed that the updates will address a critical security flaw in collection of code that Microsoft uses in a number of places in Windows. Having a vulnerability in this so-called "code library" is especially dangerous because Microsoft also provides this library to third-party software makers to help them build programs that can leverage certain built-in features of Windows.
●
Insecure by design: MS Office formats
You see, when you're opening an Office document today, you're not just opening static words, images, or numbers. You're actually starting a program that uses Microsoft Office as its interpreter. And, no matter whether you're using Word 2,0 formats or the 2008's 7,000+ pages mis-mash of 'standard' ECMA-376 Office Open XML file formats, there is no built-in network security layer. Instead, there is a mis-mash of fixes for one problem or the other.
Also see:
Emergency, Botnets, and No Remedy
Recent Techrights' Posts
- IBM's CEO Roasted, Sizzled and Grilled for Dumb and Inconsistent Vapourware Promises
- It looks like being a chronic liar is what it takes to lead the company once synonymous with computing
- Who Imitates Who? Plagiarist as Client (From Microsoft), 'Plagiarism' at the Law Firm?
- let's revisit the subject
-
- Gemini Links 11/06/2025: Grain and Steam Next Fest
- Links for the day
- Links 11/06/2025: "Quantum" Hype From IBM, US Closer to Martial Law, and “The Nation” Celebrates Milestone
- Links for the day
- IBM's Goal Is Not (and Never Was) Computer Users' Freedom
- More than 1.5 decades ago I found IBM to be an "ally of convenience" because of OpenDocument Format (ODF)
- Wayland Shows the IBM/Red Hat Way of Doing Things
- IBM is trying to 'kill' X
- GitHub is Proprietary, Controlled by Microsoft, and GPL Violation Warehouse
- "IRS tax filing software [will be] released to the people as free software" ... In general this is good news
- Slopfarm Catastrophe
- Seems like BetaNews (or BetaNoise) has just suffered a major data loss and restored the site from a week-old backup
- Abuse Inside the Polish Patent Office (UPRP) - Part VIII: Illegal Working Conditions
- How many people need to die for these people to get their massive salaries?
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, June 10, 2025
- IRC logs for Tuesday, June 10, 2025
- Links 10/06/2025: Apple Hype and Physical Attacks on Bloggers
- Links for the day
- Gemini Links 10/06/2025: Loon Lake, Farming, and Forth
- Links for the day
- Links 10/06/2025: Jaws at 50 and US Democracy Crushed Very Rapidly (Martial Law Seems Imminent)
- Links for the day
- Abuse Inside the Polish Patent Office (UPRP) - Part VII: Washing Their Hands After Corruption and Abuse
- "Tragedy or comedy?"
- Culling Bad RSS Feeds of Bad Sites
- Not throwing out the baby with the bathwater
- If 'Microsoft v Techrights' is Dealt With by a 'Microsoft Court' (or a Court Outsourced to Microsoft)
- More on that later
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Monday, June 09, 2025
- IRC logs for Monday, June 09, 2025
- Gemini Protocol Turns Six in 10 Days From Now
- If you haven't tried it yet, then give it a go today
- Live as You Preach
- technology is fast becoming dysphoric
- Gemini Links 09/06/2025: Addition Addiction and Nitride
- Links for the day
- Links 09/06/2025: Science, Hardware Projects, and Democracy Receding
- Links for the day
- Computers Got Smaller, So GNU/Linux Got Bigger
- Many people here recognise the lack of urgency (or need) to get expensive new laptops
- BetaNews is a Plagiarism and LLM Slop Hub, the Chief Editor Isn't Addressing This Problem Anymore
- SS Fagioli is basically a parasite leeching off or exploiting other people's work
- Links 09/06/2025: Chaos in Los Angeles and Hurricane Season
- Links for the day
- GNU/Linux Grows at Windows' Expense and Microsoft Trolls Infest and Maliciously Target Articles About It
- Microsoft is - and has long been - organised crime
- They Say I'm Mr. Bombastic
- They didn't take good lawyers
- Links 09/06/2025: Windows TCO and Many Data Breaches
- Links for the day
- Abuse Inside the Polish Patent Office (UPRP) - Part VI: Political Stunts by Former President Edyta Demby-Siwek and the Connection to Profound Corruption at EUIPO
- it's like a money-laundering operation where one politician rewards another at taxpayers' expense
- Gemini Links 09/06/2025: Pipelines and Splitgate
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Sunday, June 08, 2025
- IRC logs for Sunday, June 08, 2025