08.12.09

Gemini version available ♊︎

No Lessons Learned from Windows-imposed Web Turbulence

Posted in Microsoft, Security, Windows at 3:18 pm by Dr. Roy Schestowitz

Windsurfer

Summary: Nothing at all — except debate — has truly changed as a result of Windows botnets running amok

THE INTERNET as we know it may be stranded at a bit of a crossroad. The persistent DDoS attacks against Twitter have stirred up a discussion about Windows zombies and ways of battling them [1, 2, 3, 4, 5].

Few technologists seem to believe that Windows can ever be secured and the question of liability arose again. Glyn Moody asked whether “Microsoft [should] be liable for its flaws.”

The recent attacks on Twitter and Facebook, probably using Windows botnets, have highlighted an old issue: whether Microsoft should be held responsible for the flaws in its software that cause such costly global downtimes.

At first glance, it’s an attractive option. After all, it could be argued that the company has made billions of dollars of profit from software that has caused billions of dollars of losses for users around the world, and so it would be only fair if some of that unjustly gained dosh were redistributed to those who have suffered at its hands.

Moody is looking for insights and calling for opinions from readers. At the same time, the world learns that Microsoft is patching no less than five “critical” flaws which are remotely exploitable. It never ends.

Microsoft released the expected nine patches – five critical – as part of a busy August Patch Tuesday update that focuses primarily on client-side vulnerabilities.

Here are some more gory details.

The critical holes, which could allow an attacker to remotely run code on a PC and take control of it, affect Windows 2000, Windows XP, Windows Vista, Windows Server 2003 and 2008, Windows Client for the Mac, Office 2000, XP and 2003, Microsoft Office Small Business Accounting 2006, Visual Studio .NET 2003, Microsoft Internet Security and Acceleration Server 2004 and 2006, and BizTalk Server 2002, according to a Microsoft security advisory.

Those new remotely-exploitable Microsoft holes include [1, 2, 3, 4, 5]. Users looking for a secure operating system should have a look at GNU/Linux.

“Anyone wonder why the Microsoft SQL server is called the sequel server? Is that because no matter what version it’s at there’s always going to be a sequel needed to fix the major bugs and security flaws in the last version?”

Unknown

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Gemini Lets You Control the Presentation Layer to Suit Your Own Needs

    In Gemini (or the Web as seen through Gemini clients such as Kristall) the user comes first; it's not sites/capsules that tell the user how pages are presented/rendered, as they decide only on structural/semantic aspects



  2. The Future of Techrights

    Futures are difficult to predict, but our general vision for the years ahead revolves around more community involvement and less (none or decreased) reliance on third parties, especially monopolistic corporations, mostly because they oppress the population via the network and via electronic devices



  3. [Meme] UPC for CJEU

    When you do illegal things and knowingly break the law to get started with a “legal” system you know it’ll end up in tears… or the CJEU



  4. Links 20/1/2022: 'Pluton' Pushback and Red Hat Satellite 6.10.2

    Links for the day



  5. The Web is a Corporate Misinformation/Disinformation Platform, Biased Against Communities, Facts, and Science

    Misinformation/disinformation in so-called 'news' sites is a pandemic which spreads; in the process, the founder of GNU/Linux gets defamed and GNU/Linux itself is described as the problem, not the solution to the actual problems



  6. Links 20/1/2022: McKinsey Openwashing and Stable Kernels

    Links for the day



  7. IRC Proceedings: Wednesday, January 19, 2022

    IRC logs for Wednesday, January 19, 2022



  8. Links 20/1/2022: Linuxfx 11.1 WxDesktop 11.0.3 and FreeIPMI 1.6.9 Released

    Links for the day



  9. Links 19/1/2022: XWayland 22.1 RC1 and OnlyOffice 7.0 Release

    Links for the day



  10. Links 19/1/2022: ArchLabs 2022.01.18 and KDE's 15-Minute Bug Initiative

    Links for the day



  11. When Twitter Protects Abusers and Abuse (and Twitter's Sponsors)

    Twitter is an out-of-control censorship machine and it should be treated accordingly even by those who merely "read" or "follow" Twitter accounts; Twitter is a filter, not a news/media platform or even means of communication



  12. IRC Proceedings: Tuesday, January 18, 2022

    IRC logs for Tuesday, January 18, 2022



  13. Links 19/1/2022: Wine 7.x Era Begins and Istio 1.12.2 is Out

    Links for the day



  14. Another Video IBM Does Not Want You to Watch

    It seems very much possible that IBM (or someone close to IBM) is trying to purge me from Twitter, so let’s examine what they may be trying to distract from. As we put it 2 years ago, "Watson" is a lot more offensive than those supposedly offensive words IBM is working to purge; think about those hundreds of Red Hat workers who are black and were never told about ethnic purges of blacks facilitated by IBM (their new boss).



  15. What IBM Does Not Want You to Watch

    Let's 'Streisand it'...



  16. Good News, Bad News (and Back to Normal)

    When many services are reliant on the integrity of a single, very tiny MicroSD card you're only moments away from 2 days of intensive labour (recovery, investigation, migration, and further coding); we've learned our lessons and took advantage of this incident to upgrade the operating system, double the storage space, even improve the code slightly (for compatibility with newer systems)



  17. Someone Is Very Desperate to Knock My Account Off Twitter

    Many reports against me — some successful — are putting my free speech (and factual statements) at risk



  18. Links 18/1/2022: Deepin 20.4 and Qubes OS 4.1.0 RC4

    Links for the day



  19. Links 18/1/2022: GNOME 42 Alpha and KStars 3.5.7

    Links for the day



  20. IRC Proceedings: Monday, January 17, 2022

    IRC logs for Monday, January 17, 2022



  21. Links 17/1/2022: More Microsoft-Connected FUD Against Linux as Its Share Continues to Fall

    Links for the day



  22. The GUI Challenge

    The latest article from Andy concerns the Command Line Challenge



  23. Links 17/1/2022: digiKam 7.5.0 and GhostBSD 22.01.12 Released

    Links for the day



  24. IRC Proceedings: Sunday, January 16, 2022

    IRC logs for Sunday, January 16, 2022



  25. Links 17/1/2022: postmarketOS 21.12 Service Pack 1 and Mumble 1.4 Released

    Links for the day



  26. [Meme] Gemini Space (or Geminispace): From 441 Working Capsules to 1,600 Working Capsules in Just 12 Months

    Gemini space now boasts 1,600 working capsules, a massive growth compared to last January, as we noted the other day (1,600 is now official)



  27. [Meme] European Patent Office Space

    The EPO maintains a culture of illegal surveillance, inherited from Benoît Battistelli and taken to a whole new level by António Campinos



  28. Gemini Rings (Like Webrings) and Shared Spaces in Geminspace

    Much like the Web of 20+ years ago, Gemini lets online communities — real communities (not abused tenants, groomed to be ‘monetised’ like in Facebook or Flickr) — form networks, guilds, and rings



  29. Links 16/1/2022: Latte Dock 0.11 and librest 0.9.0

    Links for the day



  30. The Corporate Cabal (and Spy Agencies-Enabled Monopolies) Engages in Raiding of the Free Software Community and Hacker Culture

    In an overt attack on the people who actually did all the work — the geeks who built excellent software to be gradually privatised through the Linux Foundation (a sort of price-fixing and openwashing cartel for shared interests of proprietary software firms) — is receiving more widespread condemnation; even the OSI has been bribed to become a part-time Microsoft outsourcer as organisations are easier to corrupt than communities


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts