Eye on Microsoft: Security Synopsis

Dr. Roy Schestowitz

2009-08-13 23:29:40 UTC
Modified: 2009-08-13 23:29:40 UTC

Summary: Failures and cover-ups (sponsored by Microsoft)

● Security is a process

I often point out that Windows is insecure. It's so insecure, in fact, that I, in all seriousness, propose that ISPs (Internet Service Providers) should start forcing users to secure Windows-since neither users or Microsoft will do the job, Windows PCs should be banned from the Internet. That said, nothing, and I mean nothing is really secure.

[...]

It doesn't work that way. Security is a process, it's not a product. Some systems are more secure than others. Linux, as anyone who pays any attention to security news knows, is a lot more secure than Windows. If we were talking cars, Linux would be an Audi A4, the Mac, BMW 330 and Windows would be a mid-70s Ford "Hit here to blow up" Pinto.

● Microsoft: 2 year response to critical 0-day hole (Vista 7 too is suffering from the same symptoms)

It turns out Microsoft has known about the critical security vulnerability in its Office Web Components (OWC), which was fixed last patch day, for more than two years. Only since it has been actively exploited has the behemoth sprung into life and, within a month, released a patch.

● Microsoft IE 8 shines in Web browser security test (emphasis in red is ours)

Microsoft's Internet Explorer 8 rated tops among five browsers tested by NSS Labs for effectiveness in protecting against malware and phishing attacks—though NSS Labs acknowledges Microsoft paid for the tests.

● Virus arms race primes malware numbers surge

The amount of catalogued malware by Panda was 18 million in the 20 years from the firm's foundation until the end of 2008. This figure increased 60 per cent in just seven months to reach 30 million by 31 July 2009.

● Twitter briefly knocked offline by hackers (again) (Microsoft Windows is a culprit [1, 2, 3, 4, 5, 6])

Twitter suffered from yet more security jitters on Tuesday night, after another attack left the site briefly unavailable.

● Aussie arrested in botnet allegation (74,000 down, ~319,926,000 to go)

Inspector Blue Knacker of the Adelaide Yard claims that the 20 year old is also suspected of having developed software capable of launching virus attacks on 74,000 computers worldwide.

● [Microsoft Wordpad is Vulnerable, Exploit Available]

How to get selected for Outreachy internships: Reprinted with permission from disguised.work
Red Hat Corporate Communications is "Red" Now: Also notice they offer just two options: MICROSOFT or... MICROSOFT!
Links 26/04/2024: XBox Sales Have Collapsed, Facebook's Shares Collapse Too: Links for the day
Ian Jackson & Debian reject mediation: Reprinted with permission from disguised.work
[Meme] Granting a Million Monopolies in Europe (to Non-European Companies) at Europe's Expense: Financialization of the EPO
Salary Adjustment Procedure at the EPO Challenged: the EPO must properly compensate staff in order to attract and retain suitably skilled examiners
Links 26/04/2024: Surveillance Abundant, Restoring Net Neutrality Rules (US): Links for the day
Gemini Links 26/04/2024: uConsole and EXWM and stdu 1.0.0: Links for the day
Albanian women, Brazilian women & Debian Outreachy racism under Chris Lamb: Reprinted with permission from disguised.work
Microsoft-Funded 'News' Site: XBox Hardware Revenue Declined by 31%: Ignore the ludicrous media spin
Mark Shuttleworth, Elio Qoshi & Debian/Ubuntu underage girls: Reprinted with permission from disguised.work
Karen Sandler, Outreachy & Debian Money in Albania: Reprinted with permission from disguised.work
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 25, 2024: IRC logs for Thursday, April 25, 2024
Links 26/04/2024: Facebook Collapses, Kangaroo Courts for Patents, BlizzCon Canceled Under Microsoft: Links for the day
Gemini Links 26/04/2024: Music, Philosophy, and Socialising: Links for the day
Microsoft Claims "Goodwill" Is an Asset Valued at $119,163,000,000, Cash Decreased From $34,704,000,000 to $19,634,000,000 and Total Liabilities Grew to $231,123,000,000: Earnings Release FY24 Q3
More Microsoft Cuts: Events Canceled, Real Sales Down Sharply: So they will call (or rebrand) everything "AI" or "Azure" or "cloud" while adding revenues from Blizzard to pretend something is growing
CISA Has a Microsoft Conflict of Interest Problem (CISA Cannot Achieve Its Goals, It Protects the Worst Culprit): people from Microsoft "speaking for" "Open Source" and for "security"
Links 25/04/2024: South Korean Military to Ban iPhone, Armenian Remembrance Day: Links for the day
Gemini Links 25/04/2024: SFTP, VoIP, Streaming, Full-Content Web Feeds, and Gemini Thoughts: Links for the day
Audiocasts/Shows: FLOSS Weekly and mintCast: the latest pair of episodes
[Meme] Arvind Krishna's Business Machines: He is harming Red Hat in a number of ways (he doesn't understand it) and Fedora users are running out of patience (many volunteers quit years ago)
[Video] Debian's Newfound Love of Censorship Has Become a Threat to the Entire Internet: SPI/Debian might end up with rotten tomatoes in the face
Joerg (Ganneff) Jaspert, Dalbergschule Fulda & Debian Death threats: Reprinted with permission from disguised.work
Amber Heard, Junior Female Developers & Debian Embezzlement: Reprinted with permission from disguised.work
[Video] Time to Acknowledge Debian Has a Real Problem and This Problem Needs to be Solved: it would make sense to try to resolve conflicts and issues, not exacerbate these
Daniel Pocock elected on ANZAC Day and anniversary of Easter Rising (FSFE Fellowship): Reprinted with permission from Daniel Pocock
[Video] IBM's Poor Results Reinforce the Idea of Mass Layoffs on the Way (Just Like at Microsoft): it seems likely Red Hat layoffs are in the making
Ulrike Uhlig & Debian, the $200,000 woman who quit: Reprinted with permission from disguised.work
IRC Proceedings: Wednesday, April 24, 2024: IRC logs for Wednesday, April 24, 2024
Over at Tux Machines...: GNU/Linux news for the past day
Links 24/04/2024: Layoffs and Shutdowns at Microsoft, Apple Sales in China Have Collapsed: Links for the day
Sexism processing travel reimbursement: Reprinted with permission from disguised.work
Girlfriends, Sex, Prostitution & Debian at DebConf22, Prizren, Kosovo: Reprinted with permission from disguised.work
Microsoft is Shutting Down Offices and Studios (Microsoft Layoffs Every Month This Year, Media Barely Mentions These): Microsoft shutting down more offices (there have been layoffs every month this year)
Balkan women & Debian sexism, WeBoob leaks: Reprinted with permission from disguised.work
Martina Ferrari & Debian, DebConf room list: who sleeps with who?: Reprinted with permission from Daniel Pocock
Links 24/04/2024: Advances in TikTok Ban, Microsoft Lacks Security Incentives (It Profits From Breaches): Links for the day
Gemini Links 24/04/2024: People Returning to Gemlogs, Stateless Workstations: Links for the day
Meike Reichle & Debian Dating: Reprinted with permission from disguised.work
Europe Won't be Safe From Russia Until the Last Windows PC is Turned Off (or Switched to BSDs and GNU/Linux): Lives are at stake
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 23, 2024: IRC logs for Tuesday, April 23, 2024
[Meme] EPO: Breaking the Law as a Business Model: Total disregard for the EPO to sell more monopolies in Europe (to companies that are seldom European and in need of monopoly)
The EPO's Central Staff Committee (CSC) on New Ways of Working (NWoW) and “Bringing Teams Together” (BTT): The latest publication from the Central Staff Committee (CSC)
Volunteers wanted: Unknown Suspects team: Reprinted with permission from Daniel Pocock
Debian trademark: where does the value come from?: Reprinted with permission from Daniel Pocock

Eye on Microsoft: Security Synopsis

Recent Techrights' Posts