Eye on Microsoft: Windows Security News

Dr. Roy Schestowitz

2009-08-25 23:58:08 UTC
Modified: 2009-08-25 23:58:08 UTC

Summary: Another day, another expected problem

● Why Windows security is awful

A friend of mine suggested that I should include as boilerplate in my security stories, a line like: "Of course, if you were running desktop Linux or using a Mac, you wouldn't have this problem." She's got a point. Windows is now, always has been, and always will be insecure. Here's why.

First, desktop Windows stands firmly on a foundation as a stand-alone PC operating system. It was never, ever meant to work in a networked world. So, security holes that existed back in the day of Windows for Workgroups, 1991, are still with us today in 2009 and Windows 7.

[...]

It also doesn't help any that Microsoft's data formats can be used to hold active programming code. Microsoft Office formats are commonly used to transmit malware. Microsoft's latest Office 2010 tries to deal with this by blocking all but read access to documents or 'sandboxing' them.. Since you can't edit a sandboxed document, I'm sure that's going to go over really well. Of course, what will actually happen is that users won't use the sandbox utility, and they'll just spread malware instead.

● 55,000 Web sites hacked to serve up malware cocktail

Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites.

Recent Techrights' Posts

Parties and Milestones Again: we've begun putting up about 40 balloons
Microsoft is Disloyal Towards Its Most Loyal Employees: Against its most faithful enablers
Following the Line of Cocaine All the Way to the Top: Even a million denials and spin-doctoring won't distract from the core issue
Thankfully We've Made Copies of More Interesting Data From statCounter: If statCounter (the Web site or the 'webapp') vanished overnight, we'd still have something left of it
More Silent Layoffs at IBM/Red Hat: when the media counts such layoffs or presents tallies the numbers are very incomplete
Gemini Links 28/10/2025: "How to Maximize Your Positive Impact" and ASCII Art and Artist Attribution: Links for the day
PETA and Activism: Being staff or volunteer in PETA isn't easy
Big Blue, Huge Debt: debt will soar again
Links 27/10/2025: Mass Surveillance Sold as "AI", People Reluctant to Lose Physical Media: Links for the day
Techrights' 19th Anniversary: Bronze: Time to go back to preparing for this anniversary
Our Latest European Patent Office (EPO) Series Will Last Several Weeks, Will Ask the EPO Management and the European Union (EU) Very Difficult Questions: If nobody loses a job (or jobs) over this, then the EU basically became no better than Colombia or Nicaragua
Slopwatch: LinuxSecurity, UbuntuPIT, Brian Fagioli, and Google News: We focus on stories that are fake or LLM slop that disguises itself as "news" about Linux
Links 27/10/2025: Wikipedia Vandalism, Bruce Perens Opens up on Childhood: Links for the day
This Site Could Not be Done by LLMs Even If It Wanted to (Because It's Not a Parrot of What Other Sites Say): LLMs have no knowledge or deep understanding
19 Years, No Censorship: No factual information is ever going to be removed, more so if it is in the public interest
We Are Not a Conventional Site, That's Why They Hate (or Love) Us: Throughout the week this week we'll be focusing on the EPO
The Cocaine Patent Office - Part I: António Campinos Brought Corruption and Nepotism to the EPO, Then Came the Cocaine: High-level manager at the European Patent Office (EPO) caught in public with cocaine, the Office has some answering to do
Purchasing/Possessing Computers Isn't the Same as Controlling Computers: Let's strive to put computers back under the control of their users, no matter who purchased these (usually the users)
Gemini Links 27/10/2025: Alhena 5.4.3 and Fixing Bash: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, October 26, 2025: IRC logs for Sunday, October 26, 2025
Links 26/10/2025: Microsoft Spies on Gamers, Open Transport Community Conference: Links for the day
Links 26/10/2025: LLM Slop / Plagiarism Programs Continue to Disappoint, CISA Layoffs Threaten Systems: Links for the day
Gemini Links 26/10/2025: Gemsync and Joining the Small Web: Links for the day
India.com a Click-baiting, SEO-Spamming, Slopfarming Heap: They do this almost every day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, October 25, 2025: IRC logs for Saturday, October 25, 2025
Without XBox Consoles, XBox is No More, It's Just a Brand (More Rumours of Microsoft Ending XBox, Then Laying Off Lots of Staff): All signs indicate that Microsoft wants to "exit" the XBox business (not brand), but it does not want to publicly admit this as it would alarm staff and shareholders