10.13.09

Gemini version available ♊︎

Vista 7 Gets Royal (Patch) Treatment, Windows XP in Court for “Spyware” Behaviour

Posted in Courtroom, Microsoft, Security, Vista 7, Windows at 11:15 am by Dr. Roy Schestowitz

Windows XP wallpaper style

Summary: Many security issues in Vista 7, Windows XP has Microsoft sued for behaving like malicious software

SEVERAL days ago we wrote about Vista 7 being left insecure. Given all that has happened in the past year (c.f. links at the bottom), this should not be surprising and SJVN has just written a short article claiming that Vista 7 suffers from “unimproved security”.

When it comes to security and Windows 7, it’s just more of the same old, same old.

This point really came home to me when I was looking over all the patches that Microsoft will delivering tomorrow in what may be the largest Patch Tuesday ever. Microsoft “will ship a total of 13 updates next week, eight of them pegged “critical,” the highest threat ranking in its four-step scoring system, beating the previous record of 12 updates shipped in February 2007 and again in October 2008.”Of these 13, five are for Windows 7.

That’s Tuesday, that’s today.

Microsoft claims 5 patches for Vista 7, but as experience suggests, Microsoft lies about these numbers. It is not obliged to adhere to the same reporting standards as Free software.

Many people will continue using Windows XP when 7 comes out, but XP is permanently insecure since Microsoft refuses to patch it. And to make matters worse, based on this report, Microsoft is still stuck in court having been sued for XP being spyware, which it is (for more than one reason).

The plaintiffs allege that Microsoft improperly distributed the Windows Genuine Advantage tool, without proper consent from users, in a manner normally reserved for “high priority” security updates. WGA, as it’s known, tests to see if a copy of Windows is valid and delivers warnings if it doesn’t pass. Microsoft’s Automatic Update system lets users opt in to receive fixes and patches for the operating system.

That’s a lie or an embellishment at the very least. Microsoft overrides those settings. Even if the user requests that updates shall not be pushed through, Windows settings are totally ignored. Users have shown this for years.

On Vista 7 security problems:

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

5 Comments

  1. Yuhong Bao said,

    October 13, 2009 at 1:56 pm

    Gravatar

    “Microsoft claims 5 patches for Vista 7, but as experience suggests, Microsoft lies about these numbers. It is not obliged to adhere to the same reporting standards as Free software.”
    Yep, it is not as simple as comparing numbers.
    “Many people will continue using Windows XP when 7 comes out, but XP is permanently insecure since Microsoft refuses to patch it.”
    Not completely, you should see my comments on the linked article, which talks about this in more detail.

    Roy Schestowitz Reply:

    Disablement is not a fix though.

    Yuhong Bao Reply:

    Of course not, even MS claimed that it was only a workaround. MS released the fix for this SMB2 flaw today, and it is MS09-050. I was mostly commenting on the lack of XP and 2000 patches for MS09-048, saying it is that it is only this particular patch that don’t have a version for Win2000 or WinXP. MS has not in general stopped patching Win2000 or WinXP and will not until the extended support ends.

    Roy Schestowitz Reply:

    Patching does not equate to quality patching. The half-hearted maintenance is causing trouble to all of us who share the Internet (systemic cost).

    Yuhong Bao Reply:

    Note in this particular case however that the vulnerablities MS is not patching are only DoS vulnerablities that in theory only affects the machine attacked. There is a Remote Code Execution vulnerablity in the bulletin, but it only affects Vista and Server 2008, not XP or Server 2003. If you want more info, you should read the bulletin:
    http://www.microsoft.com/technet/security/Bulletin/ms09-048.mspx

DecorWhat Else is New


  1. IRC Proceedings: Wednesday, March 29, 2023

    IRC logs for Wednesday, March 29, 2023



  2. [Meme] Waiting for Standard Life to Deal With Pension Fraud

    The crimes of Sirius ‘Open Source’ were concealed with the authoritative name of Standard Life, combined with official papers from Standard Life itself; why does Standard Life drag its heels when questioned about this matter since the start of this year?



  3. Former Staff of Sirius Open Source Responds to Revelations About the Company's Crimes

    Crimes committed by the company that I left months ago are coming to light; today we share some reactions from other former staff (without naming anybody)



  4. Among Users in the World's Largest Population, Microsoft is the 1%

    A sobering look at India shows that Microsoft lost control of the country (Windows slipped to 16% market share while GNU/Linux grew a lot; Bing is minuscule; Edge fell to 1.01% and now approaches “decimal point” territories)



  5. In One City Alone Microsoft Fired Almost 3,000 Workers This Year (We're Still in March)

    You can tell a company isn’t doing well when amid mass layoffs it pays endless money to the media — not to actual workers — in order for this media to go crazy over buzzwords, chaffbots, and other vapourware (as if the company is a market leader and has a future for shareholders to look forward to, even if claims are exaggerated and there’s no business model)



  6. Links 29/03/2023: InfluxDB FDW 2.0.0 and Erosion of Human Rights

    Links for the day



  7. Links 29/03/2023: Parted 3.5.28 and Blender 3.5

    Links for the day



  8. Links 29/03/2023: New Finnix and EasyOS Kirkstone 5.2

    Links for the day



  9. IRC Proceedings: Tuesday, March 28, 2023

    IRC logs for Tuesday, March 28, 2023



  10. [Meme] Fraud Seems Standard to Standard Life

    Sirius ‘Open Source’ has embezzled and defrauded staff; now it is being protected (delaying and stonewalling tactics) by those who helped facilitate the robbery



  11. 3 Months to Progress Pension Fraud Investigations in the United Kingdom

    Based on our experiences and findings, one simply cannot rely on pension providers to take fraud seriously (we’ve been working as a group on this); all they want is the money and risk does not seem to bother them, even when there’s an actual crime associated with pension-related activities



  12. 36,000 Soon

    Techrights is still growing; in WordPress alone (not the entire site) we’re fast approaching 36,000 posts; in Gemini it’s almost 45,500 pages and our IRC community turns 15 soon



  13. Contrary to What Bribed (by Microsoft) Media Keeps Saying, Bing is in a Freefall and Bing Staff is Being Laid Off (No, Chatbots Are Not Search and Do Not Substitute Web Pages!)

    Chatbots/chaffbot media noise (chaff) needs to be disregarded; Microsoft has no solid search strategy, just lots and lots of layoffs that never end this year (Microsoft distracts shareholders with chaffbot hype/vapourware each time a wave of layoffs starts, giving financial incentives for publishers to not even mention these; right now it’s GitHub again, with NDAs signed to hide that it is happening)



  14. Full RMS Talk ('A Tour of Malicious Software') Uploaded 10 Hours Ago

    The talk is entitled "A tour of malicious software, with a typical cell phone as example." Richard Stallman is speaking about the free software movement and your freedom. His speech is nontechnical. The talk was given on March 17, 2023 in Somerville, MA.



  15. Links 28/03/2023: KPhotoAlbum 5.10.0 and QSoas 3.2

    Links for the day



  16. The Rumours Were Right: Many More Microsoft Layoffs This Week, Another Round of GitHub Layoffs

    Another round of GitHub layoffs (not the first [1, 2]; won’t be the last) and many more Microsoft layoffs; this isn’t related to the numbers disclosed by Microsoft back in January, but Microsoft uses or misuses NDAs to hide what’s truly going on



  17. All of Microsoft's Strategic Areas Have Layoffs This Year

    Microsoft’s supposedly strategic/future areas — gaming (trying to debt-load or offload debt to other companies), so-called ‘security’, “clown computing” (Azure), and “Hey Hi” (chaffbots etc.) — have all had layoffs this year; it’s clear that the company is having a serious existential crisis in spite of Trump’s and Biden’s bailouts (a wave of layoffs every month this year) and is just bluffing/stuffing the media with chaffbots cruft (puff pieces/misinformation) to keep shareholders distracted, asking them for patience and faking demand for the chaffbots (whilst laying off Bing staff, too)



  18. Links 28/03/2023: Pitivi 2023.03 is Out, Yet More Microsoft Layoffs (Now in Israel)

    Links for the day



  19. IRC Proceedings: Monday, March 27, 2023

    IRC logs for Monday, March 27, 2023



  20. Links 27/03/2023: GnuCash 5.0 and Ubuntu 20.04 LTS on Phones

    Links for the day



  21. Links 27/03/2023: Twitter Source Code Published (But Not Intentionally)

    Links for the day



  22. IRC Proceedings: Sunday, March 26, 2023

    IRC logs for Sunday, March 26, 2023



  23. Links 26/03/2023: OpenMandriva ROME 23.03, Texinfo 7.0.3, and KBibTeX 0.10.0

    Links for the day



  24. The World Wide Web is a Cesspit of Misinformation. Let's Do Something About It.

    It would be nice to make the Web a safer space for information and accuracy (actual facts) rather than a “Safe Space” for oversensitive companies and powerful people who cannot tolerate criticism; The Web needs to become more like today's Gemini, free of corporate influence and all other forms of covert nuisance



  25. Ryan Farmer: I’m Back After WordPress.com Deleted My Blog Over the Weekend

    Reprinted with permission from Ryan



  26. Civil Liberties Threatened Online and Offline

    A “society of sheeple” (a term used by Richard Stallman last week in his speech) is being “herded” online and offline; the video covers examples both online and offline, the latter being absence of ATMs or lack of properly-functioning ATMs (a growing problem lately, at least where I live)



  27. Techrights Develops Free Software to Separate the Wheat From the Chaff

    In order to separate the wheat from the chaff we’ve been working on simple, modular tools that process news and help curate the Web, basically removing the noise to squeeze out the signal



  28. Links 26/03/2023: MidnightBSD 3.0 and FreeBSD 13.2 RC4

    Links for the day



  29. IRC Proceedings: Saturday, March 25, 2023

    IRC logs for Saturday, March 25, 2023



  30. Links 26/03/2023: More TikTok Bans

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts