EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

03.08.10

Apache Shows Why GNU/Linux is Safer Than Microsoft Windows; Microsoft Makes Batteries Dangerous

Posted in Free/Libre Software, GNU/Linux, Microsoft, Security, Windows at 12:41 pm by Dr. Roy Schestowitz

Battery charger

Summary: Windows shows that it not only brings security problems to Apache but also to battery chargers

THE thing about Windows is, the underlying operating system is less secure than UNIX and Linux. Here is nice new proof of this, straight from the news. Our reader renamed it (the headline) “Windows bug prompts Apache update advice”

“The vulnerability means that you can take complete control of the web server remotely with system privileges — which is the highest privilege on Windows,” Edelstein told ZDNet.com.au. “An attacker could gain access to, modify and take away data.”

Edelstein advised users running Apache on Windows platforms to upgrade immediately as users have no way of knowing if their web servers have been compromised. The company’s security advisory can be accessed here.

[...]

“A proof of concept remote exploit has been written by Sense of Security, and it is feasible that others could write a similar exploit to completely compromise a Windows system,” said Brett Gervasoni.

As most Apache users run it on UNIX and Linux, the above is probably nothing to panic or worry about.

Charged With Malware

“Microsoft, the company that made battery chargers dangerous,” called it the reader who sent this next item from the news:

The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access.

In an advisory, the US-CERT warned that he installer for the Energizer DUO software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory.

When the Energizer UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll executes Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key.

“The danger of Open Source software is that you don’t know if it contains malware,” jokingly said our reader.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. your_friend said,

    March 8, 2010 at 9:55 pm

    Gravatar

    Ha ha, it went undetected for three years. The Windows version of that Energizer Bunny has been pulled from the market.

    Regardless of when it was created, its discovery prompted Energizer to announce March 5 that it was discontinuing the sale of the product and removing the site from which the software could be downloaded. In addition, the company is urging consumers who downloaded the Windows version of the software to uninstall it.

    It’s amazing how popular the wipe and reload becomes when Microsoft needs to sell a new version of Windows. Thanks for all the nice links.

  2. Needs Sunlight said,

    March 9, 2010 at 5:53 am

    Gravatar

    @your_friend : it did not go undetected for three years, Microsoft did not publicly acknowledge it for three years, or more. There is a lot of difference there.

    Wipe and reload becomes popular when Microsoft needs to sell new versions of Windows or when third party packages, of any kind, become too popular. Wipe and reload ensures that the 3rd party packages are knocked down at least a couple points in marketshare. It is to Microsoft’s advantage that they are so many decades behind Linux, OS X or even Solaris in regards to package management.

  3. uberVU - social comments said,

    March 11, 2010 at 5:51 pm

    Social comments and analytics for this post…

    This post was mentioned on Identica by schestowitz: #Apache Shows Why #GNU #Linux is Safer Than #Microsoft #Windows http://boycottnovell.com/2010/03/08/battery-chargers-and-malware/

What Else is New


  1. Some Perspective on Heartbleed®

    Our views on the whole Heartbleed® bonanza, which seems like partly a PR stunt (for multiple stakeholders)



  2. Microsoft is Leaving Windows -- Including Vista 8.1 -- Vulnerable to Non-Government Crackers, Not Only to NSA

    Microsoft makes it ever more evident that securing users of Windows is not at all a priority, and perhaps not even a desire



  3. Links 17/4/2014: Android RDP, New Ubuntu, RHEL 7 Milestone

    Links for the day



  4. Racing to 1984: Mass Surveillance, Cracking, 'Targeted' Assassinations, and Illegal Torture

    Links for the day



  5. More Microsoft Subsidies to Patent Troll Intellectual Ventures

    Microsoft hands money to Bill Gates' close friend who is the world's largest patent troll



  6. Aiding Microsoft Under the Disguise of 'Pro-FOSS'

    Not everything which is FOSS necessary becomes, by virtue of existence, a positive contribution, as we are constantly reminded by projects that help proprietary software and/or restrictions get a strong grip on FOSS



  7. Links 16/4/2014: Red Hat PR, Ubuntu LTS Imminent

    Links for the day



  8. Links 15/4/2014: Lots of PCLinuxOS Releases, Ukraine Updates

    Links for the day



  9. Apple and Microsoft Actively Lobbying Against Patent Reform in the US

    Apple and Microsoft are reportedly intervening/interfering with US law in order to ensure that the law is Free/libre software-hostile



  10. Lawsuit by Microsoft Shareholder Targets Fine for Crimes Rather Than the Crimes Themselves

    A new lawsuit by a Microsoft shareholder shows everything that's wrong with today's model of accountability, where those who are responsible for crimes are accused of not avoiding fines rather than committing the crimes



  11. Public Institutions Must Dump PRISM-Associated Software

    Another reminder that taxpayers-subsidised services should refuse, as a matter of principle, to pay anything for -- let alone deploy -- proprietary software with back doors



  12. GNU/Linux News: The Opportunities Amid XP EOL

    Links for the day



  13. Microsoft Gets Its Money's Worth From Xamarin: PlayStation 4 Now Polluted by Microsoft

    The Trojan horse of Microsoft, Xamarin, is pushing .NET into Microsoft's console competitor



  14. After Brendan Eich Comes Chris Beard

    Having removed Brendan Eich using bullying and blackmail tactics, his foes inside Mozilla achieved too little as we have yet another man (coming from inside Mozilla) acting as CEO



  15. Healthcare News: Free Software in Health, Humanitarian Causes

    Links for the day



  16. Links 14/4/2014: MakuluLinux, Many Games, More Privacy News and Pulitzer Prize for NSA Revelations

    Links for the day



  17. TechBytes Episode 87: Catching up With Surveillance (NSA, GCHQ et al.)

    The first audio episode in a very long time covers some of the latest happenings when it comes to privacy and, contrariwise, mass surveillance



  18. Server News: KVM, ElasticHosts, Other GNU/Linux Items, and Open Network Linux

    Links for the day



  19. Hardware News: Freedom, Modding, Hackability on the Rise

    Links for the day



  20. Distributions News: GNU/Linux Distros

    Links for the day



  21. GNOME News: Financial Issues, Mutter-Wayland, West Coast Summit, Community Participation

    Links for the day



  22. KDE News: Kubuntu at the Centre Again KDE Applications Updated

    Links for the day



  23. Techrights Rising

    Effective immediately, Techrights will do what it takes to bring back old volume and pace of publishing



  24. Links: Surveillance, Intervention, Torture and Drones

    Links for the day



  25. Mobile Linux Not Just Android: Jolla, WebOS, and Firefox OS News

    Links for the day



  26. Google's Linux Revolution: New Gains for Android, Chrome OS (GNU/Linux)

    Links for the day



  27. Free/Libre Databases News: MongoDB, NoSQL, and MySQL Branches/Forks

    Links for the day



  28. Open Access on the Rise: Textbooks, Journals, Etc.

    Links for the day



  29. Finance Watch (Watching What's Not Being Watched): Economic Warfare/Class Injustice

    Links for the day



  30. Climate and Ecology Watch: News About a World Being Destroyed

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts