EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

03.08.10

Apache Shows Why GNU/Linux is Safer Than Microsoft Windows; Microsoft Makes Batteries Dangerous

Posted in Free/Libre Software, GNU/Linux, Microsoft, Security, Windows at 12:41 pm by Dr. Roy Schestowitz

Battery charger

Summary: Windows shows that it not only brings security problems to Apache but also to battery chargers

THE thing about Windows is, the underlying operating system is less secure than UNIX and Linux. Here is nice new proof of this, straight from the news. Our reader renamed it (the headline) “Windows bug prompts Apache update advice”

“The vulnerability means that you can take complete control of the web server remotely with system privileges — which is the highest privilege on Windows,” Edelstein told ZDNet.com.au. “An attacker could gain access to, modify and take away data.”

Edelstein advised users running Apache on Windows platforms to upgrade immediately as users have no way of knowing if their web servers have been compromised. The company’s security advisory can be accessed here.

[...]

“A proof of concept remote exploit has been written by Sense of Security, and it is feasible that others could write a similar exploit to completely compromise a Windows system,” said Brett Gervasoni.

As most Apache users run it on UNIX and Linux, the above is probably nothing to panic or worry about.

Charged With Malware

“Microsoft, the company that made battery chargers dangerous,” called it the reader who sent this next item from the news:

The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access.

In an advisory, the US-CERT warned that he installer for the Energizer DUO software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory.

When the Energizer UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll executes Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key.

“The danger of Open Source software is that you don’t know if it contains malware,” jokingly said our reader.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. your_friend said,

    March 8, 2010 at 9:55 pm

    Gravatar

    Ha ha, it went undetected for three years. The Windows version of that Energizer Bunny has been pulled from the market.

    Regardless of when it was created, its discovery prompted Energizer to announce March 5 that it was discontinuing the sale of the product and removing the site from which the software could be downloaded. In addition, the company is urging consumers who downloaded the Windows version of the software to uninstall it.

    It’s amazing how popular the wipe and reload becomes when Microsoft needs to sell a new version of Windows. Thanks for all the nice links.

  2. Needs Sunlight said,

    March 9, 2010 at 5:53 am

    Gravatar

    @your_friend : it did not go undetected for three years, Microsoft did not publicly acknowledge it for three years, or more. There is a lot of difference there.

    Wipe and reload becomes popular when Microsoft needs to sell new versions of Windows or when third party packages, of any kind, become too popular. Wipe and reload ensures that the 3rd party packages are knocked down at least a couple points in marketshare. It is to Microsoft’s advantage that they are so many decades behind Linux, OS X or even Solaris in regards to package management.

  3. uberVU - social comments said,

    March 11, 2010 at 5:51 pm

    Social comments and analytics for this post…

    This post was mentioned on Identica by schestowitz: #Apache Shows Why #GNU #Linux is Safer Than #Microsoft #Windows http://boycottnovell.com/2010/03/08/battery-chargers-and-malware/

What Else is New


  1. Links 31/7/2014: Zorin OS Educational 9, Android Nearing 90% Share

    Links for the day



  2. Microsoft-Linked Codenomicon and Bluebox in the Business of Smearing FOSS/Linux/Android

    odenomicon and Bluebox, two companies with strong Microsoft links, fill the media with negative articles about Android



  3. Is Microsoft Being Raided Not Just for Anti-Competitive Reasons but for Bribes and Back Doors?

    News about raids in Microsoft China mostly lacking when it comes to background, context, and information about Microsoft's crimes in China



  4. Former Microsoft Engineer Working on Windows BitLocker Confirms Government Asks Microsoft for Back Doors

    Recalling the times when even Microsoft staff spoke about secret government collaborations and back doors



  5. Ruling Against 'Abstract' Software Patents is Already Derailing Patent Attacks on Linux and Free Software

    Patent litigation against Android/Linux impeded by the introduction of arguments that cite the Supreme Court



  6. Links 30/7/2014: Chris Beard as CEO of Mozilla

    Links for the day



  7. New Optimism in the Age of Doubt Over Software Patents

    As the tide turns against software patents, even in their country of origin, their opponents come out of the woodwork to celebrate



  8. Links 28/7/2014: New Linux RC, Plasma 5 Live in Kubuntu

    Links for the day



  9. Links 27/7/2014: KDE 4.14 Beta 3, KDE 4.14 Beta 3 Released

    Links for the day



  10. Apple and Microsoft Are Proprietary Software Companies and the Media Should Stop Openwashing Them

    New examples where proprietary software giants are characterised as FOSS-embracing and FOSS-friendly by gullible or dishonest 'journalists'



  11. Bloomberg's Microsoft Propaganda

    Bloomberg delivers 'damage control' and PR ahead of the layoffs announcement; Microsoft uses Nokia to hide it and Bloomberg helps Microsoft by radically modifying headlines



  12. Frequency of Browser Back Doors in Microsoft Windows is Doubling

    The vulnerabilities which Microsoft tells the NSA about (before these are patched) are significantly growing in terms of their numbers



  13. FUD Entities Entering the FOSS World

    Symantec enters the AllSeen Alliance and Sonatype is once again trying to claim great insecurity in FOSS due to software licensing



  14. Groklaw Back in the Wake of ODF in the UK?

    Renewed activity in FOSS-leaning legal site Groklaw amid numerous victories for FOSS



  15. Links 26/7/2014: New Wine, Chromebooks Strong Sales

    Links for the day



  16. Links 25/7/2014: GOG With GNU/Linux, Ubuntu 14.04.1 LTS

    Links for the day



  17. Links 24/7/2014: Oracle Linux 7; Fedora Delays

    Links for the day



  18. Valerie Strauss Explains Why Gates Foundation's Lobbying for 'Common Core' (Privatisation) is a Swindle That Makes Microsoft Richer

    Continued criticism of the Gates Foundation's lobbying and masquerading, with more journalists brave enough to highlight the corruption



  19. USPTO Officially Sets New Guidelines to Limit Scope of Software Patents in the United States

    Even patent lawyers finally acknowledge that the incentive to file software patent applications has been reduced, as the scope of patents on software has been noticeably narrowed and they are harder to acquire, let alone enforce in a courtroom



  20. UK Government Adopts OpenDocument Format (ODF) and Microsoft Already Attacks the Government Over It, Showing Absolutely No Commitment to Open Standards

    Only "Microsoft as the standard" is the 'standard' Microsoft is willing to accept, as its response to the Cabinet Office's judgment reveals



  21. Microsoft Layoffs of 2014

    Another quick look at Microsoft's horrible state of affairs and why it has virtually nothing to do with Nokia



  22. Links 22/7/2014: Linux 3.16 RC 6, New UberStudent

    Links for the day



  23. Links 20/7/2014: Jolla in India, Mega Censored in Italy

    Links for the day



  24. Longtime Mono Booster Joins Microsoft-linked Xamarin

    Jo Shields almost joins Microsoft, settling instead for its proxy, Xamarin



  25. Linux Foundation Welcomes Patent Aggressor Red Bend Software

    The Linux Foundation's AllSeen Alliance welcomes as a member a company that uses software patents to sue Free/Open Source software



  26. Matt Levy From Patent Progress (and CCIA) Does Not Really Want Patent Progress

    Matthew ('Matt') Levy moved into a foe of patent progress last year, but he still runs a site calls Patent Progress, in which he diverts all attention to patent trolls (as large corporations such as Microsoft like to do)



  27. Attacking FOSS by Ignoring/Overlooking Issues With Proprietary Software

    The biasing strategy which continues to be used to demonise Free/Open Source software (FOSS) along with some new examples



  28. Links 19/7/2014: CRUX 3.1 is Out, CyanogenMod Competes With Google Now

    Links for the day



  29. Microsoft's Massive Layoffs Go Far Beyond Nokia; Nokia's Android Phones Axed by Microsoft's Elop

    Microsoft's rapid demise and permanent exit from Nokia's last remaining Linux platform (after Microsoft had killed two more)



  30. Patents on Software Already Being Invalidated in Courts Owing to SCOTUS Ruling on 'Abstract' Patents

    The Federal Circuit Appeals Court has just "invalidated a software patent for being overly abstract," says a patents expert


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts