EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

03.16.10

Kaspersky Slams Windows for Insecurity, Microsoft Delivers Bad Patches and Leaves Windows Exposed

Posted in Microsoft, Security, Windows at 3:41 am by Dr. Roy Schestowitz

Eugene Kaspersky

Summary: Security guru Eugene Kaspersky has harsh words for Microsoft, which still fails to secure its platform and even patch software without breaking it

IT HAS been another tough week for Windows, which simply cannot be secured, not even with ‘snake oil’ software that’s called “anti-virus” (unless the placebo effect counts).

A few months ago we wrote about Microsoft being allowed into Ford cars. There are already security concerns about that at Ford. They worry about Windows/WiFi in the car getting hijacked.

“Sadly, we live in a world where Microsoft pressures journalists to misreport incidents.”We wish to discuss for a moment an interesting phenomenon. When a car breaks down (let us say a Toyota), the news will say a Toyota car is having issues, it won’t say that cars in general have issues. That’s because the market is full of choices. Yes, choices, diversity, not “fragmentation” as Microsoft would probably put it. If “Windows” is embedded in PCs, then Windows can become interchangeable and synonymous with “computing”. Then, people would not realise what’s really wrong and that they also have better choices. Sadly, we live in a world where Microsoft pressures journalists to misreport incidents. Taken from a long discussion we’ve had by E-mails for a few days now, consider the fact that we have documented examples where journalists received mail from Microsoft’s PR agencies (e.g. W-E) to tell them off and ask them to change articles about Windows security. The Inquirer is good in that regard because without much reluctance it spilled the beans when that happened. We have given articles from them where content was being tempered by Microsoft PR agencies, whose job was to spin the vulnerabilities in Vista.

Reporters who are contacted because they describe Windows security problems as just “computer problems” often cite the “popularity” myth of Windows as the cause. It’s PR. Given the widespread use of GNU/Linux in servers and devices everywhere, people should struggle to reason about lack of cracking as related to “popularity”. Windows is not popular by the way, it’s just ubiquitous*. Moreover, Microsoft commissions and manufactures its own ‘studies’ where it hides flaws and reports bogus numbers. There are many examples to that effect.

Here is what Eugene Kaspersky said about Windows earlier this month:

Security chief Eugene Kaspersky has launched a scathing attack on Microsoft’s security record.

[...]

There are already some new examples of Microsoft’s poor patching. Last week Microsoft delivered broken/rogue security patches and later admitted the problem which had the following effect:

Microsoft confirmed today that a security update for its Excel spreadsheet had turned English text in an important Windows tool into Chinese.

The admission was the second in the past two days from Microsoft’s Office team of a gaffe involving a recent security update.

How does Microsoft break languages while fixing a security problem? One might remark that this implies poor software design.

Speaking of Office, this area is in a state of transition in an economy where people use Free software or access software in the form of a service. Don Reisinger, typically a troll/baiter who writes bizarre reversals of truths at CNET, explains some of the issues and Microsoft resorts to more AstroTurfing by offering money to those who create “viral Office 2010 videos” for YouTube.

Want a chance to win $10,000 for your small Seattle business or start-up? The Greater Seattle Chamber of Commerce and Microsoft have partnered up in a contest for making videos about Office 2010.

In case it sounds familiar, it should. Microsoft also hires people to post comments favourable to Windows in social networking sites.

Anyway, going back to the subject of insecurity, someone writes a guest post at ZDNet about “the cadence of Microsoft security patches” and ECT notes that Windows is already vulnerable again, as usual.

The expected batch of patches wasn’t the only thing Windows users got with Microsoft’s latest Patch Tuesday update. The set of fixes was accompanied by a warning about an unpatched zero-day exploit for Internet Explorer.

All that Microsoft can offer is a workaround:

Microsoft has revised their advisory for the newest IE 0Day vulnerability to note that working exploit code is now available and that they are aware of “targeted attacks attempting to use this vulnerability.” They have also created “Microsoft Fix it” links to disable and re-enable the vulnerable software components.

The Inquirer wrote:

The flaw in Internet Exploder versions 6 and 7 allows an attacker to take control of a victim’s computer.

Internet Explorer was the cause of a lot of damage earlier this year [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12]. In 4 countries, authorities recommended that citizens abandon Internet Explorer.
____
* It’s more about reminding reporters that people choose to buy a computer, they don’t choose to buy Windows. Calling Windows “popular” is like calling cockroaches “popular” because there are many of them out there. It ought to be one of those things that people should train themselves to avoid saying because Windows is not “popular”.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email
  • Slashdot

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 10/8/2020: KPhotoAlbum 5.7.0 and MX Linux RC

    Links for the day



  2. UserLibre: What I Want You to Get From This Book

    "Corporate-backed lies run the world, and the FSF used to get in the way."



  3. Even the Mainstream/Corporate Media is Trying to Study Why (or If) Bill Gates and Epstein's Sex Abuse Ring Were Closely Connected

    People in the media are eager to understand why Mr. Gates was so close to Mr. Epstein and even flew his plane (despite having several of his own)



  4. The Incredible Demise of News Sites About Patents

    Sites for (and by) patent lawyers/attorneys seem to be perishing, which means it's hard to know what's going on



  5. Understanding Users and the Three Kinds of Computers: New, Slow and Broken

    "Understanding the user is the first step towards a practical response to misconceptions."



  6. The Good and Bad of a (GNU?) BSD (not GNU/LINUX) Future

    "The software industry now occupies Free software's own territory. No longer is it Free software vs. Windows and MacOS, it's Free software vs. GIAFAM-co-opted Free software."



  7. Links 9/8/2020: Popcorn Computers Pocket PC and New Interview With Richard Stallman

    Links for the day



  8. Education and Free Software

    "If students learn how to code, they'll be able to figure out the applications."



  9. Features Considered Harmful (Revised)

    "But the benefits of Free software, free candy and new features are all meaningless, if the user isn't in control."



  10. If We Weren't Silencing Founders, Critics and People We Just Don't Like

    In the long run, history is rarely very kind to tyrants, especially the ones who did little more than lie to people and demand things that served no real purpose."



  11. I Would Have Supported the Coup (Under Very Different Circumstances)

    Richard Stallman's (rms) ordeals are showing us how not to deal with a founder; this is how power transition could be done instead, according to figosdev



  12. It Looks Like Red Hat's (IBM) Fedora Project May be 'Outsourced' to Amazon's Datacentres

    In "seeking a more modern and cost effective location" for Fedora Infrastructure it seems to have been decided, privately, that Amazon (AWS) would be the new home of this project; but there's sufficient obfuscation surrounding the matter and many people seem to be totally unaware



  13. IRC Proceedings: Saturday, August 08, 2020

    IRC logs for Saturday, August 08, 2020



  14. Fearmongering Was Originally an IBM Thing, Not a Microsoft Thing

    Microsoft made FUD famous, but it was actually IBM’s practice that made it commonplace in the first place (the term or acronym was coined before Microsoft even mattered and on the same year Microsoft was founded)



  15. [Meme] People Get Fired for Being Bought by IBM (With a Crummy Severance Package)

    IBM used to proudly provide job security and one could have a job there for decades (career ladders and worker benefits of all sorts are what some people assess this when looking for an employer, e.g. whether they can progress, get promoted, stay onboard); by today’s standards only a month’s salary is exceptionally bad, especially when one gets fired without warning, but this is what IBM did to some Red Hat employees



  16. New FSF Video Makes the Case Against Microsoft GitHub (and Similar), So Why is the FSF's Board Being Filled Up With Active GitHub Users?

    The FSF makes a good point about “important values like autonomy, sharing, social responsibility, and collaboration” — the very things that are under attack by Microsoft’s GitHub, which is all about coercion and monopolistic control over developers



  17. Techrights is Not Against Microsoft

    It may be a suitable time to explain why Microsoft is mentioned so much and why it's not a fixation but a reactionary priority



  18. The THRIVE Guidelines

    "Nobody is perfect, and it's obvious that people already hold some to a more unreasonable interpretation of their standards than others."



  19. Links 8/8/2020: Mageia 8 Hits Beta and FSF Has New Video

    Links for the day



  20. [Meme/History] OpenPOWER or Just White POWER?

    Antiwar and anti-nukes activists cannot support those causes and support IBM at the same time, as the founder’s son (father received a medal from the Nazi Party) flew “an American heavy bomber” and enjoyed a track record of nepotism, propelling him to the top both in the military and at IBM



  21. Rebuilding Communities

    "First, we should talk about how our communities have regressed."



  22. [Meme] Microsoft in 2020: Liaising With Criminals to Make Crime the New Normal

    As the TikTok situation serves to show, Microsoft is little but a criminal cult that relies on other criminals to do Microsoft's biddings



  23. The Computer Anybody Can Edit

    "Without rebuilding and recompiling all of the packages on a large distribution, it is possible to "remaster" an ISO and get a different system -- even before you install it."



  24. Former Microsoft Employee on So-called 'Journalists' Being Blackmailed by Microsoft

    Mitchel Lewis, a former Microsoft employee, remarks on Mary Jo Foley being 'punished' by Microsoft for not mindlessly publishing Microsoft propaganda (we remarked on this before as she had spoken to me about this over a decade ago)



  25. IRC Proceedings: Friday, August 07, 2020

    IRC logs for Friday, August 07, 2020



  26. For the Want of a Pixel

    "It is still possible to win, but the FSF has practically left the field."



  27. Ubuntu and Fedora Project Serving Microsoft

    The Ubuntu 'community' as well as the 'community' component of Red Hat (IBM) don't view Microsoft as a rival; over a decade ago Mark Shuttleworth accused Microsoft of "extortion" and "racketeering" (his words), but now he's paid to change his tune



  28. (Don't Let's) Throw Caution to the Wind

    "As it will become crucial to explain, the effect of all this dancing around truth and reality was to transform a volunteer force primed to bring freedom to users into cheap labour for an industry that exploits everyone in it -- all the way to the very top of Open Source itself."



  29. Links 7/8/2020: Mesa 20.2 RC, Radeon Software for Linux 20.30

    Links for the day



  30. Computing Fundamentals

    "A graphical interface is better, for some things -- sometimes. But it will also put a lot more on our plates."


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts