EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

04.01.10

Eye on Security: Windows Malware, Emergency Patches, and BeyondTrust’s CEO from Microsoft

Posted in Antitrust, GNU/Linux, IBM, Microsoft, Security, Vista 7, Windows at 8:54 am by Dr. Roy Schestowitz

Summary: Security holes — some of which highly critical — continue to be found in Microsoft software; Justification of skepticism when it comes to new ‘research’ from former Microsoft staff, based on Microsoft-supplied data

OVER the past few days we have gathered more evidence to show that security problems only affect/target Windows and that those who flatter Windows for security are often tied to Microsoft (Window Snyder is just one example).

Windows-only Threats

Download Squad has this new post which compares Norton’s Security Scan to malware (it sure takes up a lot of resources). Those who think it’s bizarre should check out this minor piece of FUD and the rebuttal from The Source.

Right, so the Murphy’s Law headline is “Stop Supporting Open-Source Bloat“, where the author goes on to decry shady tactics of several programs, like:

* Revo Uninstaller
* Digsby
* ImgBurn

…NONE OF WHICH ARE OPEN SOURCE

Ignorance or deliberate deception? Either way, it looks bad for Maximum PC. Windows problems are now being described as “Open-Source” for no apparent reason.

TechDirt shows how copyright scare is being used to install malware/back-doors on people’s Windows machines. This relies on the infamous click-to-execute mentality that’s so prevalent in the Windows world. Actually, Microsoft software also tends to execute arbitrary code when one just visits a Web page (Active X is notorious for this reason).

Microsoft Emergency

The security flaws are so serious that Microsoft has just released an “emergency” patch for no less than 10 holes in Internet Explorer (which Microsoft neglected to patch for many months, leading to otherwise-preventable chaos [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12]).

From The Inquirer:

SOFTWARE INSECURITY SISYPHUS Microsoft has released an out-of-cycle patch for users lazy or ignorant enough to still be using an old version of Internet Explorer.

It’s generally rare that threats are deemed serious enough for Microsoft to not wait until its next Patch Tuesday, which would be April 13th now, but a vulnerability hit Internet Explorer 6 and 7 that left them open to potential remote code execution.

More at CNET:

Microsoft issued an emergency security update on Tuesday to plug 10 holes in Internet Explorer, including a critical vulnerability that has been exploited in attacks in the wild.

The cumulative update, which Microsoft announced on Monday, resolves nine privately reported flaws and one that was publicly disclosed. The most severe vulnerabilities could lead to remote code execution and a complete takeover of the computer if a user were to view a malicious Web site using IE, Microsoft said in the bulletin summary.

Internet Explorer 8 is also affected.

BeyondTrust is Hard to Trust

BeyondTrust logo

Judging by previous incidents, past Microsoft employees who become 'researchers' typically produce output that's biased in Microsoft's favour. That’s why we decided to take a careful look at BeyondTrust. Their web site is all Microsoft stack-based (showing the lower probability that they understand security) and their CEO “spent seven years at Microsoft Corporation in a variety of executive sales and marketing positions,” according to the company’s own pages. “Sales and marketing,” eh? Now, we have already covered security problems Vista 7 suffers from, in a wide range of posts including:

“Statistics must not depend on Microsoft’s own data and presented in a favourable way by design.”This brings us back to BeyondTrust (wow, what a name!). Their latest promotion of Windows for security is quoted a lot by Microsoft boosters like Emil this week. They are measuring the wrong thing by wrongly assuming that Microsoft tells the truth about its patches. Microsoft is patching its software secretly a lot of the time. We saw that many times before and thus we urge people to be skeptical. Statistics must not depend on Microsoft’s own data and presented in a favourable way by design. Remember that there are “lies, damned lies, and statistics,” according to Benjamin Disraeli and others. There may also be reason for bias here.

Speaking of potential connections to Microsoft, an anonymous reader told us to “beware that TurboHercules might be financed by Microsoft”. This reader has not produced evidence to show what led to such suspicions (it may give away the identity), but as we recently showed, TurboHercules did join a Microsoft front. It aligned itself with Microsoft and companies/campaigns that are partly owned by Microsoft.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. IBMFanboyMSHater said,

    April 1, 2010 at 11:18 am

    Gravatar

    I really liked the Hercules Software. Alas!

What Else is New

  1. White House Should Identify USPTO as the Problem, Not Patent Trolls

    Continued analysis, accompanied by new stories, of the patent situation and what is needed to address the increasingly recognised harms of patents

  2. British and German Governments Under Siege by Lobbyists of Microsoft and Its Local Partners, Free Software Policy Dumped in Favour of Backdoors-Enabled Binaries

    Following lobbying and perhaps intimidation or bribery, Microsoft binaries with privileged access to them (ripe for cracking by the malpractising NSA/CIA) are being put ahead of Free/libre software, despite the latter being recently mandated

  3. Links 18/6/2013: Ubuntu Linux for Phones Attracts Carriers, Nokia Might be Saved by China/Android

    Links for the day

  4. Judge Jackson Dies While Microsoft Continues to Abuse the System, This Time Using Nokia as a Front

    The abusive behaviour of Microsoft continues unabated long after Judge Jackson warned about the sociopathic management and its dangers

  5. Microsoft Dirty Tricks to Promote Xbox One Vapourware

    The hallmarks of Microsoft -- AstroTurfing, vapourware, developers disdain and interference with journalism -- found sparingly in the gaming consoles scene

  6. Microsoft is Not Done With SCO Yet

    The SCO v. IBM case is reopened, despite a glaring lack of funds, resuming the FUD against Linux

  7. Boycott Best Buy

    The company with history of hostility towards GNU/Linux is now becoming part of Microsoft

  8. Links 17/6/2013: Android's Extended Lead Over iOS, Sony Smartwatch Gets FOSS

    Links for the day

  9. IRC Proceedings: June 9th, 2013-June 15th, 2013

    IRC logs for June 9th, 2013 (and subsequent days until June 15th, 2013)

  10. Upgrading/Updating Techrights

    Server maintenance complete, making pageloads faster and the Web site more robust, hence resilient against attacks

  11. Links 15/6/2013: IBM and KVM, KDE 4.11 Beta

    Links for the day

  12. Confirmed: Microsoft Tells the NSA About Back Doors in Windows

    Official confirmation that the NSA is being notified about ways of hijacking Windows before Microsoft releases fixes

  13. Still Missing the Point of Patent Scope (Patents on Mathematics and Nature) as the Problem in the United States

    Examples of some new reports that deal with the suggested patent reform in the US and why it is misguided

  14. Germany Should Follow the 'Munich Model' and Move to Free Software After PRISM Revelations

    Despite the success story of Munich and the increasing distrust surrounding proprietary software, bureaucrats in Berlin refuse to abandon Microsoft just yet

  15. Bill Gates Looking for Profit in Privatised Oppression in the United Kingdom and Elsewhere

    Famous criminal Bill Gates pays the privatised police forces in the UK to get more profit while keeping popular movements dampened

  16. Links 14/6/2013: Linux Innovation Debated, Video of Megaupload Raid

    Links for the day

  17. As the Battle to Legitimise Software Patents in New Zealand and Europe Carries on, New Systemic Corruption Found

    A roundup of stories from battlegrounds for software patents "as such"

  18. Microsoft Talking Points Planted by Microsoft Staff in the Geek Press

    Microsoft is playing with editorial staff of Slashdot, marketing itself as a FOSS company

  19. A Big Blow to Patents on Software and Genetics in the United States, But Hardly the End

    Little progress made with policy moving in the right direction, but by no means the right and absolute solution to USPTO incompetence

  20. Microsoft Supports Apple in Fight Against Linux/Android, Pushing FRAND

    Microsoft publicly steps forward as part of Apple's war on Linux/Android, making the anti-FOSS alliance more visible than before

  21. Rape Jokes Are Not Going to Save Microsoft

    Microsoft's attempts at being "cool" are not working out and the Vista series is falling to obscurity levels

  22. Glenn Greenwald Should Copy Snowden's Leak for Wikileaks to Publish in Full in Order to Counter Denials of Microsoft et al. (Updated)

    There should be more to come from the whole PRISM/NSA-gate, but the ball is in the court of one activist/lawyer/blogger, Glenn Greenwald

  23. Links 13/6/2013: CyanogenMod Gets Incognito Mode

    Links for the day

  24. Links 12/6/2013: Linux 3.11 Previews, KDE Working in Wayland

    Links for the day

  25. CNN: Where Agenda and Lobbying Trump Facts and Justice

    Corporate propaganda channel is being used by a Microsoft lobbyist to demonise Android -- not companies that attack Android -- by essentially twisting reality

  26. Obama Administration Misuses the 'T Word' (Troll) to Dodge Serious Issues

    Failing to see how patents themselves actually distort the market for everyone (not just some large corporations), Obama wants to wash his hands with legislation that will resolve nothing and legitimise the notoriously unsupervised patent regime

  27. Links 11/6/2013: More on PRISM and Snowden, Linux Mint Increasingly Praised

    Links for the day

  28. PRISM Lite: Bill Gates and Rupert Murdoch Collecting Information About Everybody's Children

    A surveillance scheme for juniors and how it is being used to program the young generation to support patent monopolies of Bill Gates, such as GMO

  29. White House Should Go After the Trolls' Ringleaders, Not Just Patent Trolls

    Why the stance of the White House is misguided and short-sighted in an age when trolls are like mercenaries for players in conspiracies and pyramid schemes of patents

  30. Novell's Acquirer Says the Brand Was Tarnished

    Attachmate's CEO acknowledges that Novell lost much of its lustre when it was acquired

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts