EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

05.05.10

Eye on Security: Windows 2003 Web Sites Defaced, SharePoint 2007 Suffers Zero-Day Vulnerability

Posted in Australia, Finance, Microsoft, Security, Vista, Vista 7, Windows at 2:22 pm by Dr. Roy Schestowitz

Secure OS

Summary: IDG report about mass defacements of Windows sites in Australia and other security problems that are new

HAVING just taken a glance at the past week’s news from IDG*, we found:

i. Australian Cereal Hacker on Defacement Rampage

The ANZAC Day attacks were conducted by a single hacker, or hacking group, and affected Windows 2003 operating systems.

ii. Microsoft Investigates SharePoint 2007 Zero Day

Microsoft is scrambling to fix a bug in its SharePoint 2007 groupware after a Swiss firm abruptly released code that could be used in an attack.

The proof-of-concept code was released Wednesday, just over two weeks after security consultancy High-Tech Bridge says it disclosed the issue to Microsoft on April 12.

iii. Texas Man to Plead Guilty to Building Botnet-for-hire

A Mesquite, Texas, man is set to plead guilty to training his 22,000-PC botnet on a local ISP — just to show off its firepower to a potential customer.

The third article ought to call out Windows, which is responsible for hundreds of millions of zombie PCs

Microsoft views vulnerabilities also as an opportunity. Here is the latest propaganda whose purpose is apparently to sell Vista 7 using ‘security’ as an excuse (Microsoft is hiding flaws without ever reporting them, probably in order to distort statistics). As we showed before, Vista 7 is not secure. To name some older posts on the subject:

Ian Paul from IDG has just written about Vista 7′s “worst features”:

Windows 7 fixed many of Vista’s ills, but it also introduced a few of its own.

IDG also has this new article about the LoveBug worm, which is estimated to have cost $5-8 billion in damages (for one worm alone). Needless to say, Microsoft did not carry the burden of these damages.

When the LoveBug worm hit 10 years ago, it was a different time when people believed admirers were really reaching out to say “I love you”, personal firewalls were turned off by default and executable attachments weren’t blocked at e-mail gateways.

Those circumstances allowed the Love Letter worm — the first Visual Basic script worm — to infect more than 50 million computers worldwide within a week, causing estimated $5 billion to $8 billion in damages, bringing down networks by maxing out their ability to fire off e-mails and causing painstaking disinfection of affected machines.

Here we are a decade later and Microsoft never resolved those issues which it continually promises to address.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

___
* We chose IDG so as not to be accused of choosing a Microsoft-hostile source.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 12/7/2014: CrossOver, New Wine

    Links for the day



  2. Links 10/7/2014: LXLE 14.04 in Headlines, Plasma 5

    Links for the day



  3. OpenDocument Format (ODF) Still Alive and Kicking

    Caligra, WebODF and various influential nations' departure from Microsoft Office will help famous projects such as OpenOffice.org and LibreOffice make ODF the only international standard for editable documents exchange



  4. The Effect of Corporate Media Bias: FOSS Demonisation and Microsoft Openwashing

    A set of very recent examples where the corporate press produces FOSS-hostile articles (or pro-Microsoft articles) by citing biased sources of convenience



  5. The NSA's Top (and First) PRISM Partner, Microsoft, Lies to Governments and Businesses as Office Gets Banned in China

    Developments in China reveal that security and privacy threats posed by reliance on Microsoft are so great that a ban becomes inevitable and continues to expand (Microsoft put on more and more block lists and blacklists)



  6. Microsoft's Propaganda Machine Tries to Shift Security Debate Amid Serious Catastrophes

    Observations and analysis of some recent deception in corporate news sites (like Condé Nasty), trying to pretend that Microsoft is secure, that Microsoft is pursuing security, and that FOSS and Android security or privacy are inherently poor



  7. Despite SCOTUS Ruling, Microsoft Still Extorts Companies and Product Buyers Using FAT Software Patents, Latest Victim is Canon

    Canon and Microsoft sign a patent deal which relates to patents on FAT file systems and impacts some of Canon's products, potentially Linux products as well (Canon makes drivers for Linux but does not develop products with Android or GNU/Linux just yet)



  8. Links 7/7/2014: CentOS 7 Released, Linux 3.16 RC4

    Links for the day



  9. Links 6/7/2014: Deepin 2014, Calligra 2.8.5

    Links for the day



  10. Bill Gates Pushed Out of States by Better Informed Teachers

    Bill Gates’ private (for-profit) coup against public education is being impeded by people whom it negatively affects



  11. Microsoft Struggling to Make Sales and More Future Products Axed

    The software bully which manipulates its financial reports is said to be unable to sell the latest Windows and a new Microsoft product running this version of Windows is axed before arrival



  12. Internet of Things Alliance Now Has a Mole, Microsoft

    The Internet of Things Alliance has just let the mole, Microsoft, dip its finger in the competition, as it so often does in order to derail the competition



  13. Links 6/7/2014: Korea's Domestic GNU/Linux Plans

    Links for the day



  14. Microsoft Sabotaging No-IP Rather Than Admitting Its Own Failures, Time for Class Action Seems Right as List of Affected Domains Collected

    Microsoft control over the Internet (control that should never have been granted) is used to shut down millions of legitimate services



  15. Bill Gates Deeply Corrupt Not Just in Education Sector

    Bursting the bubble or shattering the illusion that Gates is merely a misguided well-meaning person when it comes to education 'reform'



  16. Publicly-funded NHS Would Enjoy Symbiotic Relationship With Free -- as in Freedom -- Software

    Some of the latest attacks on FOSS and how these relate to the uprise of the affluent (seeking to privatise everything which is public and profit by domination over the state)



  17. Links 4/7/2014: E19 Alpha 2, KDevelop 4.7.0 Beta

    Links for the day



  18. US System Manipulated to Financially Punish Free Software

    The Yorba Foundation is denied tax exemptions while the world's biggest thief, who increases his wealth by lobbying and investing under the guise of 'charity', receives tax exemptions



  19. 'Hope' and 'Change' in Reverse: USPTO Gets Even More Extremist With New White House Appointment

    Philip Johnson, a "patent extremist", becomes the new head of the monopolies office, showing that nothing is going to improve any time soon



  20. Symptoms of Injustice: Biggest Software Patents Proponent, CAFC, Superseding Supreme Court Decisions on Patents

    A patent case in the United States gets sent from SCOTUS to CACF, showing a rather odd hierarchy of justice (top-to-bottom, back to notorious patent boosters)



  21. Links 2/7/2014: GNU/Linux up in Steam, New GCHQ Lawuit

    Links for the day



  22. Links 1/7/2014: CoreOS and Blackphone in Headlines

    Links for the day



  23. Links 30/6/2014: Linux 3.16 RC3, Many New Android Devices

    Links for the day



  24. The Internet's Own Boy: The Story of Aaron Swartz

    A film that has just been released and is a free (CC-licensed) download on Internet Archive



  25. Arguments Persist Over Whether Software Patents Died in the US Whilst European Patent Law is Quietly Assimilated to US

    Continued discussion about the meaning of the US Supreme Court (SCOTUS) ruling and what it means to programmers all around the world, not just patent lawyers who seek to monopolise and tax software development



  26. Good Nokia (Jolla) and Bad Nokia (Microsoft); or Good Derivatives and Bad Derivatives of Android Hardware

    A reminder of what Nokia has really become (a part of Microsoft) and where people should go if they pursue what Nokia would have been without the mole (Elop)



  27. Microsoft and the BSA Play Hardball, Accelerating a Much-Motivated Move to Free/Libre Software

    The alliance of proprietary software giants and software patents proponents (BSA) is seen bolstering Microsoft's war of aggression against its own 'clients'



  28. Microsoft E-mail Infrastructure a Sure Way to Lose Access to E-mail, Lose Messages, and Get Abused

    How the increased reliance of proprietary software for E-mails breeds abuse at the higher levels while hurting those who are vulnerable



  29. 'Open' Nastiness: Openwashing of OOXML in Order to Make Microsoft the Standard and Bury ODF

    Another step in the long struggle to cast proprietary as 'open', especially when it comes to Microsoft's last remaining cash cow and Facebook's core business of mass surveillance



  30. Links 28/6/2014: New Wine, Steam Update

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts