Summary: IDG report about mass defacements of Windows sites in Australia and other security problems that are new
HAVING just taken a glance at the past week’s news from IDG*, we found:
The ANZAC Day attacks were conducted by a single hacker, or hacking group, and affected Windows 2003 operating systems.
Microsoft is scrambling to fix a bug in its SharePoint 2007 groupware after a Swiss firm abruptly released code that could be used in an attack.
The proof-of-concept code was released Wednesday, just over two weeks after security consultancy High-Tech Bridge says it disclosed the issue to Microsoft on April 12.
A Mesquite, Texas, man is set to plead guilty to training his 22,000-PC botnet on a local ISP — just to show off its firepower to a potential customer.
Microsoft views vulnerabilities also as an opportunity. Here is the latest propaganda whose purpose is apparently to sell Vista 7 using ‘security’ as an excuse (Microsoft is hiding flaws without ever reporting them, probably in order to distort statistics). As we showed before, Vista 7 is not secure. To name some older posts on the subject:
- Vista 7 Cracked Again
- Trend Micro: Vista 7 Less Secure Than Vista
- Vista 7 Less Secure Than Predecessors? Remote BSoD Now Possible!
- Cybercrime Rises and Vista 7 is Already Open to Hijackers
- Vista 7: Broken Apart Before Arrival
- Department of Homeland Security ‘Poisoned’ by Microsoft; Vista 7 is Open to Hijackers Again
- Vista 7 Security “Cannot be Fixed. It’s a Design Problem.”
- Why Vista 7 Could be the Least Secure Operating System Ever
- Journalists Suggest Banning Windows, Maybe Suing Microsoft Over DDoS Attacks
- Vista 7 Vulnerable to Latest “Critical” Flaws
- Vista 7 Seemingly Affected by Several More “Critical” Flaws This Month
- Reason #1 to Avoid Vista 7: Insecurity
- Vista 7 Left Hijackable Again (Almost a Monthly Recurrence)
Ian Paul from IDG has just written about Vista 7′s “worst features”:
Windows 7 fixed many of Vista’s ills, but it also introduced a few of its own.
IDG also has this new article about the LoveBug worm, which is estimated to have cost $5-8 billion in damages (for one worm alone). Needless to say, Microsoft did not carry the burden of these damages.
When the LoveBug worm hit 10 years ago, it was a different time when people believed admirers were really reaching out to say “I love you”, personal firewalls were turned off by default and executable attachments weren’t blocked at e-mail gateways.
Those circumstances allowed the Love Letter worm — the first Visual Basic script worm — to infect more than 50 million computers worldwide within a week, causing estimated $5 billion to $8 billion in damages, bringing down networks by maxing out their ability to fire off e-mails and causing painstaking disinfection of affected machines.
Here we are a decade later and Microsoft never resolved those issues which it continually promises to address. █
“Our products just aren’t engineered for security.”
–Brian Valentine, Microsoft executive
* We chose IDG so as not to be accused of choosing a Microsoft-hostile source.