Eye on Security: Windows is Vulnerable, GNU/Linux is Not
- Dr. Roy Schestowitz
- 2010-06-11 21:17:22 UTC
- Modified: 2010-06-11 21:17:22 UTC
Summary: Today's examples of security weaknesses in Windows (which help justify Google's recent abandonment of Windows on the desktop)
●
Microsoft Security Vulnerability Disclosed (no
silent patches yet?)
Microsoft was left racing to patch a Windows Help and Support Center vulnerability after Tavis Ormandy, an information security researcher who's charged with keeping Google's products secure, Thursday publicly disclosed both the bug as well as proof-of-concept attack code.
Ormandy reportedly informed Microsoft of the vulnerability on Saturday, June 5, and Microsoft acknowledged receipt the same day. Five days later, however, Ormandy went public with a posting to the Full Disclosure mailing list. Later that day, Microsoft issued its own vulnerability announcement.
●
Bug gives attackers complete control of Windows PCs [
via]
A security researcher has warned of a vulnerability in older versions of the Windows operating system that allows attackers to take full control of a PC by luring its user to a booby-trapped website.
The flaw resides in the Windows Help and Support Center, a feature that provides users with online technical support. Malicious hackers can exploit the weakness of Windows by embedding commands in web addresses that activate the feature's remote assistance tool, which allows administrators to execute commands over the internet. The exploit works in XP and Server 2003 versions of Windows and possibly others.
●
Malware Squared
Use browsers and operating systems that are more secure. Get away from the monopoly OS that is the main target of attacks. Cut down your risk by a factor of 1000 or so by a single step, migrating to GNU/Linux. It makes sense.
Recent Techrights' Posts
- New XBox Leaks Probably Serve to Confirm XBox's Collapse (Many More Layoffs)
- It's very much consistent with what many other sites have reported lately
-
- Noteworthy Claim That IBM is Firing a Lot of Lawyers This Week (RAs in the Legal Department)
- A lot of what they do is patent 'trolling' or lawyering up against their own staff (e.g. HR disputes)
- Links 10/10/2025: US Judge Bars Attacks by ICE On Journalists and Protesters; “We Took The Freedom of Speech Away” Says the President
- Links for the day
- Slopwatch: Serial Sloppers, Google News Gifting Slopfarms, and Fake News/Plagiarism About "Linux"
- Google itself is a slop pusher these days
- Qualcomm, the New Owner of Arduino, Blasted for Its Software Patents Tax on 'Smartphones'
- A lot of Qualcomm's patents are on software. We wrote about this in prior years.
- XBox Layoffs Rumours, Downtime, and Criticism From XBox Co-Founder
- "everyone is ditching the xbox."
- Links 10/10/2025: Honoring The Legacy Of Robert Murray-Smith, Many Articles on the Hey Hi (AI) Bubble
- Links for the day
- Gemini Links 09/10/2025: October Gothic and Reading Middle Earth Role Playing; C and Ada
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, October 09, 2025
- IRC logs for Thursday, October 09, 2025
- Links 09/10/2025: Farewell to Jane Goodall, California Bans Algorithmic Price-Fixing
- Links for the day
- Gemini Links 09/10/2025: Lost Wages and a Saga Of Continuing To Use Palm PDAs
- Links for the day
- Richard Stallman's Talk in Helsinki is Done. Tomorrow Göteborg.
- There are scarce details in Finnish about Dr. Stallman's talk
- The Slop Song
- The train wreck marches on
- LLM Slop/Advanced Plagiarism Flooding the Zone With Capital That Does Not Exist
- Many publishers out there still participate in this bubble instead of calling it what it is
- Links 09/10/2025: Sacked Microsoft Workers Make "Sackbird", IBM Taps CockroachDB for PostgreSQL
- Links for the day
- "Happy Hacking Day" Richard Stallman Talk This Afternoon (From 14:00 to 16:00) at Haaga-Helia University in Pasila
- Richard Stallman in Helsinki, Finland
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, October 08, 2025
- IRC logs for Wednesday, October 08, 2025
- Links 09/10/2025: Impact of Microsoft Layoffs, More Data Breaches
- Links for the day
- Gemini Links 09/10/2025: Autumn Blues and C IRC Bot
- Links for the day
- Slopwatch Appreciated by Real Authors of GNU/Linux Articles
- We do try to keep on top of those things
- Upgraded R.R.R.R.R.R. Today
- The Web of 2025 is full of garbage, not limited to slopfarms
- Freedom From Proprietary Prisons
- Forking always an option
- IBM's Watson Died in 1956, Now Watson Dies Again
- IBM is becoming just a reseller of GAFAM and other stuff
- Slopwatch: LinuxSecurity, UbuntuPIT, and Google News
- We've also just noticed more slop from UbuntuPIT
- Microsoft Says That Constant Mass Layoffs Are Success, the Media Isn't Buying This Microsoft Narrative Anymore
- If people in the media feel an obligation to repeat whatever lies Microsoft tells, what point will there be to the media?
- Links 08/10/2025: "Mali Puts Free Speech on Trial" And Apple Enforces Dictatorship
- Links for the day
- Links 08/10/2025: ‘Death to Spotify’ and Law to Ban Loud Commercials on Streaming (Dis)Services
- Links for the day
- Links 08/10/2025: Real Innovation and Nina.chat is Dead
- Links for the day
- Links 08/10/2025: Y2K38 Bug is a Vulnerability, Chat Control in Europe a Threat
- Links for the day
- Microsoft Windows is No Longer an Operating System, It's Surveillance Project
- Why is this even legal to preload on PCs outside the US?
- How and Why Once-Legitimate Sites Turn Into Slopfarms
- Many sites will go offline and many social control networks will shut down once they realise or even openly admit they spend money and time gardening a bunch of bots and slop
- UbuntuPIT Became a Slopfarm and Gnoppix Tarnishes Its Own Brand With Slop
- It fits all the characteristics of mildly-edited (if at all) slop
- Slopwatch: Linux Journal and Other Slopfarms
- GAFAM needs to go the way of the dodo
- Gemini Links 08/10/2025: "Seek Seek Revolution" and Gradient Backgrounds
- Links for the day
- Qualcomm Arduino Takes Aim at Raspberry Pi
- Qualcomm is a Microsoft partner
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, October 07, 2025
- IRC logs for Tuesday, October 07, 2025
- Stagnation of the Economy and What Free Software Can (or Could) Do For It
- If your economic model is based on a pyramid of lies, it won't last very long
- Social Control Media is Sinking
- it would rightly seem like the era of centralised "social" sites (they're not social, they're about controlling the users) is ending, not overnight but gradually