Eye on Security: Windows is Vulnerable, GNU/Linux is Not
- Dr. Roy Schestowitz
- 2010-06-11 21:17:22 UTC
- Modified: 2010-06-11 21:17:22 UTC
Summary: Today's examples of security weaknesses in Windows (which help justify Google's recent abandonment of Windows on the desktop)
●
Microsoft Security Vulnerability Disclosed (no
silent patches yet?)
Microsoft was left racing to patch a Windows Help and Support Center vulnerability after Tavis Ormandy, an information security researcher who's charged with keeping Google's products secure, Thursday publicly disclosed both the bug as well as proof-of-concept attack code.
Ormandy reportedly informed Microsoft of the vulnerability on Saturday, June 5, and Microsoft acknowledged receipt the same day. Five days later, however, Ormandy went public with a posting to the Full Disclosure mailing list. Later that day, Microsoft issued its own vulnerability announcement.
●
Bug gives attackers complete control of Windows PCs [
via]
A security researcher has warned of a vulnerability in older versions of the Windows operating system that allows attackers to take full control of a PC by luring its user to a booby-trapped website.
The flaw resides in the Windows Help and Support Center, a feature that provides users with online technical support. Malicious hackers can exploit the weakness of Windows by embedding commands in web addresses that activate the feature's remote assistance tool, which allows administrators to execute commands over the internet. The exploit works in XP and Server 2003 versions of Windows and possibly others.
●
Malware Squared
Use browsers and operating systems that are more secure. Get away from the monopoly OS that is the main target of attacks. Cut down your risk by a factor of 1000 or so by a single step, migrating to GNU/Linux. It makes sense.
Recent Techrights' Posts
- Michael “Monty” Widenius: It Started in 1983 With Richard Stallman (RMS)
- The other co-founder of MySQL is a bit notorious for confronting RMS rather viciously
- For the Second Time in a Few Weeks Microsoft Lunduke Makes False Accusations Against Senior Red Hat Staff to Incite a Despicable 'Troll Army'
- Nothing that Microsoft Lunduke claims of says can be trusted
-
- Links 03/10/2025: Lawyers Caught Using LLM Slop Explain Why They Did It, LibreSSL 4.1.1 and 4.0.1 Released
- Links for the day
- FSF Board Grew 50% Since Last Year, Has New President, Turns 40 in Two Days
- It's a good move for the FSF and - by extension - for software freedom
- Links 03/10/2025: Conflicts, Death of TypePad, and TikTok/CheeTok Gives a Boost to Far Right Groups in Europe
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, October 02, 2025
- IRC logs for Thursday, October 02, 2025
- Slopwatch: Linux Journal, Google News, and LinuxSecurity
- They carry on polluting the Web with fake articles
- Gemini Links 02/10/2025: Kubernetes With FreeBSD and robots.txt
- Links for the day
- Links 02/10/2025: 'Open' 'AI' Resorting to Gimmicks and Fake Funding, Europe’s ‘Drone Wall’ Discussed
- Links for the day
- Links 02/10/2025: Brave Passes 100M Users Milestone, Kodak Selling Its Own Film Again
- Links for the day
- su lisa && rm -rf /home/ibm/power
- Novell was ruined by another person from IBM, Ronald Hovsepian
- A Record Demand at Microsoft: Demand to Cancel
- What we're witnessing is a very ungraceful destruction of XBox
- Microsoft is Losing Europe
- Hence all the "support" and "discount" offers that are limited to Europe
- The Free Software Foundation Starts Fund-raising for 40th Anniversary
- New pop-up 2-3 days ahead of the 40th anniversary event
- Systemd Breaks Networking in Debian and Microsoft Staff Rushes to Make Face-Saving Excuses in LWN
- Microsoft's bluca is already there in the comments, his Microsoft money pays for LWN to let him leave comments early
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, October 01, 2025
- IRC logs for Wednesday, October 01, 2025
- What the End of XBox Will Look Like: a Fiery Crash
- XBox is the next Skype. It won't last much longer. Expect many more layoffs.
- Richard Stallman is Going to Finland to Give a Talk Next Thursday
- A day later he speaks in Sweden
- Gemini Links 02/10/2025: SMTP Pipelining and End of ROOPHLOCH 2025
- Links for the day
- Slopwatch: Plagiarism, Fake Articles, and FUD About Linux
- not a day goes by without Google News feeding FUD from slopfarms
- Gemini Links 01/10/2025: Chat Control and End of Life
- Links for the day
- Links 01/10/2025: Long Covid Risk Reiterated, "Bitcoin Queen" Caught
- Links for the day
- Links 01/10/2025: EA $55 Billion Deal is Debt and Slop "Raises Vishing Risks"
- Links for the day
- Bluewashing at Red Hat Means Redundancies
- The man who sold Red Hat to IBM meanwhile became a Microsoft Mono booster
- After Killing OpenSource.com, IBM ('Red Hat') and OSI Told Us OpenSource.net Would Replace It (But That Didn't Happen)
- Now it's time to move on, perhaps tarnishing the "Open Source" label some more (for whatever sponsor wants this)
- Linux is Not a Community Project, It's a Wall Street Product
- The core goal should be freedom
- Bad Actors Abusing the Free Software Community, Vandalising It Using Rogue Politics and Old Tactics
- Oil giants have long attempted to do this; now, the digital equivalent of Big Oil does this in technology
- Social Control Media Isn't the Future, The Federation or Fediverse Isn't Growing, People's Accounts Vanish for Good
- users' accounts will get deleted, not just become inactive
- IBM is Failing, This Helps Show Wall Street is Entirely Detached From Actual Commercial Performance
- IBM is unable to grow, it's just constantly shrinking
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, September 30, 2025
- IRC logs for Tuesday, September 30, 2025
- Clerical Aspects of Publishing and Development
- In Free software, the management aspects are considerably reduced
- Slopwatch: Fake Articles and Google News Promoting "Linux" Spam or Bot-Generated Fear, Uncertainty, Doubt (FUD)
- These slopfarms help misplace blame
- Third Wave of Microsoft Layoffs in September, This Time Many in Liverpool Affected
- Be ready for more waves of layoffs ahead of the so-called "results" in late October