New Flaw in Windows Facilitates More DDOS Attacks

Dr. Roy Schestowitz

2010-07-27 22:03:18 UTC
Modified: 2010-07-27 22:03:18 UTC

Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.

No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”

It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used? ⬆

EPO Strike a Week From Now, After That Strikes Can Become Permanent: A week from tomorrow there will be another strike
Your Site Should Implement Its Own Search (Before It's Too Late): GAFAM was never trustworthy
The Media Sold Out to Slop Bros: If you wish for the hype to stop, then stop participating in it
The Only Non-IBM Staff in Fedora Council/Leadership Attacks Booting Freedom (Just Like the Master Wants): Last week IBM laid off almost 1,000 people in Confluent and the media didn't write anything about it, so don't expect anyone in what's left of the media to comment on Fedora's demise and silent layoffs at Red Hat
Just Like a Founder of XBox Said, Microsoft XBox is Collapsing, Management Continue to Jump Ship: Nowadays Microsoft tries to promote this idea that Windows is XBox and XBox is Windows
Links 22/03/2026: Slop Triggers Emergency at Meta, Energy Prices Rise Sharply: Links for the day
Links 22/03/2026: Microsoft 'Open' 'AI' in Legal Trouble (Plagiarism, Distortion, Misrepresentation); Facebook/Meta Kills Off "Horizon Worlds": Links for the day
Racism Dressed Up as "Choice": Racism is rampant at IBM
Probably an All-Time Record: Our investment in our own SSG is paying off
Gemini Links 22/03/2026: LLM Slop Attacks USENET, Announcing Pig (New Game in Gemini Protocol): Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, March 21, 2026: IRC logs for Saturday, March 21, 2026
SLAPP Censorship - Part 18 Out of 200: Third Parties Funding Attacks on the Messengers, Lawsuits Against GAFAM-Critical Voices That Uphold Real National Security: Women are like kryptonite to them
Never Trust People Who Write Their Own Wikipedia Pages (Vanity Pages About Themselves) or Ask Friends to Do So. Also: Jono Bacon is Married to Microsoft.: We'd hardly be the first to point out Wikipedia isn't what it seems
No Tolerance for Attacks on Family Members: Being a Free software activist ought not lead to "collateral damage" like attacks on family members, including doxing
Sirius Open Source is Just a Zombie Firm With Shell Entities: Many companies fake their health and their size
Communities Can Only Survive When Trust Prevails: PCLinuxOS is still a vibrant and authentic community
Techrights Was Always a Community Site: The harder we're attacked, the more people participate in the site
Maintenance Reminder: We'll carry on publishing
Behind the PR Smokescreen and Microsoft-Sponsored Chaff, Microsoft Layoffs in "AI" Alleged This Month: In an age when ~1,000 simultaneous layoffs aren't enough to receive any media coverage, what can we expect remaining publishers to tell us about Microsoft layoffs in 2026?
EPO "Cocaine Communication Manager" - Part VIII - Mobbing and Silencing of Dissenting Staff: that's the very cornerstone of functional democracies with real opposition parties
Bluewashing at Confluent: Some Workers to Leave Within 3 Months (IBM Mass Layoffs): Is the "era of AI" an era when none of the media will mention over 800 layoffs? [...] There's a lesson here about the state of the contemporary media, not just IBM and bluewashing
Microsoft OpenAI, Drowning in Debt and Forced to Make Significant Cuts (as Reports Reveal This Month), Does Hiring Disguised as "Takeovers" to Fake Value or Alleged Potential: Remember what happened to Skype last year
Reader Shares Recent Memes on Slop and 'Coding' by LLMs: "just some funny memes I thought were relevant to current coverage."
Slop Does Not Replace Art, It Contaminates Everything With Reckless Nonsense: many Computer Scientists do not want programs to get contaminated by slop
Coders Don't Just Reject 'Vibe Coding' Because They're "Luddites", They Just Know the True Cost of Slop: if some programmer says slop sucks, don't rush to assume selfishness or defence of one's occupation
When Nobody Else Covers the News: There's an obvious "media blackout" regarding the mass layoffs
Links 21/03/2026: David Botstein Dies, Slop as Censorship Apparatus: Links for the day
Links 21/03/2026: Metastablecoin Fragmentation and Crescent Moon: Links for the day
Gemini Links 21/03/2026: Historic Ada Docs; The Lurking LLM on the SmolNet: Links for the day
HSBC the Latest Failed Bank Using Slop as Excuse for Its Financial Failure: "HSBC is planning on cutting as many as 20,000 jobs in the near future as the company allies with AI revolution."
Invitation to General Assembly After 1,200 EPO Workers Participated in the Demonstration 3 Days Ago: "the strike of 19 March was also very well followed."
A/Prof Susan G Kleinmann, Enkelena Haxhija & Debian-private risk to MIT: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, March 20, 2026: IRC logs for Friday, March 20, 2026
SLAPP Censorship - Part 17 Out of 200: A Long Track Record of Online Abuse, Then Choosing a Low-Cost Law Firm to Muzzle People Who Have Illuminated This Abuse for Over a Decade: Censorship by targeting ISPs and webhosts isn't unprecedented
Plagiarism in "Linux" Clothing (LLM Slop in linuxiac.com, LinuxTeck.com, and linuxsecurity.com): The net effect of those slopfarms is very negative
Links 20/03/2026: Facebook Weaponised Politically, Openwashing by LF and NVIDIA, Encyclopedia Britannica Sues Microsoft Proxy for Plagiarism: Links for the day
The EPO's Local Staff Committee Munich (LSCMN) Explains to the Administrative Council (AC) How Bad Things Have Become at Europe's Second-Largest Institution, Biggest Patent Office, and Corruption/Cocaine Hub (Jobs Sold to Friends): We'll say a bit more tomorrow
IBM's Red Hat Diversity: Only 3 Women (Out of 11 Leaders): For comparison's sake, the FSF is about 50% female
Symptom of Publishers Dying: They Move to Adopt Slop. Symptom of Software Companies Dying: They Move to Adopt Slop ('Vibe').: It'll always fail. It's hype. It's a bubble.
Under IBM, Red Hat Replaces Code With LLM Slop, Fedora is Slopware: Not even hiding it, those things are in plain sight
Gemini Links 20/03/2026: Depictions of Culture and The Social Smolnet: Links for the day
SimilarWeb Was Never a Reliable Yardstick for Traffic: 5RB may need some "house-cleaning"
Strangulation, suffocation, Jonathan Carter & Debian toxic culture confirmed: Reprinted with permission from Daniel Pocock
Reports or Hearsay Suggest Ogilvy Broke Up With IBM and Insiders Report Mass Layoffs in "Infrastructure" (Might Impact Red Hat Entrants): hearsay in Social Control Media
Scheduled Server Maintenance Tomorrow Night: Starting 9PM
None of the Above (NotA) & Debian snubbing Sruthi Chandran: Reprinted with permission from Daniel Pocock
Links 20/03/2026: Cryptography Pioneers Win Turing Award and BMG Sues Anthropic for Copyright Infringement: Links for the day
Even Uganda Understands That Journalists Never Belong in Prison: "Ugandan authorities must respect the spirit of this ruling and abandon any measures that seek to jail Ugandans for the free flow of ideas."
Inaction Helps Your Enemies: Without freedom, there's nothing else left
Windows Down From 99% to ~50% in Republic of Seychelles (République des Seychelles): Windows fell by a lot
"systemd is essentially a corporate IBM/Redhat project and corporations of course will comply": Microsoft and IBM care about users' freedom like Cheeto Lump cares about the US Constitution
Confluent Insiders: IBM Laid Over Over 800 at Confluent, Not Just 800: For the record, the layoffs at Confluent won't be over. After the bluewashing there will be "IBM RAs" impacting Confluent folks, aside from PIPs
The Layoffs at IBM Carry on (Shades of Enron): Is IBM another Enron?
"IBM boss Arvind Krishna... financial package valued at $38 million in calendar 2025 - equivalent to the average collective pay of 765 Big Blue workers.": continues to ruin the company to enrich himself while pretending he has a strategy
Gemini Links 20/03/2026: Digital Identity Bifurcation and a "Return to Gemini": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, March 19, 2026: IRC logs for Thursday, March 19, 2026

New Flaw in Windows Facilitates More DDOS Attacks

Recent Techrights' Posts