Microsoft Security Worse Than Ever, All Windows Users Still Vulnerable

Dr. Roy Schestowitz

2010-08-08 23:13:03 UTC
Modified: 2010-08-08 23:13:03 UTC

Summary: Code red for Microsoft as just days after an "emergency" patch comes the largest-ever patchset and all versions of Windows still seem to be left open for attackers

LAST WEEK was an emergency week for Windows users [1, 2, 3], all of whom were left vulnerable to hijacking due to Microsoft's incompetence. Here is just one more article about it:

An emergency Windows software update will close a loophole in Microsoft’s operating system that makes it easy for hackers to take control of a computer using shortcuts

Have things truly improved after this emergency patch? Don't bet on it. Microsoft is breaking new records in this Tuesday's security update, which is said to plug 34 holes:

Microsoft will issue 14 security bulletins on Tuesday to plug 34 holes, including eight that are critical, in Windows, Office, Internet Explorer, SQL and Silverlight, the company said on Thursday.

There is a lot more coverage about this [1, 2, 3, 4, 5, 6, 7, 8, 9] as "Microsoft [is] to issue record number of security bulletins next Tuesday" [via].

For those who think that 34 holes is the correct number, think again. Microsoft is patching its software silently and unethically so as to fake numbers that its employees decrease by hiding some of the applied fixes. In other words, Microsoft is knowingly lying and giving fake numbers. Previously we wrote about how Microsoft also spurned researchers who had warned about security flaws in Windows [1, 2, 3]. Microsoft is trying to make up after the Microsoft-Spurned Researcher Collective had been created and "TippingPoint's ZDI sets a 6-month deadline on vendors to encourage faster patching," according to this report. There is more information about it here.

Microsoft's problems are not over and all Windows users continue to be vulnerable to attacks (even after Patch Tuesday) because:

1. Unpatched kernel-level vuln affects all Windows versions

Researchers have identified a kernel-level vulnerability in Windows that allows attackers to gain escalated privileges and may also allow them to remotely execute malicious code. All versions of the Microsoft OS are affected, including the heavily fortified Windows 7.

2. Microsoft probes new Windows kernel bug

3. Unpatched Vulnerability in All Windows Versions Claimed

4. Kernel-level Vulnerabilities Hit All Windows Versions

Microsoft on Friday announced to have launched an investigation into kernel-level vulnerability hitting Windows. As per reports, all versions of the Microsoft OS have been engulfed by the bug, including the heavily fortified Windows 7.

We wrote about this in a previous post. Rather than security improving over time, Microsoft seems to be getting worse and the number of holes is increasing. ⬆

Comments

Andrew Macabe

2010-08-09 04:02:03

...heavily fortified Windows 7. Topnews & the register are into humor now?

twitter

2010-08-09 14:28:33

Windows 7/Vista are fortified against users for the sake of advertisers and Microsoft. In ordinary security, the user is the owner and everything else is a threat. In the Microsoft world, user control is the primary threat and all else is disregarded.

Microsoft has benefitted from the insecurity of their software for as long as I can tell. The MSDOS 5.x install from 1993 flashes messages about new technology to keep data safe from crashes and users safe from viruses. Everytime Microsoft wants to sell a new version of Windows, stories about "computer viruses" suddenly show up in the Microsoft friendly press. After nearly a decade of useless, often malicious patch Tuesdays, most people are starting to understand that Windows will never be secured. Software that has owners does what the owners want not the user.

Dr. Roy Schestowitz

2010-08-09 15:00:12

The issue is that upgrades are not free either (upgrade treadmill is the business mode), which means that many users are left less secure due to financial means. GNU/Linux does not have this problem, or very rarely has.

Investigative Journalism Protects Society From Corruption, Crimes Against Women, Assaults on Civil Society: "what is the point of men doing military practice to defend a system that is so rotten?"
Swiss pimp usurping reputation of legendary Tissot boss Francois Thiébaud from France (BaselWorld, SWATCH Group SA): Reprinted with permission from Daniel Pocock
Paris 'Love Nest' & Debian Outreachy: from Lycée Lakanal to ENS Cachan, Cr@ns, nepotism: Reprinted with permission from Daniel Pocock
Richard Stallman to Give Public Talk in 3 Hours, Then in the Technical University of Munich (Germany) Next Week: Richard Stallman at TUM on 21.10.2025 18:00, MW2001
Leaks and Whistleblowers: Our Plan for Today: Society simply cannot advance when too many people self-censor
The EPO's War on Techrights Was a Massive Mistake: The EPO started the SLAPPs after we had published a few hundreds of articles; we've since then published close to 6,000 because the attacks on us emboldened insiders to help us
General-Purpose Computers to Become Growing Area of Coverage: Without them, we have little left for controlling our lives
"They missed a great opportunity to shut up." -Jacques Chirac: Brett Wilson LLP has been trying to cheat the legal system many times
Harassment evidence: Switzerland, overcrowded fitness and yoga centers, incompetence and racism in accident response: Reprinted with permission from Daniel Pocock
Vincent Danjean & Debian NXIVM collateral, blackmail risks: Reprinted with permission from Daniel Pocock
In Sweden This Past Friday Richard Stallman Explained Why Copyleft is Important: And he didn't have to 'bash' BSDs, either
Dystopian Trends in Technology Make Richard Stallman More Relevant Than Ever: It's good to see him attracting vast audiences
IBM Layoffs Due to a Lack of Money and Company Debt Rising by Almost 10 Billion Dollars in 6 Months: IBM didn't buy Red Hat for any ideological reasons; it was a fast "cash grab" for revenue
Forbes Already Stopped Being a News Sites. Now It's a Spam and Propaganda Platform for "Paying Partners" (Companies).: news from Forbes became very scarce
Is the Second-Largest Institution in Europe (EPO) Gradually Becoming More Like a Sweatshop?: Underpaid, unqualified, inexperienced and incompatible people are already recruited to replace veteran examiners
The Register MS Has No FOSS Coverage Anymore: The Editor in Chief is like a Microsoft plant
Links 13/10/2025: "Toasty Subwoofer" and WiFi Speakers "Are About To Go Dumb": Links for the day
Gemini Links 13/10/2025: iNaturalist and Tove Jansson’s Moominpappa at Sea: Links for the day
Microsoft Does Not Deny That Large Retailers Like Walmart, Costco and Target Are Giving Up on XBox (and Not Stocking It): No doubt XBox is in trouble and rumours suggest that more mass layoffs are imminent
We'll Encourage Richard Stallman to Talk About Software Patents at the EPO Next Week When He Visits Munich (EPO Headquarters): Go listen to Richard Stahlmann
Arnaud Parreaux lost case defending rogue employer: Reprinted with permission from Daniel Pocock
Mathieu Elias Parreaux declared bankrupt in Switzerland: Reprinted with permission from Daniel Pocock
Breakdown of the Rule of Law and Patent Law in the European Union (EU): The EPO cannot recruit suitably qualified patent examiners this way, let alone retain them
Gemini Links 13/10/2025: Good Films, Wizard of Earthsea, Upgrading the Steam Controller's Stick: Links for the day
It's Not Justice When One Side Denies the Other Side the Ability to Even Speak: At this stage, Brett Wilson LLP is in my humble opinion acting in contempt of the Court
Links 13/10/2025: Australian Catholic University Uses Slop to Libel Students, Canada Threatens to Kill Beluga Whales: Links for the day
How Not to Silence Tux Machines (It'll Only Backfire, Badly): defending Microsoft while attacking this site
Slopwatch: UbuntuPIT and Google News: It seems abundantly clear that Google News and Google in general participates in the slop epidemic
Vincent Danjean (not INTERPOL), Claire Bardel & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Christmas lynchings: Martin Krafft (madduck), Penny Leach (mjollnir) & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Gemini Links 13/10/2025: Birthdays and "Committee Unable to Contact Nobel Prize Winner": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, October 12, 2025: IRC logs for Sunday, October 12, 2025
The Same People Who Attacked Richard Stallman (RMS) Are Attacking Daniel Pocock to Discourage People From Listening to His Information: Pocock is being demonised for the same reasons and by the same people who attack RMS
Your Typical Anti-Richard Stallman (RMS) Cancellist: "About the RMS cancellation"
Richard Stallman (RMS) Has Announced His Talk in Rome Less Than 20 Hours in Advance (and on a Sunday): Why did he wait until the night before?
We Are Safe in a Modern "Tech" Society, Right?: People are safer if they control their own computing
GNU Tools Cauldron Event in Portugal: Videos Now Available via Invidious: Go have a look
The Way Things Are Going, They May Soon Stop Saying "Web Address" and Instead Say "Chrome Address": The Web isn't built or based around open Web standards anymore. It's centered around user-agent.
Microsoft as a Golden Cage: "I was laid off by Microsoft and can't find a job. I'm weeks away from giving up my apartment and moving across the country to live with family."
Weekend Discussion About How IBM's Bluewashing of Red Hat Will Cause "Enshittification" for Users: "I worked at a software company that was acquired by IBM so I knew it was game over for RedHat the day they were acquired"
Brett Wilson LLP Getting Sued by Its Very Own Clients, a Legal Story That Has Made the Mainstream News (Law360): Law360 or Law.com are about as mainstream as one can get in that "sector" (litigation 'industry')
Slopwatch: GNU/Linux Sites That Became Slopfarms and Spamfarms: The Web is a mess and "Linux" or "Ubuntu" sites became part of the problem
Richard Stallman's Talk 25 Hours Away, Aula Magna Palazzo del Rettorato (CU001), Sapienza Università di Roma (Piazzale Aldo Moro, 5): The talk is 25 hours away and we see some QR code for it
Gemini Links 12/10/2025: Watches, the Depression of 2026, Gamboling with Odds: Links for the day
Links 12/10/2025: 'False' DMCA Claims and Slop Facing Perils Again (the Hype Wears Off): Links for the day
Microsoft Has Just Lost Privacy Case in Austria and Its Latest Moves Make a Complete Ban Seem Imperative: Microsoft is not a software company, it's a spying agency that uses software to collect data
The Register MS: Microsoft is the Security Expert, Not the Prime Culprit, So Buy More Microsoft: This front page feature is devoid of any actual substance, it's just Microsoft copypasta
Stefano Zacchiroli (Zack) & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Lucas Nussbaum & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Gemini Links 12/10/2025: "Palm Computering", Further Exploration of Slide Rules, and Key Takeaways from The Well-Grounded Rubyist: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, October 11, 2025: IRC logs for Saturday, October 11, 2025
Tomorrow: Founder of the Free Software Foundation and of GNU/Linux, Richard Stallman, Speaks in Roma (Rome), Italy at 4PM: GNU/Linux is more important than ever in this dystopian world
Microsoft and Apple Are Rare Topics in Geminispace: in Geminispace it's rather safe to assume everyone is into BSD, GNU/Linux, and sometimes retro
Qualcomm and Manchester United Appear to Have Dumped Microsoft (Qualcomm Now Invests More in Linux, Apparently): It's a relief to no longer see Microsoft logos and brands on a local football club's gear (I'm not a Manchester United fan, but not a foe either)
As Guest of Honour in Rome, Founder of the Free Software Foundation to Speak ("Distinguished Lecture") After Introduction by Leonardo Querzoni: Happy hacking...
All Things Open is Proprietary: The OSI has become a front group of proprietary software openwashers, led and sponsored by proprietary giants
When Microsoft Lays Off Lots of Workers They Say It "Invests in AI" (a Lie), Now It's "Reshuffles" or "Microsoft Tightens": Microsoft "news" by bots
"I saw Richard Stallman give a talk in the mid 80s, which began my fear and loathing of software patents" and "Richard Stallman was always right.": "By betraying the legacy of our ancestors, we’ve set ourselves on a path toward self-destruction — moral, intellectual, economic, and ultimately biological."
There Were Several Waves of Microsoft Shanghai Layoffs in 2025, Western Media Continues to Turn a Blind Eye to Chinese Layoffs of an Epic Scale: Sometimes select Taiwanese news sites (published in English) or automated translations are all we have
Brett Wilson LLP Spreads Trumpism to the United Kingdom, Looking to Profit From 'Legal Colonialism' (Overriding Sovereignty): There's growing recognition of this conundrum worldwide
The Demise of Shopping in Person: In a world like this, how valued is the customer?
This Past Friday, "Nearly 700 People Came to Listen to RMS!" (Richard Stallman): "Nearly 700 people came to listen to RMS!"
Distinguished Lecture by Richard Stallman This Coming Monday in Rome: After "Free software, Crucial for Freedom in a Digital World"
Slopwatch: UbuntuPIT Churning Out Plagiarism and the Slopfarm LinuxSecurity Turns to Pseudonyms: Our hunch is, UbuntuPIT will sooner or later realise that this toxic approach is just harming UbuntuPIT and tainting the reputation of past articles
The Lawsuit by Clients of Brett Wilson LLP Against Brett Wilson LLP is Officially On, It is Progressing, The 'Experts' Pick Outside Law Firms (RPC and Mills & Reeve) to Spare Them From Litigants in Person: So it is probably quite potent
Gemini Links 11/10/2025: Nyctography, Gerrymandering, and Lurking: Links for the day
The 'Culture Wars' in Free Software Have Gone Out of Control: Social control media amplifies such utterly infantile discourse
Teaser: To Compensate for the Fact Our Clients Are Terrible Human Beings Who Strangle Women (While on Microsoft's Payroll) and We Get Paid by Mystery Parties We Bombard You and Your Wife With Almost 10 Kilograms of Legal Papers: If you can't win an argument, then drown the other side with papers?
Links 11/10/2025: World Mental Health Day 2025, Another European Legal Defeat for Microsoft 360: Links for the day
MIT Technology Review is Part-Time SPAMfarm of Billionaires and Mega-Corporations: Does MIT operate its own "b2b" SPAMfarm?
Open Source Initiative Executive Director Leaves, Replacement Sought by Monopolists, Not the Community or OSI Members: Serves to show who runs this show...
Links 11/10/2025: China-US Tensions Grow Again, "Hey Hi" More Widely Recognised as Bubble Made of Capital That Doesn't Exist: Links for the day
Now Confirmed in Western Media: Microsoft Azure Layoffs This Month: Affirmed by more sources moments ago
Peter O'Callaghan QC represented grandparents, Westernport Hotel, at Liquor Royal Commission: Reprinted with permission from Daniel Pocock
Either The Register MS Divests From FOSS Coverage or Liam Proven is on Long Holiday: Publishers perish when their audience loses trust in them
Microsoft Cancelling Another Datacentre is a Sign of Financial Trouble and Lack of Growth: The debt continues to grow
Gemini Links 11/10/2025: An Evening at the Fair and Fast Fourier Friday: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, October 10, 2025: IRC logs for Friday, October 10, 2025

Microsoft Security Worse Than Ever, All Windows Users Still Vulnerable

Comments

Recent Techrights' Posts