EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.10.10

Microsoft Leaves Windows XP SP2 Users Open to Attacks, ZeuS Exploits Windows Flaws, and 4Chan Becomes Unsafe to Windows Users

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 7:27 pm by Dr. Roy Schestowitz

4chan front page in 2009

Summary: Grouping of security news from this week

“Has anybody seen the news about Microsoft not supporting the link vulnerability patch in XP SP2?”

That question was asked by Chips B Malroy earlier today. He cited the following two posts:

i. Registry hack used by gamers allows security for Windows XP SP2

If you use Windows XP SP2, then by now you are well aware that it has come to its end of life. This means no security updates, no software updates, no support. However, an interesting blog post from F-Secure explains how to install security updates on the aging operating system, if a user is willing to assume the risk.

ii. Windows XP SP2: Hack Allows ‘Shortcut Patch’ To Be Installed

PC users who are still using Windows XP SP2, even after the service pack was retired on July 13 can still receive security updates thanks to a trick found by editing the registry.

Had Windows been Free software, no “hack” around the Registry would be needed.

At the moment, all versions of Windows are still open for attacker to exploit. The press doesn’t call out Windows when it reports on the ZeuS Trojan:

Security vendor M86 Security says it’s discovered that a U.K.-based bank has suffered almost $900,000 (675,000 Euros) in fraudulent bank-funds transfers due to the ZeuS Trojan malware that has been targeting the institution.

More here:

A banking Trojan attack has led to the fraudulent withdrawal of more than $1m from online banking accounts maintained with a UK bank since the start of July, according to security researchers.

Web-based malware based on the infamous Zeus cybercrime toolkit is being used to steal money via the unnamed bank’s online banking system. Researchers at the M86′s Security Labs came across the attack after discovering the botnet’s command & control centre, which is hosted in Moldova.

What about Microsoft and Windows? Here is another IDG article whose headline says “Malware Circulating on 4Chan Forums” (it does not say “Windows malware”).

The important point to take away from this is that HTA files are programs, just like EXEs and can do dangerous things.

Here is a funny one:

INSECURITY OUTFIT McAfee has decided it’s time to get tough on cybercrime.

We’re not sure how McAfee was tackling cybercrime before the publication of its report, “Security Takes the Offensive”. Whatever it was doing obviously wasn’t enough, given the malware threats out in the wilds of the Internet.

Security would be simplified if Windows was removed from this equation. Earlier today we posted several links to new articles that claim GNU/Linux/Android superiority over Apple when it comes to security. Apple — like Microsoft — is being negligent again.

Apple sits on a patch for a critical flaw

PEDDLER OF BROKEN DREAMS Apple has apparently come up with a patch for a critical flaw in the Iphone OS that gives a hacker so much control over the device that they might as well be Steve Jobs.

Just because this operating system is proprietary doesn’t mean it’s harder to decipher and thus more secure. Fast patching is key.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 1/10/2014: OPNFV Goes Public, PDF Reader Pullout

    Links for the day



  2. Links 29/9/2014: OpenDaylight Helium Release

    Links for the day



  3. European Patent Office Disorganisation: Problems With the Audit Mechanisms - Part IV

    A prelude to a long article about a thug called Topić, his controversial Battistelli-sponsored appointment, and the removal of auditory functions by Battistelli



  4. More Good News About Demise of Software Patents and Along With Them, Consequently, Patent Trolls

    A weekly roundup of news about patents in the United States and elsewhere, with special focus on software patents



  5. IRC Proceedings: June 22nd, 2014 – September 13th, 2014

    Many IRC logs



  6. Links 28/9/2014: Moto X, End of OpenSUSE 11.4

    Links for the day



  7. CBS Continues to Get Heavily Occupied by Microsoft Staff to Spread Microsoft Propaganda

    The CBS-owned ZDNet continues to hire people who have worked or are currently working for Microsoft and unsurprisingly enough they use their newly-acquired positions to praise Microsoft and bash Microsoft's competition, usually with no disclosure of their conflict of interest



  8. Links 27/9/2014: Linux (Almost) Everywhere, Features Of Linux 3.17

    Links for the day



  9. Microsoft Fakes 'Charity' and Uses Religious Groups to Acquire Lock-in in the Public Sector

    Microsoft's involvements with NGOs and with governments lead to more distrust, more surveillance, less freedom, and ultimately systemic corruption



  10. Bill Gates' Privatisation Crusade

    Mr. Gates, seeking to increase his huge profits and political power, reaches out to Catholic leaders and David Christian



  11. Tux Machines Under DDOS Attack

    Most of Tux Machines continues to work as usual, but some parts are temporarily restricted to keep the server running



  12. Links 26/9/2014: LibreOffice Celebrations, Betas of *buntu

    Links for the day



  13. Links 25/9/2014: KDE Roadmap, Bash Bug, GNOME 3.14 in Next Fedora

    Links for the day



  14. Links 24/9/2014: GNOME 3.14 Released, Bash Has a Bug

    Links for the day



  15. Links 21/9/2014: Fedora 21 Alpha

    Links for the day



  16. More of Bill Gates' Investments in GMO and Mass Indoctrination Under the Disguise of 'Donations'

    Microsoft's arrogant and famously corrupt co-founder is taken to task by those whom he is trying to bamboozle for monopoly, unlimited cross-generational power, and never-ending profit without risk



  17. Home Depot Confirmed a Victim of Microsoft's Bad Security, Microsoft Lays Off Security-Related Staff

    News reports circulate showing that Home Depot was knowingly careless with its Windows dependency while Microsoft lays off staff focused on security



  18. European Patent Office/Organisation - Suspicion of Improper Collusion Between EPO President and Chairman of the Administrative Council: Part III

    A preliminary look at Battistelli's reign and how regulatory powers got abolished, leaving the EPO reckless and largely unaccountable



  19. Links 21/9/2014: xorg-server 1.16.1, Linux Kernel 3.16.3

    Links for the day



  20. Links 20/9/2014: GNOME 3.13.92, Android L

    Links for the day



  21. Scanning Patent Troll Implodes; Is the Podcasting Patent Troll Next?

    MPHJ loses and Personal Audio LLC perhaps wins for the last time since software patents are quickly losing legitimacy in the United States



  22. If CAFC is Not Above the Law, Then it Should be Shut Down Now

    A long series of abuses in CAFC may as well suggest that this court has become broken beyond repair



  23. The Latest From Microsoft Patent Trolls and Patent Partners

    Microsoft-linked and Linux-hostile trolls continue their relentless attacks (albeit with little or no success) while patents as a weapon lose their teeth owing to a Supreme Court ruling



  24. Microsoft Proves That Its Massive Layoffs Are Not About Nokia

    Microsoft is laying off a lot of employees who have nothing at all to do with Nokia



  25. Links 19/9/2014: Another Red Hat Acquisition, Netflix Dumps Microsoft Silverlight and Brings DRM to WWW

    Links for the day



  26. Links 18/9/2014: Windows Copying GNU/Linux, Germany Moves to Security

    Links for the day



  27. Web Site 'Patent Progress' Now Officially 'Powered by CCIA' (FRAND Proponent, Microsoft Front)

    After talking a job at CCIA, "Patent Progress" and its chief author should be treated as dubious on real patent progress



  28. Articles About the Death of Software Patents in the United States

    Recent coverage of software patents and their demise in their country of origin, where even proponents of software patents are giving up



  29. The Death of Software Patents is Already Killing Some Major Patent Trolls

    VirnetX seems to be the latest victim of the demise of software patents in the United States



  30. More Microsoft Layoffs

    More Microsoft layoffs go ahead as the company is unable to compete


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts