EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.10.10

Microsoft Leaves Windows XP SP2 Users Open to Attacks, ZeuS Exploits Windows Flaws, and 4Chan Becomes Unsafe to Windows Users

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 7:27 pm by Dr. Roy Schestowitz

4chan front page in 2009

Summary: Grouping of security news from this week

“Has anybody seen the news about Microsoft not supporting the link vulnerability patch in XP SP2?”

That question was asked by Chips B Malroy earlier today. He cited the following two posts:

i. Registry hack used by gamers allows security for Windows XP SP2

If you use Windows XP SP2, then by now you are well aware that it has come to its end of life. This means no security updates, no software updates, no support. However, an interesting blog post from F-Secure explains how to install security updates on the aging operating system, if a user is willing to assume the risk.

ii. Windows XP SP2: Hack Allows ‘Shortcut Patch’ To Be Installed

PC users who are still using Windows XP SP2, even after the service pack was retired on July 13 can still receive security updates thanks to a trick found by editing the registry.

Had Windows been Free software, no “hack” around the Registry would be needed.

At the moment, all versions of Windows are still open for attacker to exploit. The press doesn’t call out Windows when it reports on the ZeuS Trojan:

Security vendor M86 Security says it’s discovered that a U.K.-based bank has suffered almost $900,000 (675,000 Euros) in fraudulent bank-funds transfers due to the ZeuS Trojan malware that has been targeting the institution.

More here:

A banking Trojan attack has led to the fraudulent withdrawal of more than $1m from online banking accounts maintained with a UK bank since the start of July, according to security researchers.

Web-based malware based on the infamous Zeus cybercrime toolkit is being used to steal money via the unnamed bank’s online banking system. Researchers at the M86′s Security Labs came across the attack after discovering the botnet’s command & control centre, which is hosted in Moldova.

What about Microsoft and Windows? Here is another IDG article whose headline says “Malware Circulating on 4Chan Forums” (it does not say “Windows malware”).

The important point to take away from this is that HTA files are programs, just like EXEs and can do dangerous things.

Here is a funny one:

INSECURITY OUTFIT McAfee has decided it’s time to get tough on cybercrime.

We’re not sure how McAfee was tackling cybercrime before the publication of its report, “Security Takes the Offensive”. Whatever it was doing obviously wasn’t enough, given the malware threats out in the wilds of the Internet.

Security would be simplified if Windows was removed from this equation. Earlier today we posted several links to new articles that claim GNU/Linux/Android superiority over Apple when it comes to security. Apple — like Microsoft — is being negligent again.

Apple sits on a patch for a critical flaw

PEDDLER OF BROKEN DREAMS Apple has apparently come up with a patch for a critical flaw in the Iphone OS that gives a hacker so much control over the device that they might as well be Steve Jobs.

Just because this operating system is proprietary doesn’t mean it’s harder to decipher and thus more secure. Fast patching is key.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. Links 9/12/2013: Screenshots

    Links for the day

  2. Ubuntu is Not Truly Focused on Desktops Anymore

    More signs that Ubuntu is deemphasising the desktop and treating users like a product/commodity, not entities whose interests should drive development

  3. Fedora 20 About a Week Away

    Fedora's latest release is just around the corner (released scheduled for December 17th)

  4. Mother Jones Shows That Gates Foundation is a Hypocritical Ploy

    Popular magazine Mother Jones is the latest among many magazines (those which have not been paid by Bill Gates yet) to tell readers the true story of the tax-evading, investment-driving, PR-pumping, Microsoft- and patents-boosting operation known as "Gates Foundation"

  5. EU Commissioner VP Joaquin Almunia Aware of Microsoft's Anti-Linux By-Proxy Patent Strategy (Nokia), Threatens Antitrust Action

    Formally, or at least publicly, European regulars say that they are aware of what Microsoft/Nokia is up to and they're not going to tolerate it

  6. 'Secure' Boot is Not Secure, Time to Abandon It

    The 'security' boasted by restricted boot is shown to be a sham; other booting systems ought to be promoted at UEFI's expense

  7. Benefits of Ubuntu's Derivatives: MATE, Cinnamon, and the Depth Desktop Environment

    The power of deviation as demonstrated by Linux Mint and Linux Deepin, two of the more widely used derivatives of Ubuntu

  8. Don't Rule Out Gentoo, Slackware, and Mandriva Just Yet

    How distributions which were largely forgotten some years ago are making a comeback and spawning new derivatives

  9. State-of-the-Art Gaming on GNU/Linux Not Only Possible But Becoming Default Option, Hardware Products

    GNU/Linux as the operating system of gaming consoles no longer a far-fetched dream; companies other than Valve explore these possibilities

  10. Links 8/12/2013: Applications and Instructionals

    Links for the day

  11. Drifting Away From Copyleft in Databases

    Databases which are Free/Open Source software (FOSS) are becoming less liberal/freedom-respecting while deceiving labels hide it

  12. Roman Catholic Church Joins Opposition to 'Trade' Agreements

    The Church which claims to have 1.2 billion members is expressing dissatisfaction and opposition to TPP and TAFTA/TTIP

  13. 'Unauthorised' Programming and What It Means to Software Freedom

    DRM and DMCA versus society, or how operation-restricting legal mechanisms are affecting coders, for whom not only software patents are now a creativity wall

  14. Assassinations by Drone Make the West Hypocritical on Syria

    Putting in context the cycle of violence which the West uses to justify indefinitely detaining the domestic population, assassinating parts of it, and spying on everyone (even domestically, using loopholes)

  15. Links 6/12/2013: KDE and GNOME News

    Links for the day

  16. Links 6/12/2013: NSA News

    Links for the day

  17. Microsoft Sued Over Collusion With the NSA, Microsoft Issues Orwellian Statements

    Microsoft is lying about privacy of its customers and the Free Software Foundation (FSF) responds

  18. To Oracle, 'Community' Means Paying Oracle Customers

    Oracle continues to extend only its own distribution of GNU/Linux (which is a ripoff of another), leaving everyone else out in the cold

  19. Patent Policy Change a Victory for Large Corporations, Real Reform Remains Elusive

    Patent extortion and litigation by proxy still permitted in the United States, even after the passage of a celebrated (by corporations) new bill

  20. A Western Assault on GNU/Linux Security and Privacy

    Governments (which are dominated by corporations) continue to make security hard as part of a campaign to spy on everyone under claims that it helps "national security" (control from above)

  21. The Copyright Cartel Takes Over Schools to Deceive and Indoctrinate Children

    Schools become a target of shameless copyright propaganda and promotion (advertising) of copyright boosters/maximalists

  22. While Nokia Becomes Microsoft's Anti-Linux Litigation Front, Pre-Elop Nokia Revived, Jolla Sells All Available Phones

    More of the old products of Nokia are brought back to life owing to former Nokia staff while existing Nokia staff, led by a Microsoft mole, continues to attack Linux-powered phones with patents

  23. Custom-built Distributions and the 2,000+ GNU/Linux Distributions Listed by Softpedia

    Customisation for different users, localisations, system ages etc. motivate plurality and diversity, which now yields thousands of packaged (for installation) GNU/Linux images

  24. Links 4/12/2013: Games News

    Links for the day

  25. NSA Leaks: Still Yielding New Scandals, But Fewer Than Before

    A roundup of news about cracking, sabotage, privacy infringement and illegal surveillance by the NSA and its allies

  26. Links 3/12/2013: Screenshots

    Links for the day

  27. Links 3/12/2013: Applications and Instructionals

    Links for the day

  28. Apple and Microsoft Claim Patent Tax on GNU/Linux, Red Hat's Response Too Weak

    GNU/Linux is said to be among the targets for illegal extortion, but even self-professed backers of GNU/Linux aren't interested in addressing this problem

  29. GNU is Not Linux: Richard Stallman Explains the Origins of GNU

    Stallman tells Techrights/TechBytes lesser-known details about the birth of GNU in the early 1980s

  30. Reminder to Corporate Press: PHP is Not Linux

    Reporting on scare-mongering from Symantec mostly off target

CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts