EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.10.10

Microsoft Leaves Windows XP SP2 Users Open to Attacks, ZeuS Exploits Windows Flaws, and 4Chan Becomes Unsafe to Windows Users

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 7:27 pm by Dr. Roy Schestowitz

4chan front page in 2009

Summary: Grouping of security news from this week

“Has anybody seen the news about Microsoft not supporting the link vulnerability patch in XP SP2?”

That question was asked by Chips B Malroy earlier today. He cited the following two posts:

i. Registry hack used by gamers allows security for Windows XP SP2

If you use Windows XP SP2, then by now you are well aware that it has come to its end of life. This means no security updates, no software updates, no support. However, an interesting blog post from F-Secure explains how to install security updates on the aging operating system, if a user is willing to assume the risk.

ii. Windows XP SP2: Hack Allows ‘Shortcut Patch’ To Be Installed

PC users who are still using Windows XP SP2, even after the service pack was retired on July 13 can still receive security updates thanks to a trick found by editing the registry.

Had Windows been Free software, no “hack” around the Registry would be needed.

At the moment, all versions of Windows are still open for attacker to exploit. The press doesn’t call out Windows when it reports on the ZeuS Trojan:

Security vendor M86 Security says it’s discovered that a U.K.-based bank has suffered almost $900,000 (675,000 Euros) in fraudulent bank-funds transfers due to the ZeuS Trojan malware that has been targeting the institution.

More here:

A banking Trojan attack has led to the fraudulent withdrawal of more than $1m from online banking accounts maintained with a UK bank since the start of July, according to security researchers.

Web-based malware based on the infamous Zeus cybercrime toolkit is being used to steal money via the unnamed bank’s online banking system. Researchers at the M86′s Security Labs came across the attack after discovering the botnet’s command & control centre, which is hosted in Moldova.

What about Microsoft and Windows? Here is another IDG article whose headline says “Malware Circulating on 4Chan Forums” (it does not say “Windows malware”).

The important point to take away from this is that HTA files are programs, just like EXEs and can do dangerous things.

Here is a funny one:

INSECURITY OUTFIT McAfee has decided it’s time to get tough on cybercrime.

We’re not sure how McAfee was tackling cybercrime before the publication of its report, “Security Takes the Offensive”. Whatever it was doing obviously wasn’t enough, given the malware threats out in the wilds of the Internet.

Security would be simplified if Windows was removed from this equation. Earlier today we posted several links to new articles that claim GNU/Linux/Android superiority over Apple when it comes to security. Apple — like Microsoft — is being negligent again.

Apple sits on a patch for a critical flaw

PEDDLER OF BROKEN DREAMS Apple has apparently come up with a patch for a critical flaw in the Iphone OS that gives a hacker so much control over the device that they might as well be Steve Jobs.

Just because this operating system is proprietary doesn’t mean it’s harder to decipher and thus more secure. Fast patching is key.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Short Report From Today's EPO Protest in Munich

    A few noteworthy points about the staff protest which coincided with the Administrative Council's meeting earlier today in Munich



  2. Growing Consensus Even Among Patent Professionals That UPC is Dying Everywhere If Not Just in the UK

    The UPC continues to sink as more and more people come to grips with the complexity of the current situation, irrespective of what countries other than the UK do next



  3. Battistelli Attacks Not Only His Staff But Also Patents Themselves (Their Quality) and the Legal Legitimacy Surrounding the EPO

    Battistelli's EPO is having not only reputation problems but also staff retention problems, patent quality problems and problems pertaining to perception of fair trials or justice regarding patents



  4. Battistelli is Creating an Atmosphere of Terror at the EPO While Exploiting Terror Attacks to Garner Sympathy

    "As if Laurent were a terrorist, the Office has imposed a house arrest and has forbidden him to enter the EPO premises," according to SUEPO, writing about one of its members at The Hague who is "maliciously accused via a fabricated procedure"



  5. Rumours That EPO President Battistelli Got Sacked to be Replaced by Christoph Ernst Appear to be Baseless

    Dr. Christoph Ernst is claimed to be the successor (interim or permanent) of the notorious Battistelli, but these claims have little or no evidence to support them



  6. Links 29/6/2016: SteamOS 2.83 Beta, Alpine Linux 3.4.1

    Links for the day



  7. The EPO Has Become Battistelli's Circus and the Administrative Council Has Been Reduced to (Illegal) Circus Animals Controlled With 'Treats'

    Battistelli's attack on justice and on the rule of law is debated among insiders who have grown increasingly impatient with the Administrative Council's tolerance of Battistelli and sometimes even Kongstad's amazing complicity



  8. The Latest Lies About the Unitary Patent (UPC) Would Have Us Believe That It's Alive and Well

    How patents-centric sites (some of which are in bed with the EPO) have responded to the 'Brexit' vote and why they're not telling us the truth about the Unitary Patent scam (often created and promoted by the same people who run and/or fund such sites)



  9. EPO Management Bunker: “The Bailiff Who Came to Deliver the Subpoena was Escorted off the Property by Five Security Guards.”

    Battistelli has essentially turned the European Patent Office (EPO) into a barracks, where he continues to enjoy immunity from the rule of law and discourages those who wish to challenge this immunity



  10. Keeping the Guard and Securing Society From Software Patents

    The policies over which Indians and Europeans have kept guard are being 'stolen' by vested interests



  11. Benoît Battistelli Further Weaponises His EPO 'Stasi' With CA/52/16

    A glimpse at what Benoît Battistelli will shortly attempt to do to the EPO, in order to cement his power in the face of growing opposition from many directions



  12. EPO Caricature: Administrative Council Control of Benoît Battistelli

    Another new caricature regarding the President of the European Patent Office (EPO) and lack of effective oversight from the Administrative Council (European Patent Organisation)



  13. EPO Caricature: Firing Benoît Battistelli

    The latest caricature regarding the President of the European Patent Office (EPO)



  14. Links 28/6/2016: Red Hat Summit 2016, Hadoop Events

    Links for the day



  15. Today's Media Coverage Says Microsoft Loves Linux, But Today Microsoft Extorted Linux Using Software Patents Again

    Luna Mobile has just been extorted by Microsoft (using dubious software patents, as usual) for using Android/Linux, but Microsoft-influenced media carries on spreading the lie that "Microsoft loves Linux"



  16. New Efforts to Work Around Barriers to UPC in Light of 'Brexit'; Behind These Efforts Are Self-Serving Patent Profiteers

    look at who's trying to work around the latest barriers to the widely-unwanted (by the public) Unitary Patent regime and what is being planned behind the scenes, or behind closed doors (by and for those who stand to profit from the Unitary Patent regime)



  17. Injunction Against Battistelli's Investigative Unit (Known Internally as 'Gestapo') Amid Serious Injustices and Bogus 'Trials'

    SUEPO, the EPO's staff union, steps up its spiel in a case against the "European Patent Organization" as defendant and "SUEPO/VEOB" (Trade Union of the European Patent Office) as claimants



  18. [ES] Con la UPC Muerta por el Resto del Termino de Battistelli, No Hay Razón para que la EPO o el Consejo Administrativo Sigan Manteniéndolo Más

    Pensamientos acerca de lo que pasará al líderazgo de la EPO después de ‘Brexit’ (salida Británica de la EU), lo que sevéramente socava el proyecto más grande de Battistelli el que usaba habituálmente para justificar sus increíbles abusos



  19. [ES] El Caradura Benoît Battistelli Debería Renunciar a Luz de la Filtrada Nueva Decisión en Su Vendeta en Contra de un Juez que se Atrevió a Decir la Verdad (Actualizado)

    Benoît Battistelli continúa quebrando las propias reglas de la EPO, no sólo las leyes naciónales, como una nueva decisión ayuda a revelar



  20. [ES] Cada Vez Más Parece Que Battistelli está Escondiéndo ‘Evidencia’ Falsa y/o Ilegalmente Obtenda de la Unidad Investigativa de la EPO

    El porqué creemos que Benoît Battistelli está cada vez mas desesperado de esconder operaciónes ilícitas de reunir ´evidencia´ lo que eventuálment lo puso a él mismo — no al acusado — en una situación catastrófica situacion que lo puede forzar (esperamos) a us renuncia



  21. Links 28/6/2016: Vista 10 Updategate, OpenMandriva 3.0 Beta 2

    Links for the day



  22. Links 27/6/2016: Linux 4.7 RC 5, OpenMandriva Lx 3.0 Beta 2

    Links for the day



  23. From Alleged Organised Crime to Vice-President of the European Patent Office (EPO)

    Željko Topić's situation in Croatia illuminated by means of recent documents from the authorities



  24. Battistelli May Still be on the Way Out as Pressure Grows in Germany, UPC in Shambles

    Pressure on Battistelli is growing even from within circles that are traditionally protective of him and a long letter is sent to Dr. Christoph Ernst, who some believe will replace Battistelli



  25. Caricature: European Patent Office (EPO) Under Battistelli

    The latest caricature about the state of the European Patent Office (EPO)



  26. Techrights (Almost) at 10: From Software Patents to Novell and to Present Focus on EPO

    A short story about how and why we ended up writing so much about the European Patent Office (EPO) and the impact beyond Europe



  27. Patents Roundup: Bad Quality (USPTO), Bad Analysis (India), Bad Microsoft, Bad Actors (Trolls), Bad Scope (Software Patents), and the Ugly

    A mishmash of news about patents, mostly regarding the United States, and what can be deduced at the moment



  28. Links 26/6/2016: IceCat 38.8.0, Wine 1.9.13

    Links for the day



  29. With UPC Dead for Battistelli's Entire Remaining Term, No Reason for the EPO or the Administrative Council to Keep Battistelli Around

    Thoughts about what happens to the EPO's leadership after 'Brexit' (British exit from the EU), which severely undermines Battistelli's biggest project that he habitually used to justify his incredible abuses



  30. Links 24/6/2016: Xen Project 4.7, Cinnamon 3.0.6

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts