EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.10.10

Microsoft Leaves Windows XP SP2 Users Open to Attacks, ZeuS Exploits Windows Flaws, and 4Chan Becomes Unsafe to Windows Users

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 7:27 pm by Dr. Roy Schestowitz

4chan front page in 2009

Summary: Grouping of security news from this week

“Has anybody seen the news about Microsoft not supporting the link vulnerability patch in XP SP2?”

That question was asked by Chips B Malroy earlier today. He cited the following two posts:

i. Registry hack used by gamers allows security for Windows XP SP2

If you use Windows XP SP2, then by now you are well aware that it has come to its end of life. This means no security updates, no software updates, no support. However, an interesting blog post from F-Secure explains how to install security updates on the aging operating system, if a user is willing to assume the risk.

ii. Windows XP SP2: Hack Allows ‘Shortcut Patch’ To Be Installed

PC users who are still using Windows XP SP2, even after the service pack was retired on July 13 can still receive security updates thanks to a trick found by editing the registry.

Had Windows been Free software, no “hack” around the Registry would be needed.

At the moment, all versions of Windows are still open for attacker to exploit. The press doesn’t call out Windows when it reports on the ZeuS Trojan:

Security vendor M86 Security says it’s discovered that a U.K.-based bank has suffered almost $900,000 (675,000 Euros) in fraudulent bank-funds transfers due to the ZeuS Trojan malware that has been targeting the institution.

More here:

A banking Trojan attack has led to the fraudulent withdrawal of more than $1m from online banking accounts maintained with a UK bank since the start of July, according to security researchers.

Web-based malware based on the infamous Zeus cybercrime toolkit is being used to steal money via the unnamed bank’s online banking system. Researchers at the M86′s Security Labs came across the attack after discovering the botnet’s command & control centre, which is hosted in Moldova.

What about Microsoft and Windows? Here is another IDG article whose headline says “Malware Circulating on 4Chan Forums” (it does not say “Windows malware”).

The important point to take away from this is that HTA files are programs, just like EXEs and can do dangerous things.

Here is a funny one:

INSECURITY OUTFIT McAfee has decided it’s time to get tough on cybercrime.

We’re not sure how McAfee was tackling cybercrime before the publication of its report, “Security Takes the Offensive”. Whatever it was doing obviously wasn’t enough, given the malware threats out in the wilds of the Internet.

Security would be simplified if Windows was removed from this equation. Earlier today we posted several links to new articles that claim GNU/Linux/Android superiority over Apple when it comes to security. Apple — like Microsoft — is being negligent again.

Apple sits on a patch for a critical flaw

PEDDLER OF BROKEN DREAMS Apple has apparently come up with a patch for a critical flaw in the Iphone OS that gives a hacker so much control over the device that they might as well be Steve Jobs.

Just because this operating system is proprietary doesn’t mean it’s harder to decipher and thus more secure. Fast patching is key.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. SIPO (China's Patent Office) Taken Over by Patent Maximalists

    A look at China's race to the bottom (decline in quality) when it comes to patents, assuming quite wrongly that quantity is more important than quality and severe penalties for perceived infringement will spur innovation



  2. The Alice Case Continues to Smash Software Patents (This Time OpenTV's); Will the EPO Ever Pay Attention?

    The potency or the grip of software patents in the United States is quickly eroding, but the EPO continues to act as though software patents are legitimate



  3. EPO Staff Responds to Team Battistelli's Expansion to Include French Economic Propagandist on the Payroll

    With strings attached (like string puppets of Battistelli in various units including the Investigative Unit), can the new Chief Economist, who is French and paid by Battistelli, ever be trusted?



  4. UPC: To Understand Who Would Benefit From It Just Look at Who's Promoting It (Like TPP)

    The UPC, which is designed to aid patent trolls and aggressors (and their lawyers), is still being advanced by the EPO and some misinformed (but loyal to these former groups) politicians



  5. Trolls Molestos: Rovi (del famoso Angry Birds) Ayuda al Más Largo Troll de Patentes de Microsoft Intellectual Ventures (Corregido)

    Alguna vez conocido como hacedor de juegos y más tarde como vigilancia en masa en jugadores, Rovi ahora se ESTA ALIANDO CON EL MÁS GRANDE TROLL DE PATENTES



  6. Estadísticas de Invalidación de Patentes y Costos de Litigación de Patentes (incluso si son falsas) Muestran que la Esfera de Patentes y los Estándares de Examinación son un Probleman, No Sólo en Los Estados Unidos

    Demasiadas falsas patentes que no deberían haber sido otorgadas en primer lugar y fraudulentes jucios de patentes que terminan en favor del acusado sirve para mostrar el costo externo (o externalidad) cuando set trata de un bajisímo sistema de patentes que se esfuerza en otorgar muchas patentes irrespectivamente de su mérito.



  7. The 'Offenses' of EPO Staff Representatives Boil Down to Truth-Telling

    Dutch television examined the documents of the mock 'trials' against SUEPO leaders and concluded that whistle-blowing (i.e. exposing abuses by EPO management), not misconduct, is the reason for overzealous dismissals



  8. Rumours About Dismissal of Benoît Battistelli and New Letter From Union Syndicale Federale Blasting Battistelli's Behaviour

    hings have been heating up since the dismissal of staff representatives at the European Patent Office (EPO) and some even spread rumours about withdrawal/dismissal of the EPO's President



  9. VirnetX Case Against Apple Shows Not the Problem With Patent Trolls But With Software Patents

    What the media really ought to be talking about after the high-profile VirnetX case, rather than obsess about the status of Apple or patent trolls in the Eastern District of Texas



  10. Diápositivas de Nueva Charla Explican la Connección Entre la Corte De Patentes Unitarias (UPC) y Patentes de Software

    Benjamín Henrion habló el pasado Domingo acerca de las patentes de software europeas -una presentación que habla de la Corte Unitaria de Patentes, por la que la OEP aboga sin cesar y que es lo que significa para las patentes de software.



  11. Las Políticas de Microsoft Alienan Incluso a los Hinchas Más Acérrimos de Microsoft, Incluyendo Pro-Microsoft Web Sites

    El agresivo comportamiento de Microsoft y su BAJA CALIDAD DE PRODUCTOS dejan algunos de sus últimos restos de ´hinchas´ descorazonados y molestos.



  12. Links 6/2/2016: CoreOS Rocket 1.0, Scientific Linux 7.2

    Links for the day



  13. Maybe It's Time for Class Action Lawsuits Against Microsoft for Forced Vista 10 'Upgrades', Which Were Definitely No Accident

    The sheer arrogance of Microsoft, which silently changes the operating system on people's computers (without their consent), makes lawsuits imperative, not just a possibility



  14. Readers' Article: A Strange Conspiracy of Silence in the German Media (Part II)

    Željko Topić's allegedly dark background, which includes a suicide, a retreat of potential witnesses, German funds in Topić's private bank account and several more interesting bits



  15. Links 5/2/2016: Wine 1.9.3, Slackware 14.2 Beta 2

    Links for the day



  16. Links 4/2/2016: Red Hat Upgraded, Ubuntu Tablet

    Links for the day



  17. The Siege Continues: Patent Lawyers Want More Patents, Including Software Patents, In Spite of Alice

    Lawyers who make money from patent disputes make rather apparent their aspirations, which include patent saturation even in domains that are patents-exempt



  18. European Patent Office Pretends It's Business as Usual and Prepares New Vanity Pieces

    The PR strategy of the EPO, whose destructive patent strategy continues unabated (for now), latches onto Colombia and strives to manufacture mythology wherein the public, patent examiners and patent applicants are all very happy with the EPO



  19. The 'International' Trade Commission Imposes/Reinforces Software Patents to Establish Another Embargo

    The International [sic] Trade Commission is meddling in competition and allowing a US giant, Cisco in this case, to potentially block rivals (no imports from abroad) using software patents



  20. Readers' Article: A Strange Conspiracy of Silence in the German Media (Part I)

    The views of some of our readers regarding reluctance in the German media to challenge the EPO's violations of German law, probably because Germany benefits from being a host nation of the EPO



  21. Benoît Battistelli's EPO: From Show Trials and Mock Trials to a Self-Aggrandising Propaganda Event Later Today in Rijswijk

    A headsup from a reader regarding today's highly misleading event in Rijswijk (e.g. to mislead the media or seed positive media coverage in the Netherlands) and how it was set up



  22. Caricature of the Day: EPO President

    New caricature about Benoît Battistelli, his bodyguards, and the assault on free speech at the European Patent Office



  23. Company Known as European Patent Office Provides Tips on How to Patent Software in Europe

    The European Patent Office (EPO) uses its attendance at CeBIT, which is a corporate expo, to promote software patents in spite of the European Patent Convention (EPC)



  24. Links 3/2/2016: Dell GNU/Linux Laptop, Wine 1.8.1

    Links for the day



  25. The Most Detailed Explanation (Yet) of What's Wrong With the EPO

    The EPO's insistence that it remains above the law is not only coming under fire by the media but is also being challenged based on people who are familiar with the applicability of law to international organisations



  26. Angry Trolls: Rovi (of Angry Birds Fame) Helps Microsoft's Largest Anti-Linux Patent Troll, Intellectual Ventures (Corrected)

    nce known as a game maker and later made notorious for mass surveillance on gamers, Rovi now liaises with the world's largest patent troll



  27. Patent Invalidation Statistics and Cost of Patent Litigation (Even If Bogus) Show That Patent Scope and Examination Standards a Problem in Europe, Not Just the US

    Far too many bogus patents (patents that should not be granted in the first place) and spurious patent lawsuits that end up in favour of the defendant serve to show the external cost (or externality) when it comes to low-quality patent systems that strive to grant a lot of patents irrespective of merit



  28. Es Oficial: Por Medio de Entrismo, Microsoft Ha Convertido a la Pro-Linux Nokia en un Parásito de Patentes Anti-Linux

    Microsoft ha convertido a Nokia en un troll de patentes que ahora ataca a Linux y Android.



  29. Richard Stallman: Patentes Europeas de Software Regresan con la Corte Unitaria de Patentes (UPC)

    Debates acerca de la UPC estan siendo peleados por profesionales de software (entidades prácticantes) y elementos PARÁSITICOS como los abogados de patentes.



  30. SUEPO (EPO Staff Union) Appears to Have Launched a New and Improved Web Site After Attempts to Crush ('Decapitate') SUEPO

    SUEPO, the largest staff union of the European Patent Office, shows signs of strength rather than signs of weakness amidst attacks on the staff and a lot of media coverage, political interventions, and much more


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts