EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS


Microsoft Leaves Windows XP SP2 Users Open to Attacks, ZeuS Exploits Windows Flaws, and 4Chan Becomes Unsafe to Windows Users

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 7:27 pm by Dr. Roy Schestowitz

4chan front page in 2009

Summary: Grouping of security news from this week

“Has anybody seen the news about Microsoft not supporting the link vulnerability patch in XP SP2?”

That question was asked by Chips B Malroy earlier today. He cited the following two posts:

i. Registry hack used by gamers allows security for Windows XP SP2

If you use Windows XP SP2, then by now you are well aware that it has come to its end of life. This means no security updates, no software updates, no support. However, an interesting blog post from F-Secure explains how to install security updates on the aging operating system, if a user is willing to assume the risk.

ii. Windows XP SP2: Hack Allows ‘Shortcut Patch’ To Be Installed

PC users who are still using Windows XP SP2, even after the service pack was retired on July 13 can still receive security updates thanks to a trick found by editing the registry.

Had Windows been Free software, no “hack” around the Registry would be needed.

At the moment, all versions of Windows are still open for attacker to exploit. The press doesn’t call out Windows when it reports on the ZeuS Trojan:

Security vendor M86 Security says it’s discovered that a U.K.-based bank has suffered almost $900,000 (675,000 Euros) in fraudulent bank-funds transfers due to the ZeuS Trojan malware that has been targeting the institution.

More here:

A banking Trojan attack has led to the fraudulent withdrawal of more than $1m from online banking accounts maintained with a UK bank since the start of July, according to security researchers.

Web-based malware based on the infamous Zeus cybercrime toolkit is being used to steal money via the unnamed bank’s online banking system. Researchers at the M86′s Security Labs came across the attack after discovering the botnet’s command & control centre, which is hosted in Moldova.

What about Microsoft and Windows? Here is another IDG article whose headline says “Malware Circulating on 4Chan Forums” (it does not say “Windows malware”).

The important point to take away from this is that HTA files are programs, just like EXEs and can do dangerous things.

Here is a funny one:

INSECURITY OUTFIT McAfee has decided it’s time to get tough on cybercrime.

We’re not sure how McAfee was tackling cybercrime before the publication of its report, “Security Takes the Offensive”. Whatever it was doing obviously wasn’t enough, given the malware threats out in the wilds of the Internet.

Security would be simplified if Windows was removed from this equation. Earlier today we posted several links to new articles that claim GNU/Linux/Android superiority over Apple when it comes to security. Apple — like Microsoft — is being negligent again.

Apple sits on a patch for a critical flaw

PEDDLER OF BROKEN DREAMS Apple has apparently come up with a patch for a critical flaw in the Iphone OS that gives a hacker so much control over the device that they might as well be Steve Jobs.

Just because this operating system is proprietary doesn’t mean it’s harder to decipher and thus more secure. Fast patching is key.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. Confirmed: Benoît Battistelli is Crushing the Enlarged Board of Appeal (EBoA)

    New information surfaces regarding communication between the Administrative Council (AC) and Mr. Battistelli, who wishes to crush anyone whom he views (or is merely perceived) as a threat to his totalitarian reign

  2. Patent Trolls Roundup: MPHJ, Kyle Bass, Acacia, Intellectual Ventures, Unwired Planet, Core Wireless, Vringo, and Unified Patents

    An outline of recent developments in the US and even in Europe, focused entirely on patent trolls, patent parasites, and actions against them

  3. EPO Staff is Happy, Says EPO Propaganda Still in the Making

    The Benoît Battistelli-led institution is so misguided so as to actually expect people to believe that EPO staff feels happy, despite increased awareness of staff suicides, protests, lawsuits, etc.

  4. EPO Management is Running Out of Time as More Media Remarks on Its Abuses

    The terrible policies and the atrocious behaviour of the EPO's management is gradually becoming too widespread an issue, leading to a lot more media coverage and with it public scrutiny

  5. Links 12/10/2015: Linux 4.3 RC5, Parsix GNU/Linux 8.0 Reviewed

    Links for the day

  6. Microsoft Still Rigging and Gaming Statistics by Taking Over or Registering Dead/Inactive/Parked Domains by the Millions

    Microsoft continues to game Netcraft's figures and graphs by amassing effectively dead domains, making itself (and IIS/Windows) look a lot bigger when it fact Microsoft only perishes on the Web, having long ago lost the game to GNU/Linux with Free/libre software on top of it (notably a L.A.M.P. stack)

  7. Benoît Battistelli's Group of 'Loyals' Crushes Not Only the Independent Boards But Also 'Unwanted' Directorates-General

    Having 'infiltrated' most key positions at the EPO, Benoît Battistelli now ejects everything that remains potential threat to his unquestionable total domination

  8. Many New Losses for Software Patents in the US, Courtesy of Alice Case/§101

    The United States' supposed leadership in software patenting grinds to a halt as more software patents simply die in the courtrooms and patent lawyers try hard to overcome this new debacle of theirs, usually by misleading current and prospective clients

  9. Leaked: EPO Prioritises Work for Large Foreign Corporations, Discrimination Not Accidental But Centrally Planned

    Canon, Philips, Microsoft, Qualcomm, BASF, Bayer, Samsung, Huawei, Siemens, Ericsson and Fujitsu receive V.I.P. treatment from the EPO, despite most of them not even being European

  10. Links 11/10/2015: Kate/KDevelop Sprint, Blender 2.76

    Links for the day

  11. European Pirate Party MEP Julia Reda Says TPP Will Bring Software Patents to Europe and Other Continents/Countries

    The Wikileaks "TPP Leak," says Julia Reda, suggests that, based on the patentable subject matter section, signatories must add software patents

  12. Don't Look at Linux For Sexism, Look at Microsoft (Although Microsoft Hides the Newest Lawsuits)

    A look at the broader scale of discrimination against women and how widespread a phenomenon it is inside Microsoft, the arch rival of Linux

  13. Links 10/10/2015: IBM's Linux-based LC Family, KDE Frameworks 5.15

    Links for the day

  14. Benoît Battistelli's Office Accused of Institutional Harassment Against EPO Staff in New Letter to the Administrative Council, Calling for External Investigation

    A probe by an external and independent entity is sought with the aim of looking into systematic harassment against EPO employees who simply 'dare' to point out gross violations by their managers; staff protests at EPO headquarters in the Netherlands and Germany are scheduled

  15. Responses to Software Patents in India Though Guidelines for Examination of Computer Related Inventions

    India's famous skills, which revolve around software services and software development, are under attack by new laws which strive to grant foreign corporations de facto monopolies on software, even inside India

  16. Mobile Linux (e.g. Android) Still a Victim of Software Patents, No Peace in Sight

    A look at recent developments in the fight against mobile Linux (notably Android these days) and whoever is behind the patent attacks (not always as obvious as people are led to believe)

  17. Bad News for the EPO's Judicial Independence and Due Process in Next Week's Administrative Council (AC) Meeting

    A quick update about what's expected to happen next week when the Administrative Council holds a two-day meeting

  18. More Back Doors Found in Microsoft's Entrapments (Proprietary Software)

    Security flaws and even blatantly obvious loopholes for surveillance are identified in several of Microsoft's so-called 'products', which turn users (and their data) into the real product (to be sold to private companies or shared with spies)

  19. NASA Gives Back What It Took Away in the Form of Patent Monopolies for Private Gain

    Criticism of NASA's habit of clinging onto patents when it is actually the public which pays for everything

  20. The Coup D'état of Benoît Battistelli Follows an Imperialist Model, Threatens Opposition and Dissent

    SUEPO, the staff union, and boards that are independent from the EPO are both under attack and are constantly threatened by Benoît Battistelli and his goons

  21. Links 8/10/2015: Manjaro Linux Releases, Linksys WRT1900ACS, FOSS at NHS

    Links for the day

  22. Links 8/10/2015: KDE Plasma 5.4.2 Released, Linux Drama Queens

    Links for the day

  23. EPO Staff to Disrupt Administrative Council Meeting With Public Demonstration That Raises Awareness of Abuses

    The perception of collusion between the Administrative Council (AC) and the European Patent Office (EPO) leads to staff actions demanding investigation of illegal Board of Appeal (BoA) suspension/s (among many other things)

  24. OIN Turns 10, IDG Floods the Web With Puff Pieces That 'Normalise' Software Patents

    The Open Invention Network (OIN) commissions or helps produce puff pieces in the corporate media because it has an anniversary and corporate interests to push forth (including the idea that software patents can coexist with Linux)

  25. Hypocrite Forks the Linux Kernel Because of Cultural Characteristics That He Himself is Guilty of

    Forking of Linux is misleadingly reported in the media because of a couple of very loud people, who are not even quitting their jobs

  26. Željko Topić Attacks EPO Staff for 'Daring' to Legally Challenge the EPO's Management Over Its Gross Abuses in Europe

    Benoît Battistelli's right-hand man, Željko Topić, is under the false impression that yet more threats against staff of the EPO will help contain the crisis rather than further inflame it

  27. Media Reports Based on New Patents Suggest That Microsoft Continues to Attack Google and Android/Linux, Trying to Tax and Delete Android

    Reports and patent applications serve to show that Microsoft not only tries to infiltrate ("embrace") Android to put its apps there ("extend") but ultimately to delete ("extinguish") Android

  28. Commenters Provide Possible Explanations for Mr Van der Eijk Being on Unlimited Sick Leave

    Rumours are swirling around Wim Van der Eijk's absence, suggesting that he too may be a victim of Benoît Battistelli's iron fist

  29. Links 6/10/2015: Linux 4.3 RC4, HP OpenSwitch, Wind River Linux 8

    Links for the day

  30. With Software Patents in Europe (and Pushes for the Same Thing in Australia and India) Patent Trolls Now Come to Europe, Attack Android/Linux

    Worst-case scenarios are becoming a reality as Android backers officially attacked by patent trolls using standard-essential patents in London, England


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time


Recent Posts