EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.10.10

Microsoft Leaves Windows XP SP2 Users Open to Attacks, ZeuS Exploits Windows Flaws, and 4Chan Becomes Unsafe to Windows Users

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 7:27 pm by Dr. Roy Schestowitz

4chan front page in 2009

Summary: Grouping of security news from this week

“Has anybody seen the news about Microsoft not supporting the link vulnerability patch in XP SP2?”

That question was asked by Chips B Malroy earlier today. He cited the following two posts:

i. Registry hack used by gamers allows security for Windows XP SP2

If you use Windows XP SP2, then by now you are well aware that it has come to its end of life. This means no security updates, no software updates, no support. However, an interesting blog post from F-Secure explains how to install security updates on the aging operating system, if a user is willing to assume the risk.

ii. Windows XP SP2: Hack Allows ‘Shortcut Patch’ To Be Installed

PC users who are still using Windows XP SP2, even after the service pack was retired on July 13 can still receive security updates thanks to a trick found by editing the registry.

Had Windows been Free software, no “hack” around the Registry would be needed.

At the moment, all versions of Windows are still open for attacker to exploit. The press doesn’t call out Windows when it reports on the ZeuS Trojan:

Security vendor M86 Security says it’s discovered that a U.K.-based bank has suffered almost $900,000 (675,000 Euros) in fraudulent bank-funds transfers due to the ZeuS Trojan malware that has been targeting the institution.

More here:

A banking Trojan attack has led to the fraudulent withdrawal of more than $1m from online banking accounts maintained with a UK bank since the start of July, according to security researchers.

Web-based malware based on the infamous Zeus cybercrime toolkit is being used to steal money via the unnamed bank’s online banking system. Researchers at the M86′s Security Labs came across the attack after discovering the botnet’s command & control centre, which is hosted in Moldova.

What about Microsoft and Windows? Here is another IDG article whose headline says “Malware Circulating on 4Chan Forums” (it does not say “Windows malware”).

The important point to take away from this is that HTA files are programs, just like EXEs and can do dangerous things.

Here is a funny one:

INSECURITY OUTFIT McAfee has decided it’s time to get tough on cybercrime.

We’re not sure how McAfee was tackling cybercrime before the publication of its report, “Security Takes the Offensive”. Whatever it was doing obviously wasn’t enough, given the malware threats out in the wilds of the Internet.

Security would be simplified if Windows was removed from this equation. Earlier today we posted several links to new articles that claim GNU/Linux/Android superiority over Apple when it comes to security. Apple — like Microsoft — is being negligent again.

Apple sits on a patch for a critical flaw

PEDDLER OF BROKEN DREAMS Apple has apparently come up with a patch for a critical flaw in the Iphone OS that gives a hacker so much control over the device that they might as well be Steve Jobs.

Just because this operating system is proprietary doesn’t mean it’s harder to decipher and thus more secure. Fast patching is key.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 22/12/2014: GNU/Linux at Sky News, Another Tizen Camera

    Links for the day



  2. IRC Proceedings: November 30th, 2014 – December 20th, 2014

    Many IRC logs



  3. Links 21/12/2014: China and Linux, GNOME Shell 3.15.3

    Links for the day



  4. The New Age of Games for UNIX/Linux But Not for Windows, Microsoft is Openwashing Windows-Only Games

    The world is moving to GNU- and Linux-powered platforms, so Microsoft withdraws GNU/Linux support from games it buys and starts openwashing its Windows-only games



  5. Microsoft Essentially Sends Malware to Windows and Bricks It

    Microsoft is once again bricking Vista 7, demonstrating lack of reliability or very low quality programming



  6. Microsoft Lays Off Staff, Cheapens Labour as More Companies Are Dumping Microsoft's Lock-in, NSA-Friendly Services, and Windows

    A look at some of Microsoft's latest woes, including an appeal for cheaper labour amid decrease in business



  7. Links 19/12/2014: Robolinux 7.7.1 LXDE, Red Hat Thriving

    Links for the day



  8. Another Microsoft Partner Markets Linux FUD Using Logo, Name, and Lies

    Microsoft's partner Alert Logic is trying to label a feature of Linux a security flaw and even makes marketing buzz for it



  9. Redmonk is Spreading Black Duck's Anti-GPL Talking Points After Payments From Black Duck, Microsoft

    CBS' ZDNet spreads the GNU-hostile narrative which comes from Redmonk, funded by Microsoft and Black Duck, citing Black Duck, which also comes from Microsoft and is a partner of Microsoft



  10. 'Good' Software Patents From EA Show Cases Where DRM is a Patent Infringement

    Where two evils collide the public benefits, or how some software patents discourage the use of DRM



  11. Richard Stallman: What Does It Mean for Your Computer to Be Loyal?

    New article from Richard Stallman



  12. Links 18/12/2014: LinuxQuestions.org Polls, Fedora for POWER

    Links for the day



  13. Links 16/12/2014: Google and ODF, Civilization: Beyond Earth Comes to GNU/Linux

    Links for the day



  14. Bill Gates' Pet Troll Intellectual Ventures is Collapsing as Founder Quits

    Intellectual Ventures founder leaves after an exceptionally large round of layoffs, despite [cref 77299 recent subsidies from Sony and Microsoft]



  15. Keeping Software Patents Out of Europe Following the Demise of Software Patents in the US

    Instability in the EPO seemingly prevents further expansion of patent scope, which is the subject of scrutiny of EPO staff



  16. Links 15/12/2014: OSI 2014 Annual Report, GPLv2 Court Test

    Links for the day



  17. Links 14/12/2014: Calligra 2.9 Beta, Krita 2.9 Beta

    Links for the day



  18. Software Patents Are Dying in the US, But Patent Lawyers Refuse to Admit It

    Patent lawyers continue to distort the reality of software patents' demise in the United States



  19. Links 13/12/2014: Android Wear “Lollipop”, European Commission and FOSS

    Links for the day



  20. Time to Take Microsoft Out of British Aviation Before Planes Crash Into Buildings

    London's mighty Heathrow Airport among those affected by a Microsoft-reliant air traffic control system which is not being able to properly recover from an outage, and not for the first time either



  21. News From France and Germany: Battistelli Under Fire, But Not Fired Yet, Just Firing His Opposition

    The régime headed by Benoît Battistelli and his criminal deputy continues to overthrow or pressure out everyone who is not 'loyal' to the régime



  22. Links 12/12/2014: Linux++, KDE Frameworks 5.5.0, Calligra 2.8.7

    Links for the day



  23. The USPTO is Broken: New Evidence Presented

    The scope of patents, as evidenced by some statistical figures and individual patents, shows that the USPTO is broken and must be reformed or dismantled



  24. US Patent Reform (on Trolls Only) More or Less Buried or Ineffective

    An update on efforts to reform the patent system in the United States, including the possibly imminent appointment of Michelle Lee to USPTO leadership role



  25. Software Patents in Canada Not Dead Yet

    Canada's patent status quo increasingly like that of the United States and Canadian giants like BlackBerry now pose a threat to software developers



  26. Dreaming of a Just Christmas: When a Third of EPO Walks Out to Revolt and European Judges Attack the EPO Over Abuses

    Information about the abuses of Battistelli et al. at the EPO are finally receiving wider coverage and increasing the strain on Battistelli's authoritarian reign



  27. Links 11/12/2014: Red Hat Enterprise Linux 7.1 Beta, Firefox 35 Plans

    Links for the day



  28. Ubuntu Core Announcement is Not About Microsoft and Hosting Ubuntu on Azure is Worse Than Stupid

    The power of media spin makes the idea of hosting Free software under the control of an NSA PRISM and back doors partner seem alluring



  29. France Gets Involved in Battistelli's Abuses in the EPO - Part XII (Updated)

    The EPO scandal has officially spilled over to France, where a French Senator got involved and starts asking serious questions



  30. Rolling of Heads Likely Imminent at EPO

    The European patent system is shaking as management breaks the rules, staff is protesting against the management every week, and charges of corruption resurface


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts