Bonum Certa Men Certa

All Versions of Windows Vulnerable, Under Attack, So Microsoft Gets Botnets

Water



Summary: A US court gives Microsoft botnets-operating domains after Windows failed to stay in the users' hands (due to faulty design of Windows, lack of disclosure, and lack of urgent patches)

DUE TO Microsoft's insistence on silent patching, it is impossible to know just how many flaws in Windows require fixing (Microsoft is ranked worst for patching). Microsoft says that 13 more are coming, but the real number might be far higher because the company patches without disclosing (for secrecy/vanity purposes).



According to the company’s advance notification for this month’s Patch Tuesday, there will be a total of 9 bulletins (four rated critical) addressing flaws in all versions of Windows, including Windows 7 and Windows Server 2008.


Yes, the 'legendary' Vista 7 too is a block of Swiss cheese. Is anyone surprised? Now that Windows XP is being pulled (SJVN gave some dates and there is corroboration)), some of the world is left to rely on some 'newer' versions of Windows which are not necessarily more secure.

“[W]hen nobody is using Windows, there will be no botnets”
      --Eben Moglen
Professor Eben Moglen said quite recently that "when nobody is using Windows, there will be no botnets" (watch the video where he has even harsher words for Windows).

How about this new report from Ryan Naraine? All versions of Windows appear to be affected by a new worm and OpenBytes says that "victims include Disney, Nasa AIG and others," at least based on the sources Tim read.

Windows is reported to be yet again under attack and as usual it is the end-user who suffers. The BBC is reporting that a worm, spread by unsuspecting souls opening a PDF attached to an email, see’s their Outlook address book hijacked with the worm sending itself out to everyone contained therein.


Those E-mails are sent through botnets, which are of course zombie PCs running Windows. It's a brute force- and remote access-reliant cyber crime. Symantec is concerned:

A fast-moving email worm that began spreading on Thursday has been able to affect hundreds of thousands of computers worldwide, anti-virus provider Symantec warned.

The email arrives with the subject “Here you have.” An executable screensaver that's disguised as a PDF document then tries to send the same message to everyone listed in the recipient's address book. The .scr file is a variation of the W32.Imsolk.A@mm worm Symantec discovered last month.


Watch Microsoft responding. It "Acquired its Own Botnet," said Pogson, pointing to this new report. [via]

CONTROL OVER 275 DOMAINS that are used by operators of the malware botnet Waledac has been given to Microsoft by a US court.

Microsoft can now shut down the sites and the company does not expect an appeal against the judgment. It said that the botnet's operators have objected to the move in other ways, such as launching a denial-of-service attack on its legal team.


This is becoming an embarrassment. Microsoft is getting possession of botnets, which are still being created by the hundreds of millions (in terms of node count), so it's really just a futile attempt to correct the uncorrectable (unless Windows gets abandoned by everyone).

Recent Techrights' Posts

[Video] Richard Stallman's Talk in Sweden, Attended by Nearly 700 People, is Now Online
The Web page is in Swedish, but the talk is in English
 
Bad faith: can't change Debian Social Contract (DSC) without unanimous consent of every joint author
Reprinted with permission from Daniel Pocock
Confirmed: Very Close Friend of Bill Gates and Microsoft's Biggest Patent Troll Nathan Myhrvold Flew the Lolita Express (a Gateway to Pedophilia), According to Bill Gates-Sponsored Seattle Times
There is no speculation or any "conspiracy theories" here;' those are verified facts
Gemini Links 25/10/2025: "The Highest Leader of The Global Civil Society Community", SSL Certificates Causing Bitrot
Links for the day
Links 25/10/2025: Target Layoffs and "Shutdown Sparks 85% Increase in US Government Cyberattacks"
Links for the day
"Big Data" Was a Big Lie
Remember "Big Data"? Remember "Data Scientists"...?
statCounter Has Been Broken for a Long Time
Considering the huge proportion of Web requests that come from LLM bots (more so this past year or two), statCounter may struggle to justify the operating costs
Techrights Anniversary Party on November 7th
Let us know if you need any accommodation-related arrangements
Trends That Must Alarm Microsoft and Mozilla
Expect Firefox to no longer be supported by various sites in the US
Why Microsoft Became the Layoffs Leader
The corporate media is projecting or signalling its own dishonesty when it tells us that Microsoft is a very "valuable" company while the data shows Microsoft is also a "market leader" in layoffs
Speaking for Ourselves and Letting the Facts Speak for Themselves
we've already published over 50,000 pages
For Second Time in a Day The Register MS Takes Money From Private Companies to Sell a Ponzi Scheme
Do not have empathy for those who have zero empathy towards you
IBM is Misleading IBM Shareholders
IBM is still all about vapourware and buzzwords
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, October 24, 2025
IRC logs for Friday, October 24, 2025
The Serial Slopper Starts Up - or Restarts - His Plagiarism Machine (LLMs)
Serial Sloppers like these don't belong in news sites. That's why he got sacked by BetaNews.
Links 24/10/2025: Esperanto Music History, Anxiety, and New Portals
Links for the day
Slopwatch: LinuxSecurity.com, Linux Journal, and Pet Slopfarms of Google News
Why does Google News still advance these fake sites to the top of search results?
Links 24/10/2025: Inequality Grows, Billion-Dollar Scam Center Industry
Links for the day
Links 24/10/2025: "Independent Media in Cambodia is Collapsing" and Serious F5 Breach
Links for the day
Coping With the Site Going More Mainstream
Fame is no laughing matter
They Never 'Put Down' Corporations
There are "pests" that are traded in Wall Street
21 Pages in Less Than 7 Hours is No Joking Matter
We've become a lot more effective and efficient
Correct Information is a Valued Asset in the Age of Slopfarms and Public Relations (PR) or Spin
Publishing suppressed facts is never easy
The Register MS Continues to Bag Money to Promote a Ponzi Scheme, Even Money From China
Today in the front page
analytics.usa.gov: The Only Supported Version of Windows (This Past Week) is Only Used by About 13.9% of People in the US, the Home Base of Windows
Even Vista 7 is still used more
Rust is Very Secure
If only Rust itself is secure
Who Will be Held Accountable for Breaking Ubuntu by Imposing Rust on Otherwise-Functional Programs, in Effect Replacing GNU With Proprietary Microsoft (GitHub)?
they're practical people who merely point out that a bunch of buffoons not only ruin Ubuntu but also every future distro based on Ubuntu
Generation Chaff - Phase VIII: In Summary
Like "Science" with a capital "S", what we see here commercial interests usurping everything
Generation Chaff - Phase VII: Curtailing Alternative Media
There was always an obligation - a collective duty of sorts - to uphold independent journalism
Generation Chaff - Phase VI: Centralisation of Information (X, Cheetok/Fentanylware)
Would you trust information when controlled by such people?
Generation Chaff - Phase V: Censorship of Dissent (Painted as Harassment or Terrorism)
Censorship is all around us now
Generation Chaff - Phase IV: Apps Only Few Companies Decide On
Tools are being collectively confiscated, under the premise or false prospect of "security"
Generation Chaff - Phase III: Slop and Plagiarism
A lot of the current so-called 'economy' is built upon false valuations
Generation Chaff - Phase II: "Cloud", Blockchains and Other Hype
For those of us who turned down those propositions there was a struggle; we needed to justify not having skinnerboxes or "social" accounts in some site run by a private company
Generation Chaff - Phase I: Social Control Media
IRC predates the Web
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 23, 2025
IRC logs for Thursday, October 23, 2025
More Clues Shed on Collapse of Microsoft XBox
XBox is basically circling down the drain as Microsoft implements 2-3 waves of layoffs each month
'Vibe Coding' Doesn't Work
In a lot of ways, so-called 'Vibe Coding' is already considered vapourware or a passing fad promoted in the media by managers who try to justify mass layoffs, especially ridding companies of "very expensive" software engineers
Links 24/10/2025: Microsoft's Killing of XBox Connected to Revenue/Profit Problems, "How Elon Musk Ruined Twitter"
Links for the day
Gemini Links 24/10/2025: 86,400 Seconds and "Society's Task"
Links for the day
Slopwatch: Google News and Slopfarms That Relay Nonsense From LLMs
Google News, which once prioritised or used to care about provenance and quality, is feeding slopfarms
Links 23/10/2025: More Health Concerns Over Dumb Chatbots (LLMs) and "Talking Cars" as Latest Buzz
Links for the day
Gemini Links 23/10/2025: Daylight Savings Time and Duration Shorthand
Links for the day
Links 23/10/2025: LLM 'Hallucinations' (Defects) in Practical Code 'Generation', China Becomes More Economically and Technologically Independent
Links for the day
Why We Support Richard Stallman and You Probably Should Too
It's not about being "Richard Stallman fan", it is about maintaining the right to hold positions (on technology) like his
Linux Foundation Uses LLM Slop to Promote Microsoft in Linux.com (Again), Rendering It a Linux-Hostile Slopfarm
Openwashing with slop by "Linux.com Editorial Staff", which basically seems to be a bot
Some Large German Media Covers Richard Stallman's Talks in Germany Earlier This Week
LLM-based chatbots are just "bullshit generators" (as he has long called them)
Links 23/10/2025: Windows TCO Galore and "The Internet Is Going to Break Again"
Links for the day
Trouble in Red Hat/IBM and a Retreat to Ponzi Economics in Search of Wall Street Market Heist
Would you invest your life savings in this kind of crap?
Who Asked Software in the Public Interest (SPI) for a Refund? ($100,000, Resulting in Losses of $267,201 in 12 Months, Highest-Ever Losses)
The IRS does not reveal who or what's tied to this refund (or the cause/reason)
Social engineering attack: Debian voted to trick you on binary blobs
Reprinted with permission from Daniel Pocock
Techrights Will Always Stand for Women's Rights
We even invest money - personal savings that it - in our principles
Certified Lawyers Should Know Better (Than to Intimidate Us With Man Who Drives on Motorcycle Through a Really Bad Storm Between Distant Cities, Then Collects Photos of Our Home)
Mentioning someone was in prison for bad things isn't a crime, it's a public service
The "AI" (Slop) Bubble is Already Imploding
"ChatGPT Usage Has Peaked and Is Now Declining, New Data Finds"
The So-called "Sexy" Buckets (AI, Quantum) Cannot Save IBM From Reality, Shares Tank
"No matter how much financial hocus-pocus they use to reclassify revenues to land in the "sexy" buckets (AI, Quantum), it still smells old and musty - just like this company."
Paul Krugman is Wrong About the Scope of Mass Layoffs in the United States
A few years ago society was accelerating its journey towards feudalism, boosted by COVID-19
Links 23/10/2025: Proprietary Blunders and CISA's Latest Disclosure of Holes
Links for the day
Gemini Links 23/10/2025: Fast Past (F1), 99.9% Uptime
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 22, 2025
IRC logs for Wednesday, October 22, 2025