Bonum Certa Men Certa
Revealed: Microsoft is Trying to Corrupt the UK in Order to Eliminate Its OpenDocument Format-Oriented Standards Policy | Forget the FUD About Bash and OpenSSL, Microsoft Windows Blamed for Massive Credit Cards Heist

Windows 'Update' and NSA Back Doors, Including a 19-Year Bug Door in Microsoft Windows

Summary: The back doors-enabled Microsoft Windows is being revealed and portrayed as the Swiss cheese that it really is after massive holes are discovered (mostly to be buried by a .NET propaganda blitz)

Windows 'Update', which essentially translates into Microsoft manipulating binaries on people's machines without any changelog (at least not in source code form), is making the news again this month. Windows 'Update' is happening quite often (a monthly recurrence), but this time there is a lot to say about it.



The British NHS, which holds full medical records of very many individuals, recently received a lot of flack for sticking with an unsupported operating system that was released when I was a teenager instead of upgrading to recently-built Free software like GNU/Linux. Guess what happened to the NHS? "NHS XP patch scratch leaves patient records wide open to HACKERS" says the British press, meaning that not only the NSA gets access to NHS data:

Thousands of patient records could be left exposed to hackers, as up to 20 NHS trusts have failed to put an agreement in place with Microsoft to extend security support for Windows XP via a patch, The Register can reveal.


Another story of a botched update of Windows says that "Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud":

Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in 2012 to hijack Microsoft's Windows Update mechanism.


That's what one gets when using weak ciphers that the NSA promotes and Microsoft willingly spreads. Windows Update is a dangerous tool for many reasons not just because it is bricking Linux devices these days but because it's a tool that gives the NSA a lot of power. Before an update kicks in the NSA is given information that allows it to take full control of PCs with Windows, remotely even (this is done every month). This may sound benign until one learns about Stuxnet (weaponised malware of the NSA) and considers this latest Patch Tuesday:

Microsoft is issuing the largest number of monthly security advisories since June 2011, five of them critical and affecting all supported versions of Windows. And applying the patches will be time consuming, experts say.

“Next week will tell us how many CVEs are involved but suffice to say, this patch load will be a big impact to the enterprise,” says Russ Ernst, the director of product management for Lumension.


CBS, being not just a proponent of espionage, mass surveillance, assassination and violent wars but also a proponent of back doors, had its site ZDNet downplay the above. "So far in calendar year 2014," it said, "Microsoft has fixed 215 vulnerabilities in Internet Explorer" (lots of potential NSA back doors). Then come some lame excuses and damage control from Microsoft in the update, trying to make its bad record look like a positive, neglecting that fact that Microsoft has been secretly patching holes to yield fake numbers and give a false sense of security. Here is the full summary:

So far in calendar year 2014, Microsoft has fixed 215 vulnerabilities in Internet Explorer, with more coming out today. There have been security updates to Internet Explorer every month this year except for January.


This other report, titled "Potentially catastrophic bug bites all versions of Windows. Patch now", does not entertain the possibility of back/bug doors in Microsoft Windows being exploited, despite that fact that Microsoft already told the NSA (prodifing exploit knowledge), which undoubtedly engages in illegal intrusions/cracking. A report from IDG notes that this bug is nearly two decades old and add that only "[w]ith help from IBM, Microsoft has patched a critical Windows vulnerability that flew under the radar for nearly two decades. "

"How many times might this flaw have been exploited by now?"So IBM, despite having no access to source code (as far as we can tell), was perhaps the only reason why Microsoft addressed this issue two decades late, eh? How many times might this flaw have been exploited by now? A reader of us, alluding to that nonsense .NET PR, explains: "Perhaps a big reason for the PR teams trumpeting the open-core or freemium model?"

It sure serves as a good distraction. When Windows XP support (patches) came to an end a Microsoft-connected firm immediately (on the very same day) started throwing brands and logos in relation to an OpenSSL bug, stealing the show and spreading FUD for many months, generalising it so as to appear like a serious, inherent issue in FOSS.

Watch this critical remote code execution flaw in Windows. It is extremely serious, but there is no logo or brand for it (unlike FOSS FUD like "Heartbleed" or "Shellshock" -- with a brand that was even perpetuated by the Russia-based Mandriva the other day).

Revealed: Microsoft is Trying to Corrupt the UK in Order to Eliminate Its OpenDocument Format-Oriented Standards Policy | Forget the FUD About Bash and OpenSSL, Microsoft Windows Blamed for Massive Credit Cards Heist

Recent Techrights' Posts

Microsoft Starts 2025 Like 2024: Mass Layoffs Every Month!
It's a company in tailspin
Beta'News' Still a Spamfarm Run by Bots
It's a source of Web pollution
 
[Meme] Microsoft's Scam Altman, Bigger Scammer Than 'Crypto' 'Currency' 'Exchanges'
More pollution, too
Interest in Microsoft Waning, Company Deep in Debt and Mass Layoffs Implemented Every Month Since 2023
As fewer people still use Windows (over time many move to Android or whatever) that site, microsoft.com, will likely languish some more
Microsoft Says Scale of Layoffs in January 2025 is Several Thousands
Microsoft is the first of GAFAM to announce layoffs in 2025
Microsoft Windows Continues to Sink in India
The consistent and almost linear decrease will continue because Microsoft has nothing in store other than vapourware and mass layoffs
statCounter Has Outdated and Unfit-for-Purpose User-Agent Parsers
poor recognition or parsing or classification of User-Agent strings
[Meme] GAFAM Buying Shares in NYSE:EFF
To the ordinary person, today's EFF isn't a go-to protector, it's just meant to look like one
Sometimes the EFF Prefers to Talk About Sex, Not Tech (or Unnecessarily Conflate the Two Things)
The old name (or brand) remains; the goals? Not so much...
Links 09/01/2025: Software Patents Squashed, Meta Becomes "MAGA" Booster
Links for the day
Gemini Links 09/01/2025: Chants of Sennaar and Security Theater
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, January 08, 2025
IRC logs for Wednesday, January 08, 2025
Gemini Links 08/01/2025: Minimalism and Efficiency With Gemini Protocol and tilde.cafe "May be Shutting Down"
Links for the day
There Used to be an Actual Community in SUSE (OpenSUSE is Dying)
Volunteers with programming skills don't want to become slaves of Microsoft resellers
[Meme] Blindly Trust Rust
First, you need to get it from a proprietary platform
Communications Assistance for Law Enforcement Act (CALEA) is a Far Bigger Problem Than Some Unintentional Bugs (Not Back Doors) in Software
What's a "memory safe programing [sic] language"? Rust has holes in itself, never mind programs made using Rust.
Amid Mass Layoffs at Microsoft (2025) Executives Flock to Google
The managers and executives typically know ahead of time what's coming
Links 08/01/2025: HMPV Concerns and UK Deaths Soared in 2024
Links for the day
IBMers Question IBM's Decision to Send Money to "Chinese Military Companies" in Spite of US Sanctions
Some people bring this up now
[Meme] Real Money and Fake (Speculative, Fictional) Money
"Looking for the next $400,000,000,000 in 'investment'"
Microsoft LinkedIn Going 'the Way of the Epstein'
LinkedIn is going downhill
Will 2025 Bring Recovery of News Sites or Just More LLM Slop? Probably the Latter.
The Web is deteriorating. Geminispace does not have LLM trash (yet).
Engagement in Microsoft GitHub Falls, Expect More Layoffs and Office Closures
Maybe it'll become an "open secret" if some rebellious whistleblower contacts us
Why Government Data on "Job Openings" is Typically a Lie (Perpetrated in Part by Corporations)
Millions (yes, millions!) of fake "openings" exist in the US alone, based on a survey done last year
[Meme] Microsoft's January 6th
Most Microsoft employees want to leave the company
Links 08/01/2025: Arrest of Yoon Suk Yeol Still Due, Prime Minister of Canada Stepped Down
Links for the day
Gemini Links 08/01/2025: Why Mastodon Sucks and Fake Code Generated by Scanning Real Code
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, January 07, 2025
IRC logs for Tuesday, January 07, 2025
All the Latest 'Articles' in This Fake 'News' Site Are SPAM, LLM Slop, or Both (to Googlebomb CES)
These people destroy the Web
Microsoft Has a Google Problem (and GNU/Linux Problem) in Sweden
Sweden likes Chromebooks, Web access data suggests
Less Than a Tenth of a Second
Look ma, static pages!
[Meme] The LLM Salesperson
LLMs are net liability (loss)
LLMs Destroy the Web Not Just by Filling It With Cruft and Chaff (Slop)
It'll destroy many sites or increase the cost of running them
Who Says Microsoft Is Actually Succeeding as a Business? (It's Faking a Lot)
Microsoft has been cooking the books for a long time
The Free Software Foundation (FSF) Turns 40 This Year, Now It Shows Possible Logos for the Special Event That Celebrates Sharing
FSF's options in a nutshell
Links 06/01/2025: 10 Years Since Terrorism Against Satire in France
Links for the day
Gemini Links 07/01/2025: Praise of E-mail and App Store 'Invention'
Links for the day
[Meme] Removing Correct Information
publish what's true
President Biden Has Less Than a Fortnight Left to Pardon Julian Assange (Donald Trump's Regime Plotted to Assassinate Assange)
Don't try to lecture/explain/preach to people that exposing corruption, resisting corruption, and merely covering corruption is "bad" because crime "is everywhere"
From 92% to Less Than 25%: How Microsoft Lost Norway (and Still Loses What's Left)
just like in most countries
Matt Birchler: "This is why it’s important for people to own their presence on the web, especially when it comes to government agencies that need to communicate with people."
hours ago
Microsoft Continues to Attack Users' Choice
We're being herded into uniformity
Diversity of Views, Diversity of Sources
We want diversity, not monopoly
With 10 Days Left the Free Software Foundation (FSF) Looks to Raise Just Over $50,000 More
More than 10 days in Boston (eastern coast)
In Europe, Russia's Yandex About to Become Bigger Than Microsoft's Bing, Google Search Estimated to Have Grown Since the LLM Hype Began
Remember that Bing had many layoffs in the past 2 years, the corporate media barely reported on those
The Google Exodus That Wasn't
Search engines exist to serve their masters, not their users
Google (Blogger) is Already Disintegrating and It's a Reminder of the Great Dangers of Outsourcing Blogs to Companies (Including Automattic or WordPress.com)
Plus, Phoronix admits that using PHP - and not static pages - causes the Web site to be DDOSed, sort of
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, January 06, 2025
IRC logs for Monday, January 06, 2025