Bonum Certa Men Certa
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Microsoft Back Door in Windows (All Versions) Intentionally Left Open For Over a Year, Existed for 15 Years

Summary: It has become more obvious that Windows back doors are there by design (or knowingly left there by intention) even after Snowden's NSA leaks

THERE ARE SOME corporate media reports about Microsoft patches, but few realise the significance of it. Microsoft tells the NSA about unpatched holes in Windows and other Microsoft software, which is the equivalent of giving the NSA back door access.



As we noted some weeks ago, evidence shows that Microsoft doesn't care about security and it is evidently the same with Apple. They both sat on known flaws that were critical for longer than 3 months, refusing to patch them. Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known).

"Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known)."Dan Goodin, who typically spends his 'journalism' career bashing Free software over security, has finally decided to shift some focus and write about a massive Windows flaw. It's a major one, no doubt; But no name, no "branding"...

In Goodin's own words:

Microsoft just patched a 15-year-old bug that in some cases allows attackers to take complete control of PCs running all supported versions of Windows. The critical vulnerability will remain unpatched in Windows Server 2003, leaving that version wide open for the remaining five months Microsoft pledged to continue supporting it.

The flaw, which took Microsoft more than 12 months to fix, affects all users who connect to business, corporate, or government networks using the Active Directory service. The database is built into Windows and acts as a combination traffic cop and security guard, granting specific privileges to authorized users and mapping where on a local network various resources are available. The bug—which Microsoft classifies as MS15-011 and the researcher who first reported it calls Jasbug—allows attackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a man-in-the-middle exploit that executes malicious code on vulnerable machines.


The significant part is in the second paragraph above ("took Microsoft more than 12 months to fix"). We can interpret that as saying that the hole, which NSA used for over a year for back door access (because Mirosoft told the NSA about it), is finally being acknowledged to the public. Therein lies the 'magic' of proprietary software. Is the NSA now 'done' cracking all the world's networks that have Windows in them? Is it now 'safe' to finally close this back door?

Microsoft Windows is an utter joke when it comes to security, as Microsoft's own actions serve to show. Back doors surely look like the goal, not an error. Windows was recently used to crack Sony years after the NSA had cracked North Korea's network. Those who knowingly used an operating system with back doors can't blame anyone other than themselves and perhaps Microsoft/NSA. Misplaced blame these days typically names China, Russia, or North Korea.

Remember that Microsoft leaves security holes open/in fact anyway, no matter if versions of Windows are supported or not (upgrades are neither simple nor free). As Goodin's former employer puts it:

What happens six months from now, on 14 July? That's the date Microsoft issues its last security fix ever for Window Server 2003 – the end of extended support from the server operating system's maker.


The article states that many servers will basically be left with permanent back doors. Many of them contain customers' (or patients') data.

As Robert Pogson put it, "Server 2003, which is due to go without support this summer won’t be fixed for a recent Patch Tuesday revelation of a vulnerability built-in by design a decade ago and impossible to fix without breaking everything…"

He concludes correctly: "Maybe it’s time people switched to GNU/Linux, an operating system not designed by salesmen. It’s not perfect but at least the bugs are fixable."

Yes, even bugs with special names, logos, and "branding" -- those that the corporate media loves to hype up.
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Recent Techrights' Posts

Passage of Wealth Upwards, Blaming the Victims
Tim Sweeney's net worth is 5.1 billion USD according to Forbes
EPO Strike Begins Today and It's the Longest One Yet (Can Last a Year)
Where's the media?
People Discuss Rumours of Mass Layoffs at IBM Becoming Public in 1-2 Weeks
IBM is killing its brand or its "goodwill"
 
Links 30/03/2026: "We Can’t Income-Tax Ultra-Elites"; "The Pirate Bay’s Oldest Torrent Turned 22"
Links for the day
Today, Europe's Second-Largest Institution (EPO) Goes on Strike That Can Last Until 2027. Nobody in the Media Covers This!
"We stand with the protesters"
When the Cost (or Time) of Maintenance Exceeds the Value
In recent years it seems like more people learn to remove things from their lives, not add more things
More Media Needs to Tell the Public Slop is a Giant Bubble, It Should Stop Taking "Sponsorship" Money to Inflate This Bubble
If enough of (what's left of) the media changes its tune and quits being a parrot of GAFAM, then we can debate slop like grown-ups
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 29, 2026
IRC logs for Sunday, March 29, 2026
Trying to Hide One's Abuses by Imposing Silence on Critics ("My Profile Was Private")
With enough daylight, sooner or later everyone knows you are a vampire
Fedora Badges System Shows the Demise of Fedora Under IBM
IBM isn't good at keeping what it buys
IBM is Sunsetting Red Hat, It Only Uses the Brand and the Shell
IBM buys or spins off companies as containers for "toxic assets" and debt
Cisco Systems is a Still Weak Spot With Bug Doors
nothing to offer except storytelling
Gemini Links 30/03/2026: Approaching April and Arvelie Calendar
Links for the day
No Daylight Saved
Is there still any practical reason for this ritual?
Microsoft Azure Does Not Have "Hiring Freezes", It Has Had Mass Layoffs Every Year Since 2020
Things are always a lot worse than Microsoft formally or publicly acknowledges
SLAPP Censorship - Part 27 Out of 200: Using the Tor Network to Hide From Consequences
Only 1-2 weeks after the countersuit the Canadian attempted to deplatform several Web sites
The Limits of Inclusion
Inclusion with caution isn't "opinionated"; it's a defence mechanism, sometimes a survival instinct
Almost 20 Years After Microsoft/Novell
The mission has not changed, but the priorities evolve all the time
LLM Slop Kills Sites, as Sites That Adopt Slop Are Doomed
People won't subscribe to such sites and visit them if they recognise it's just slop
Links 29/03/2026: Indonesia Cracks Down on Social Control Media Addiction, China Becomes World’s Scientific Superpower
Links for the day
Fedora at the Mercy of Microsoft Because of Back-Doored Kick-Switch Boot
We'll soon revisit the defamation attacks on Torvalds
Links 29/03/2026: Water Shortages and No Kings Rallies
Links for the day
The Old Days
In the early days of this site (2006) it was mostly just a couple of people, plus comments
Gemini Links 29/03/2026: Return to Gopherspace, "Zen of Marking Playing Cards"
Links for the day
The Real XBox is Dead, So Microsoft is Calling Everything "XBox" Now
It even wanted to run a campaign to convince everybody that XBox is not actually a console
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 28, 2026
IRC logs for Saturday, March 28, 2026
Open Web Destroyed by Centibillionaires, Says Anil Dash of Blogging Fame
Blogging was going through its 'prime years' about 20 years ago
"Linux" Slop Going Away, Microsoft et al Pay 'Linux' Foundation to Promote Slop
It's a timely reminder that the Linux Foundation exists to promote whoever pays the Linux Foundation, even pedophiles and companies that attack the GPL
Links 28/03/2026: Microsoft's LinkedIn a National Security Risk, Microsoft's Slop "Ambitions Face Investor Scrutiny Amid Soaring Costs"
Links for the day
Gemini Links 28/03/2026: "Finding My Base Tone", "Astrobotany", and BugoutBack/OFFLFIRSOCH
Links for the day
Links 28/03/2026: More Worldwide Bans on Social Control Media (Harms to Adolescents), Protests in US Against Dictatorship
Links for the day
SLAPP Censorship - Part 26 Out of 200: Asking for Documents and Information You Already Have, Even Letters and E-mails That You Yourself Sent!
barristers are expensive
Gemini Links 28/03/2026: Echo Delay and 0x0.st
Links for the day
Rumours of More IBM Mass Layoffs at Beginning of April
IBM is not doing well
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 27, 2026
IRC logs for Friday, March 27, 2026