Bonum Certa Men Certa
Links 11/12/2008: New LF Technical Advisory Board; Cybersource for Free Software in Education | Rob Enderle Guarantees “Amazing Numbers”, Show E-mails to Microsoft

Nothing New Under the Microsoft

Cracker



Microsoft's handling of security is a cyclic routine that goes like this:

  1. Many flaws get reported, accumulated, and then mostly ignored
  2. Attacks on the unpatched flaws begin, so Microsoft 'kindly' bothers to work on patches in a rush
  3. Patch Tuesday arrives and Microsoft delivers a slew of patches (occasionally delivering nothing critical for bragging rights in the press, only to deliver a massive number of critical patches the following month, i.e. deferral)
  4. Patches arrive too late, after many servers and desktop have already been hijacked
  5. A number of zero-day flaws emerge, some of which exploiting vulnerabilities Microsoft has been aware of for a long time
  6. Patches turn out to be dysfunctional and consequently many computers are left out of services
  7. Microsoft reworks the patches and then delivers a patch to the broken patches
  8. Repeat (1)


This month was no exception. Microsoft delivered half a dozen "critical" patches (usually meaning that the vulnerability they patch enables crackers to seize full control of a to-be-compromised machine).

Appended below are reports from the past couple of days alone. The lies need to end because everyone suffers.

____ [1] Another Microsoft Bug Revealed on Huge Patch Day

Along with its biggest patch release in five years, Microsoft warned on Tuesday of another potentially dangerous vulnerability in its software.

The problem lies within the WordPad Text Converter for Word 97 files, Microsoft said in an advisory.

The systems affected include Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Microsoft said. XP Service Pack 3 and the Vista operating systems are not affected.


[2] Two new zero-day exploits dent Microsoft's Patch Tuesday

Microsoft's Patch Day delivered eight updates, but has been overshadowed by newly discovered zero day holes, which are apparently not closed by the new updates.


[3] New Web Attack Exploits Unpatched IE Flaw

As Microsoft readies its latest set of security updates, online attackers have begun exploiting a new flaw in the company's Internet Explorer (IE) browser.


[4] Third Zero Day exploit appears

Microsoft has confirmed it is investigating another zero day exploit.


[5] Security vulnerability found in MS SQL Server 2000

SEC Consult say Microsoft has been aware of the problem since April this year. Despite the promise of a patch by September, a release date for the patch remains uncertain.


Comments

Links 11/12/2008: New LF Technical Advisory Board; Cybersource for Free Software in Education | Rob Enderle Guarantees “Amazing Numbers”, Show E-mails to Microsoft

Recent Techrights' Posts

BetaNews Appears to Have Fired All Of Its Staff
Even serial sloppers
Gemini Protocol Turns 6 on Friday
Active (online) Gemini capsules are estimated by Lupa at over 3,000
 
Links 17/06/2025: Windows TCO and G7 Rifts
Links for the day
The Right to Know and the Freedom to Report on Crime (at the Higher Echelons)
I'd like to do the same thing for the next 20 years
After the Web Becomes Slopped to Death
A lot of people are rightly fed up with the "modern" Web
Microsoft's Windows is a Niche Operating System in Africa
African nations aren't a large contributor to Microsoft's income, but if many African nations move away from Windows, then the monopoly is at risk
Like Most Social Control Media, Microsoft LinkedIn is Collapsing
One reason for Microsoft acquisitions is debt-loading, i.e. offloading and burying its debt
Microsoft is Losing Its Richest Clients
Unlike some very poor countries, Germany and the EU are a considerable source of income to Microsoft
Proprietary Means Not Secure
Proprietary software tends to rely on secrecy, not good design
Slop in 'AI' Clothing is a Passing Fad, We'll Get Past It (Like Blockchain Before That)
Many people cheat in exams using slop and there are professionals that try using slop as a "shortcut"
GNOME Does Not Campaign Against Microsoft, KDE Does
It's good to see that KDE is still active in promotion of Free software - a term that it uses
Slopwatch: BetaNews, Linuxsecurity, and Other Prolific Slopfarms
name and shame the sites that establish such proliferation of slop
Gemini Links 18/06/2025: Birch Lake and Loon Pond
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 17, 2025
IRC logs for Tuesday, June 17, 2025
Links 17/06/2025: "The Grift Economy" and Kubernetes Does Proprietary
Links for the day
Microsoft's "FUD-as-a-Service" (Against Linux) Not Functioning Well
This is the kind of contribution companies like Microsoft and Google have to offer to society
Betanews Becoming a Slopfarm is "Betanews Growing Alongside You", According to Betanews
Their first 'article' in over two weeks is 52% "AI-generated" (slop), 33% mixed (edited slop), 18% human-written, says an advanced scanner.
Coffee Day and LLM Sloppers
The LLM slop "bros" are a lot like fake-money bros; they lie to people, they boast that they lie to people, and they're generally bad people, BS artists in colloquial terms
Double-Dipping the Docket for Microsoft Glory and Censorship of Microsoft Critics
same lawyer, same barrister, all US, all Microsoft
TheLayoff Censorship of IBM Threads Has Gone Truly Ludicrous
we do not argue that TheLayoff should not cull LLM slop
More Stallmanites Added to FSF Board and Summer Fundraiser Commences
There's some good news from the FSF
Gemini Links 17/06/2025: Consistency and Notes About NixOS
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 16, 2025
IRC logs for Monday, June 16, 2025
July 2 2025 Would Not be First Big Wave of Microsoft Layoffs Before Major National Holiday
July 2 or 3 mark the start of a very long weekend in the US
IDG's NetworkWorld Seems to Have Just Become LLM Slop
If IDG (now controlled by China) does that in at least one site, why not the rest? Only a matter of time?
Gemini Links 16/06/2025: Free Lunches and Bookmarklet for Mastodon
Links for the day
IBM: Less Than a Month's Severance for Each Decade of Service
Yes, decade!
Taking a Lesson From Denmark and Greenland? Iceland Shows New Lows for Windows, All-Time Highs for GNU/Linux
If Microsoft sabotages systems of judges at the Hague (in order to appease the insane man who wanted to invade Greenland), why won't its neighbour Iceland take note?
BetaNews Has Just Deleted Its Latest 'Article' or Got Cracked Again and Restored From Outdated Backup Again
BetaNews seems to be in some serious trouble right now
Software Freedom is "Activism" Because the Corporate Agenda Revolves Around Bribery, Deceit, and Betrayal
At the end Software Freedom will win because it's on the same side as truth and lawfulness
The EPO, Europe's Largest Patent Office, Admits Outsourcing to Microsoft Slop
Their sole goal is to make more money
Links 16/06/2025: EchoLeak and NASA Teaming up With India
Links for the day
The Better the Understanding or the More Nations Understand the Threat Posed by Microsoft, the Faster It'll be Eradicated
We believe that the thing to advocate is self-hosting and Free software... A lack of simplicity or absence of alternatives is a form of vendor lock-in
A Week of Sunlight
They say transparency is like sunlight to a vampire
"Linux" Sites That Went Astray
there are even worse things than shutdowns
Links 16/06/2025: Climate, Wildfires, Breaches, and Monopolies
Links for the day
Links 16/06/2025: Summer in Finland and Misunderstandings
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 15, 2025
IRC logs for Sunday, June 15, 2025