Bonum Certa Men Certa

Nothing New Under the Microsoft

Cracker



Microsoft's handling of security is a cyclic routine that goes like this:

  1. Many flaws get reported, accumulated, and then mostly ignored
  2. Attacks on the unpatched flaws begin, so Microsoft 'kindly' bothers to work on patches in a rush
  3. Patch Tuesday arrives and Microsoft delivers a slew of patches (occasionally delivering nothing critical for bragging rights in the press, only to deliver a massive number of critical patches the following month, i.e. deferral)
  4. Patches arrive too late, after many servers and desktop have already been hijacked
  5. A number of zero-day flaws emerge, some of which exploiting vulnerabilities Microsoft has been aware of for a long time
  6. Patches turn out to be dysfunctional and consequently many computers are left out of services
  7. Microsoft reworks the patches and then delivers a patch to the broken patches
  8. Repeat (1)


This month was no exception. Microsoft delivered half a dozen "critical" patches (usually meaning that the vulnerability they patch enables crackers to seize full control of a to-be-compromised machine).

Appended below are reports from the past couple of days alone. The lies need to end because everyone suffers.

____ [1] Another Microsoft Bug Revealed on Huge Patch Day

Along with its biggest patch release in five years, Microsoft warned on Tuesday of another potentially dangerous vulnerability in its software.

The problem lies within the WordPad Text Converter for Word 97 files, Microsoft said in an advisory.

The systems affected include Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Microsoft said. XP Service Pack 3 and the Vista operating systems are not affected.


[2] Two new zero-day exploits dent Microsoft's Patch Tuesday

Microsoft's Patch Day delivered eight updates, but has been overshadowed by newly discovered zero day holes, which are apparently not closed by the new updates.


[3] New Web Attack Exploits Unpatched IE Flaw

As Microsoft readies its latest set of security updates, online attackers have begun exploiting a new flaw in the company's Internet Explorer (IE) browser.


[4] Third Zero Day exploit appears

Microsoft has confirmed it is investigating another zero day exploit.


[5] Security vulnerability found in MS SQL Server 2000

SEC Consult say Microsoft has been aware of the problem since April this year. Despite the promise of a patch by September, a release date for the patch remains uncertain.


Comments

Recent Techrights' Posts

Why the Media is Dying (It Sucks, No Mentally Healthy People Will Tolerate This for Long)
linking to actual news articles helps fuel the spam, too
Something is Happening at OFTC
It looks like it shrank by 20,000 users
GNU/Linux Usage in Guadeloupe Rises Closer to International Average, Based on Web Data Collected by statCounter
It should be noted that the estimates of GNU/Linux usage are now in 4.5% territories
 
[Meme] Twitter (X) Will Reject the Concept of a Female President
Twitter (X) is controlled by misogynists, who socially control (or socially-engineer) their fake concept of "media"
Second Family Photo of Julian Assange Since His Release (First Since His Birthday)
His wife shows the 4 of them for the first time (2 hours ago)
Protesters in Kenya Need Software That is Free (Libre) and Supports Real Encryption in Order to Avoid Capture and Torture (Sometimes Execution)
There's more to fight over than economic issues
The Ludicrous Idea That GNU/Linux is a "Poor Man's" Operating System
Seeing the trends in countries such an Norway, it ought to be abundantly clear that adoption of GNU/Linux has nothing to do with poverty
Links 22/07/2024: Internet Optimism and Kamala Harris Policies Debated
Links for the day
The Impact of OFTC's Latest Changes on the Perceived Scale of IRC Globally
IRC is still one of the more potent alternatives to the social control media conglomerates
New: Why They Really Went After Assange
Uploaded by Chris Hedges
Links 21/07/2024: Health, Politics, and Kamala Harris in Focus
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, July 21, 2024
IRC logs for Sunday, July 21, 2024
A Drop in Half (From 208 to 104): Sharp Decline in Number of Gemini Capsules That Use Let's Encrypt CA Since December
Gemini is increasing its independence from Certificate Authorities (CAs)
Gemini Links 21/07/2024: Last of Old Computer Challenge and Forth Language
Links for the day
Links 21/07/2024: Climate, Politics, and More Squashed Patents
Links for the day
Only a Quarter of Web Requests in Micronesia Traced Back to Microsoft Windows (It Used to be Well Over 95%)
Micronesia has over half a million people in it
Your F.U.D. is Already Showing, Microsoft
That talking point is quickly spreading so that CrowdStrike discussions become about "Linux" instead of Windows
Andrew Feinstein on Why Freeing Julian Assange is About the Freedom of the Press in General
Feinstein points out that truth itself is being challenged by people who value power, not truth, and typically seek to do things like sell arms and start proxy wars
In Palau, Windows Has Fallen to 16%
15 years ago Windows was at 98%
Gemini is Blossoming and More Capsules Are Self-Signing, Rejecting the Defunct and Falsely-Marketed Certificate Authority (CA) Model
Gemini is still very fast, not only because objects are lightweight but the protocol itself - i.e. the underlying logic - is as simple as it needs to be and only as complex as it must be
Gemini Links 21/07/2024: New Garden and New Gemini Arrivals
Links for the day
Links 21/07/2024: Extreme Heat and Fortescue Layoffs
Links for the day
GNU/Linux Lifted Up 0.03% Closer to 4.5% "Market Share" (or 50% More Than a Year Ago)
How many businesses and homes are permanently giving up on Windows after recent days' events?
Giving the False Impression That the R blogosphere is Microsoft's Microcosm
Curation that culls "astroturfing" isn't censorship but quality control for relevance
High Adoption Rates for GNU/Linux in Albania, According to statCounter
Albania has been a central point of some GNOME and diversity scandals
It'll Soon Be Half a Decade Since COVID-19's Breakout, We Still Need Verified Facts (Not Corporate Dogma) and Proper Media Reporting
COVID-19 has meant different things to different people
For the First Time, Microsoft's "Market Share" in North Macedonia Falls to Only a Quarter
Microsoft only has Windows
Evan Versus Julian
Published by Julian Assange's wife some hours ago
What The Internet Can Achieve When Put in the Hands of the Good People and Not Censored by the People Who Already Control the Mass Media
albeit Wikileaks put that in social control media owned and controlled by oligarchs
IRC Proceedings: Saturday, July 20, 2024
IRC logs for Saturday, July 20, 2024
Over at Tux Machines...
GNU/Linux news for the past day
[Meme] Hate Speech
This is also what makes TikTok so dangerous
Shark-infected Water on the Web
Don't turn Gemini into another "Web"
OpenHarmony, HarmonyOS Next, Deepin, Kylin, and openKylin: How China's Various Manoeuvres Away From Windows Get Covered in the West
Kylin was openly based on Ubuntu
WikiLeaks Wonders: Major Leaks That Shook the Worlds
Published 14 hours ago
No Outage Here
Microsoft seems to have lost control of the narrative
Links 20/07/2024: Tesla's UK Lawsuit for 5G Patents Licence Thrown Out by UK Court, Censorship Examples Surface
Links for the day
Gemini Links 20/07/2024: Why Sleep Is So Important, Bot Problems Online
Links for the day
[Meme] Truth Hurts
"Saying that I physically assaulted women is 'defamation'"
Techrights Turns 18 in About 3 Months
Nothing can stop us
When (Software) Freedom is the Goal
Freedom of thought also
Expect Many More Microsoft Layoffs After the Latest Windows Outages (Bonus: More Media Says Microsoft Has Cut Half the Staff in Nigeria)
after the latest worldwide blunder we can expect many businesses to gradually ditch Windows
Microsoft Has Managed to Make GNU/Linux Users Scared of Updating Their GNU/Linux PCs (Thanks to UEFI 'Secure' Boot's Boosters!)
How many people know who's responsible for this mess?
Today GNU/Linux Broke All-Time Record in statCounter Again
Expect more people to hop over to GNU/Linux after the Windows fiasco
Joab Jackson and "The New Stack" Publishing Microsoft Spam (E.E.E. Against Linux) for a Payment From Microsoft
It's not a real news site
Links 20/07/2024: Patents on Software Squashed, Further Attacks on Independent News Sites
Links for the day
Links 20/07/2024: Shopping Mall in Southwestern China and New Health Crises
Links for the day
Microsoft/Windows Has Fallen Well Below 1% (Now 0.7%) in American Samoa
statCounter Sees Microsoft Windows at Below 1% in American Samoa
The Thelio Mega Is a Dual-GPU Linux Supercomputer
System76 sells many desktops and laptops built to run Linux. The company has now revealed its new high-powered Linux desktop, the Thelio Mega
[Meme] "System of a Down"
The latest international catastrophe kills people
Geminispace Growing and Getting More Free (Independent)
Because self-signed certificates are the way to go
Why Microsoft is Laying Off So Many People in Nigeria
Nigeria is a place Microsoft has lost
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 19, 2024
IRC logs for Friday, July 19, 2024
Gemini Links 20/07/2024: Gopher Catchup and Old Computer Challenge
Links for the day