Bonum Certa Men Certa

Windows Security: More of the Same

Same mess, different day

VISTA 7 was claimed even less secure [1, 2] than the already-insecure Windows Vista. Microsoft insisted that this was not true and it vigorously denied the problem, as usual. The criticism did not go away though, so Microsoft is finally admits that it was lying and the security problems in Vista 7 are real.



Microsoft admits it messed up Windows 7 security



Following a week where no less than two security flaws were reported in Windows 7 which were officially dismissed and not constituting a vulnerability, it seems there has now been a rather huge change of mind at Microsoft and a frankly astonishing confession.

Microsoft has been at the sharp end of the flawed security stick this week, and the funny thing is it seems that they both made the stick and have been responsible for the continued prodding with it.


Mary Jo Foley came up with an eye-catching headline, namely "Windows 7 chiefs: We messed up."

We've only just mentioned the Pinch Trojan and here is another news report about it.

Variants of the Pinch Trojan are infecting users more than a year after the arrest of its original authors.

More than 4,000 PCs a day were getting infected by just one variant of the information-pilfering malware, according to net security firm PrevX, which bases this estimate on logs from a malware control website left open by cybercriminals.


This very old Trojan is simply not going away and speaking of Trojans, Nato is becoming a victim of them too.

Mr Anil reveals that there has been more than one incidence of Nato officials being socially profiled, and then subjected to "targeted trojans".

He explains how their unseen adversaries gather as much information as possible about the individual then send them an email purporting to come from a friend or a relative.

Trojan horse

If they open the attachment then a sophisticated "worm" or "trojan" can, in theory, take over their computer, scan its files, send them on, delete them, or perhaps most damagingly, alter them without the user knowing.


The British NHS (National Health Service) worked closely with Microsoft and it turned out to be a disaster that keeps getting worse.

FOR THOSE OF YOU who had little faith in the NHS already, prepare for your blood to boil further as figures show that the number of severe faults in NHS computer systems has almost doubled in the last three years.


This article does not even mention hospitals that became botnets because Windows was required by the NHS [1, 2]. This translates into 'theft' (copying) of medical data, which will reach the wrong hands, not to mention the life toll. According to a research firm, there is an ever-increasing number of data breaches reported (many of which never get reported).

My official title may be "analyst," but market research is the part of my job that appeals to the geek in me. Good thing I work at ESG, where we do market research around information assurance all the time.


We have already seen Windows disasters in bank ATMs and now it's the Royal Bank of Scotland which becomes a victim, though it's not entirely obvious which software -- if any - was to blame because the article does not say. When will this end?

Crowbar

Recent Techrights' Posts

Microsoft Has Not Much Left to Show Investors, Shares Fall Almost 20%
It's not even clear how Microsoft makes money anymore
The Fall of the Open Source Initiative (OSI): The OSI Election is Rigged, Biased Against People Who Oppose the Openwashing of GPL-Violating Bots Operated by Microsoft for Profit (OSI Gets Paid to Promote This)
they reckon that pretence of calm would serve them best, helped by puff pieces
In Vietnam, statCounter Sees Microsoft Windows Falling Below 7% "Market Share"
Can Microsoft still demand $500 or more per Windows licence?
Fresh IBM Layoffs Reported in Europe and North America, Jobs Allegedly Moved to South Asia (Low Salaries)
As usual, IBM does not talk about this
The Ludicrous Mythology of Commonality as Signal of Value, Merit, Popularity
Devalue what's true, promote marketing?
 
EPO Central Staff Committee: "The Strategy of the Office Lacks Transparency and Cannot be Understood"
Microsoft and the EPO violate data protection laws
Links 11/03/2025: Spring and Misfin Server
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 10, 2025
IRC logs for Monday, March 10, 2025
Latvia (and Lithuania) Stepping Away From GAFAM, Microsoft
Windows becomes unessential as Android and GNU/Linux rise
Microsoft Layoffs Are Infectious (Don't Get Acquired or Become a Partner)
It seems like companies choosing to become "buddies" with Microsoft are dooming themselves and their products
A Closer Look Inside the EPO, Courtesy of Benoît Battistelli's Submissive Lapdogs Roberta Romano-Götsch and Elodie Bergot
new report comes from the Local Staff Committee Munich (LSCMN)
Links 10/03/2025: Staff Strikes, Mass Layoffs in Gaming Industry
Links for the day
Gemini Links 10/03/2025: "Eat The Rich" and Two-Year Anniversary of the 'Space Elevator' Orbit (Like 'Webring')
Links for the day
Links 10/03/2025: Small Web Praised, LLM Chatbots Exposed as Worse Than Useless Again
Links for the day
A Call for GNU/Linux and BSD Developers to Unite Against GAFAM and the Regime They Empower
We have long encouraged and continue to encourage people who value Software Freedom to altogether boycott GAFAM
[Video] Richard Stallman on the Four Essential Freedoms (Manuel Cuda News, 2025)
Added to a channel several days ago by Manuel Cuda News
Gemini Links 10/03/2025: Realisation About Young People, Punks, and Discord IPO
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 09, 2025
IRC logs for Sunday, March 09, 2025
[Video] Richard Stallman on Understanding the Misconception of So-called 'Artificial Intelligence'
to "know and understand"
FSF's Defective by Design (DBD): Amazon Tightens the Digital Handcuffs
Reproduced verbatim
The Fall of the Open Source Initiative (OSI): Plenty of Issues, Plenty of Censorship
The OSI is abusive on many levels!
EPO Staff Appraisals Apparently Benefit Kakistocracy, Including Cheaters Who Grant Illegal Patents and Punish Good Patent Examiners (Who Find Valid Reasons for Denials)
In prior reports the staff representatives said that rewards typically went to people who granted many patents, i.e. didn't do proper examination and instead just allowed many fake patents get enshrined as EPs, causing fiasco (from which some patent attorneys could profit)
As The Web Gets Drowned Out, Sinking in a Pool of LLM Slop, Real News Sites With Real News Become Increasingly Rare If Not Extinct
This is a real problem
Links 09/03/2025: Moderna Patents Thrown Out, Climate United Sues E.P.A.
Links for the day
Gemini Links 09/03/2025: Lagrange 1.18.5 and Writing Mannerisms
Links for the day
Links 09/03/2025: FiveThirtyEight Killed by Disney, Nature (Journal) Chooses Suicide by Slop
Links for the day
Links 08/03/2025: International Women's Day, Software Patents Being Squashed
Links for the day
Hiding Problems Doesn't Work
transparent organisations will be more stable and sustainable
The Harder They Try to Censor, the Bigger the Scandal (and the Impact) Will Be
We don't plan to self-censor our coverage; sometimes we just delay publication a little
Gemini Links 09/03/2025: Leasehold Derangement Syndrome, Raspberry Pi, and More
Links for the day
All-Time Low for Microsoft in Africa
it helps show how irrelevant Microsoft is becoming
French woman (frontaliere) trafficked to promote unauthorised cross border Swiss insurance
Reprinted with permission from Daniel Pocock
New York Times & Guardian reporting on Modern Slavery Act prosecution of Glodi Wabelua
Reprinted with permission from Daniel Pocock
Diana & Adrian von Bidder-Senn, EVP, Palm Sunday & Debian death on wedding day
Reprinted with permission from Daniel Pocock
The RTO (Return-to-office) Layoffs or 'Soft' Layoffs at IBM and Red Hat
There are certainly many layoffs going on there, but many are described as "resignations" or "retirements" after RTO or some other form of relocation
Under the Pen Name "John O'Donnell" (LLM Slop, Not Real Article or Author) LinuxLinks Pushes Spammy Page
it happened some hours ago.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 08, 2025
IRC logs for Saturday, March 08, 2025