Bonum Certa Men Certa

Conficker is Alive, Windows Vista is Critically Vulnerable and Microsoft Office Likewise

Magaphone
Patchy Tuesdays always get you down



Summary: New evidence for the lingering pattern of vulnerability, arrogance, and lack of responsibility at Microsoft

Conficker has been a colossal PR problem for Microsoft and security headache to its customers. For the uninitiated, here are some previous posts that we wrote about Conficker:



Microsoft would rather pretend that Conficker is history, but it's far from history. In fact, new variants of it are now appearing and Symantec has issued warnings. For the latest details, see:

i. Conficker Worm Strikes Back With New Variant

The Conficker/Downadup worm managed to slither onto millions of PCs worldwide at its height, but after it initially infected a computer it only really acted to spread itself, and didn't cause further harm. Until now.

Symantec reports today that it has found a new variant of the virulent worm that will identify antivirus software or security analysis tools running on the infected PC, and attempt to shut down those programs. This is a strong signal that the worm's mysterious creators haven't abandoned their creation in the face of worldwide attention, as some in the industry have theorized, but may still have plans to make a buck off their work.


ii. Conficker gets upgraded with defenses

Researchers at Symantec have discovered what could be a significant development in the ongoing Conficker worm saga: a new module that is being pushed out to some infected systems.

In a couple of ways, the new component is designed to harden infected machines against an industry consortium that is actively trying to contain the prolific worm. For one, the update targets antivirus software and security analysis tools to prevent them from removing the malware. Not only does it try to disable anti-malware titles, it also goes after programs such as Wireshark and regmon.


It gets worse. The illusion that Windows Vista can be secured is long dead, so no update or upgrade can redeem the user from becoming a zombie (even Vista 7 is open to hijackers [1, 2, 3], long before release). It's the same old routine now that Windows Vista is discovered to be suffering from another "critical" flaw (or set thereof) which has not been patched yet.

March's Patch Tuesday will see yet another critical fix for Microsoft's flagship operating systems.


Users of Microsoft Office will be left vulnerable for at least another month:

Vole said that it will not be fixing a critical Excel vulnerability, which allows attackers to launch malicious code remotely on users' computers via an infected Excel spreadsheet file.


From IDG:

Microsoft Corp. today said it will deliver three security updates on Tuesday, one of them ranked as "critical," but will not fix an Excel flaw that attackers are now exploiting.

All three updates spelled out in today's notice will tackle vulnerabilities in Windows, but as is its practice, Microsoft did not drill any deeper than to specify which versions will be affected.


As usual, Microsoft is hiding the real scale and the real number of vulnerabilities. InformationWeek wrote about this also.

"Our products just aren't engineered for security."

--Brian Valentine, top Windows executive



"It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere."

--Jim Allchin, top Windows executive

Comments

Recent Techrights' Posts

They Want Activists to Just Barely Walk and Eat, Not Do Activism Anymore
It's sort of like the ending of '1984'
Non-Free JavaScript Programs in Banks Aren't Even the Biggest Problem
Technology was supposed to make life easier; in practice, however, for most of us the opposite effect can be observed
Microsoft, Already Borrowing 3 Billion Dollars a Month, is Trying to Cause Many People to Resign
MSN (i.e. Microsoft) and others openly admit it
IBM is Obliterating Fedora
"Fedora releases were shipping with an increasing number of bugs on launch day even while I was using it for a several year stretch."
Red Hat Layoffs Expected in 5 Days (Monday)
"They will announce and proceed with the cuts on 08/11."
 
Links 07/08/2025: Apple Makes False Promises, More Trouble for Microsoft
Links for the day
OSS Didn't Always Mean Open Source Software
"oligarchs all the way down"
The Register MS Does More Microsoft Sez or GitHub Sez (Says) Pieces
60 minutes ago
Quit Perpetuating the Narrative of Gemini Protocol 'Dying' (It's False)
The "whisper campaign" against Gemini Protocol
Criticising Social Control Media in Social Control Media
Many people are quitting Social Control Media (fewer of them announce this in public)
Slopfarms Are Typically Fake News
Slopfarms typically relay falsehoods
Gemini Links 06/08/2025: Replacing a Pocket Watch and Buying in Bulk
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 06, 2025
IRC logs for Wednesday, August 06, 2025
August Hits Microsoft Hard: Dead Divisions, Dead Products, Layoffs Again (on Week 1)
Microsoft's debt is soaring
Slopwatch: Slow Day for LLM Slop, Serial Sloppers Still at It in Their Slopfarms
The Web would be better off if those sites went offline
Links 06/08/2025: Substack in Trouble, Slop Sceptic Shira Perlmutter Seeks Emergency Injunction Pending Appeal
Links for the day
Gemini Links 06/08/2025: Pinephone, Reverse-Engineering, and More
Links for the day
Links 06/08/2025: Faked Values of Slop Companies and Government Bailouts
Links for the day
FOSSY 2025 Conference Safety
The GAFAM-funded FOSSY 2025 is over
Microsoft's Favourite Pay-to-Say 'Analyst' Firm Has Just Collapsed
'Analysts' that helped propel Microsoft to fictional values akin to Ponzi schemes
Ask Google (Jeeves)
What does Google "know", not know, or would rather forget (or embellish)?
They Want You To Talk About Trump or 'The Other Bill' in Relation to Trafficking of Underage Girls for Sexual Exploitation
Just something we wanted to say...
How to Quadruple Your "Goodwill" Value and Grow Your (Wall) Street "Value" From $152B to $4000B Without Producing a Single Successful Product/Service
The longer it goes on for, the bigger the implosion will be
Staying Productive
Two very reputable institutions recently told us they now reckon Microsoft is somehow funding those SLAPPs against us
A Blow for Patent Ambitions of Bill Epsteingate
It's about money
66 Countries Where More People Use iPhones (or iPads) Than Microsoft Windows, According to statCounter Data
a list of countries where iOS now exceeds Windows
Apple's iOS Bigger Than Microsoft Windows in Many Countries
This ought to alarm Microsoft
The Mainstream Media Talks About Spotify Share Price and Price Hikes, Not Its Debt Increasing by About 33% in Just 12 Months
Spotify isn't a company in good shape
New "US Editor for The Register" is 80% Microsoft and Windows
they typically just treat Microsoft like the "Holy Grail" of "IT"
Microsoft is Apparently Sending Gag Orders or NDAs to Staff That Got Laid Off (“We were told not to post on LinkedIn. Not to say anything.”)
The main lies we keep seeing
Richard M. Stallman Has Published AI Memos Since 1980 (45 Years Ago)
Back when the term AI actually meant something
Gemini Links 06/08/2025: BitTorrent and Feedly Bots
Links for the day
Windows All-Time Lows, Android All-Time Highs in Kuwait
New lows for Windows can be found in many countries this month
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 05, 2025
IRC logs for Tuesday, August 05, 2025
Openwashing Slop... Using Slop!
So get ready for "open" "hey hi" with its proprietary models to engage in openwashing, helped by serial sloppers who use the LLMs to produce fake 'articles'.
On "Tragedy of the Commons in the Production of Digital Artifacts"
There's a better way to do things. None of that should involve GAFAM.
Gemini Links 05/08/2025: Opel Zoo near Frankfurt and Alhena 5.2.5
Links for the day
The Inflammatory Influence of Social Control Media Giants
CPC's ByteDance says it's cool
Microsoft v Planet Earth
Is Microsoft profitable?
IRC Turns 37
Internet Relay Chat (short: IRC), which started in 1988, turns 37 this month
Shortly After a Microsofter Took Over The Register as Editor in Chief Microsoft Tim (Tim Anderson) is Back and It's Still Microsoft Propaganda, Sometimes Funded by Microsoft
Notice his focus
Stricter Enforcement of Worker Adjustment and Retraining Notification (WARN) Act is Sorely Needed
Who's keeping track anyway?
Calling Plagiarism "Intelligence" is Pure Genius, Brilliance!
One thing to "like" (or dislike) about LLMs is how they're falsely marketed using various buzzwords
Geminispace Promises Simplicity But Also Provides a "bunch of forums that get flood-filled by agitation against the very essence of Gemini itself"
claims of stagnation in Geminispace started because of a person who spent a long time agitating against GNU/Linux as well
Zimbabweans Aren't Into Windows or Microsoft
This cannot be good news for GAFAM
Microsoft's Washington Layoffs Aren't Everything, They're Definitely Not Happening in Just One State in the US
Washington is just more strict with WARN notices
Gemini Links 05/08/2025: Lagrange v1.18.6, No Stagnation in Geminispace, and Fake Coding (Slop)
Links for the day
The Register's Editor in Chief (Who Left for Google) Told Me "AI" Was a Bubble, But Now The Register Gets Paid to Participate in Inflating This Bubble
A lot of the online media is a scam
The Register is Desperate for Money, According to The Register
I decided to check how they're doing as a business
Some Cola Formulas Aren't Secret, But the Barrier is the Branding
That's the power of the channel/distribution, marketing, and brand recognition (accomplished through endless marketing)
Introducing Mission:Libre and FreeXR (and BreakXR)
efforts that accompany the foundations put there by the Free Software Foundation in 1985
Slopwatch: WebProNews, LinuxSecurity, and Some Success Stories
Google News still has a slopfarm issue
Links 05/08/2025: Hey Hi (AI) Passing Fads and GAFAM "Embracing the Military"
Links for the day
Links 05/08/2025: Samsung and Microsoft Layoffs
Links for the day
Rumours of Mass Layoffs at Red Hat Next Week (August 11th, 2025)
The eleventh means next Monday
IBM is Shutting Down (Piecewise)
IBM is basically being liquidated
The Debian Language Police Department (PD)
"there has never been complaints about anyone that was offended by this -off package"
Tesla's Debt More Than Doubled in 2 Years and the Company Will Operate in the Red (at a Loss) Quite Soon
If your first-quarter net income is $409 million and you borrow billions from banks, plus interest to pay on those loans, then you're not far from returning to losses
When The Register MS Says "Linux Backdoor" It Actually Talks About Malware
The leading story in The Register US/MS this morning is Microsoft
Microsoft Windows Fell to 19% "Market Share" in Montenegro
Microsoft must be well aware of this trend
Why We Also Include Gopher Links in Our Gemini (Protocol) Links
There are still many people who use Gopher to relay their messages (like blog posts). They're mostly technical people.
Shouting is an Indication of a Lack of Convincing Argument
Beware what they are attempting to distract from
Mongolia: Microsoft Windows at All-Time Low
in 2009 when Windows was at 99.45% in Mongolia the company was "worth" less than 200 billion dollars
About a Quarter of Today's "linux" News in Google News Came From One Domain and It's a Slopfarm
Not kidding!
Gemini Links 05/08/2025: Zombie Threat and Switching to NixOS
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, August 04, 2025
IRC logs for Monday, August 04, 2025
ChatGPT in Trouble
Watch out for the newer buzzwords
The Register MS Links to the Wrong statCounter Page
They link to older data
Dr. Andy Farnell Explains How Google Turned From "Librarian" Into "Oracle", Telling Us What to Think Instead of Where to Look
Google was always a lousy librarian
Microsoft Layoffs Continue in August 2025
If Microsoft is doing so well, how come about 10 rounds of layoffs in about 7 months in 2025?