Eye on Microsoft: Security Issues So Far This Week

Dr. Roy Schestowitz

2009-03-11 13:57:28 UTC
Modified: 2009-03-11 13:57:28 UTC

JUST a quick bunch of links for the curious:

Eset false alarm puts system files on remand

Slovakian anti-virus firm Eset has confirmed that a misfiring virus definition update wrongly labelled Windows system files as infected with malware.

As a result of the dodgy definition key files were identified as a virus and shuffled off into quarantine. Eset said it spotted the problem within minutes and released a new update that was free of the glitch, along with advice on how to unbork affected systems.

[...]

On Monday March 9th 2009 at 5:52 CET, ESET released an update of our heuristics v.1091 together with standard virus definition update no. 3918. An error in the heuristics caused a malfunction in the Windows operating system by false identification of several system files including dllhost.exe, and msdtc.exe, which were catalogued as Win32/Kryptik.JX.

Microsoft Fixes Critical Windows Image Flaw

The flaw, MS09-006, involves the way the Windows kernel handles WMF and EMF (Windows Metafile and Enhanced Metafile) images. Simply viewing such an image on an unpatched PC would allow an attacker to execute any command, such as downloading and installing malware, and the risk is rated critical for Windows 2000, XP, Server 2003, Vista and Server 2008.

African executable raises Symantec hackles

TECH BLOGS AND FORUMS are ablaze with panic over an unidentified executable file which is being flagged by Norton's security software.

It's not known whether the file, which some have reported trying to phone home to Africa, is malicious in any way, but the folks at Symantec aren't helping matters by reportedly deleting any posts or queries relating to the problem on their own forums.

Panda: ID Theft Trojans Are on 1 in 100 PCs We Scan

Perhaps as many as ten million PCs are infected with sneaky programs designed to steal sensitive financial information, antivirus vendor Panda Security reports.

More to come later. ⬆

Also this year:

Recent Techrights' Posts

Open Source Initiative (OSI) Privacy Fiasco in Detail: The OSI Does Not Respect Anybody's Privacy: The surveillance mafia that bans dissent or key people (even co-founders) with dissenting views
Link between institutional abuse, Swiss jurists, Debianism and FSFE: Reprinted with permission from Daniel Pocock
LLM Slop Piggybacking News About GNU/Linux and Distorting It: new examples
Links 31/03/2025: Press and Democracy Under Further Attacks in the US, Attitudes Towards Slop Sour: Links for the day
Gemini Links 31/03/2025: More X-Filesposting and Dreaming in Emacs: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, March 30, 2025: IRC logs for Sunday, March 30, 2025
Links 30/03/2025: Security Breaches, Crackdowns on Dissent/Rival Politicians: Links for the day
Gemini Links 30/03/2025: London Soundtrack Festival, Superbloom, gmiCAPTCHA: Links for the day
Phasing Out Vista 10 in Nations Where ~90% of Windows Users Still Rely on It: Recipe for another Microsoft disaster
The Cost of Pursuing the Much-Needed Reform/Shield Against Strategic Lawsuits Against Public Participation (SLAPPs): “It is curious that physical courage should be so common in the world and moral courage so rare.”
The LLM Bubble is About to Implode, Gimmicks and Financial Shell Games Cannot Prevent That, Only Delay It: To inflate the bubble MElon is now doing the classic trick of buying from oneself for a fictional value
Links 30/03/2025: Contagious Ideas, Signal Leak, and Squashing Lousy Patents: Links for the day
Links 30/03/2025: "Quantum Randomness" and "F-1 Visa Revoked" in US: Links for the day
Gemini Links 30/03/2025: US as a Threat, Returning to the WWW: Links for the day
Links 30/03/2025: Judge Blocks Dismantling Of VOA, Turkey Arrested Many Journalists: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, March 29, 2025: IRC logs for Saturday, March 29, 2025
Judges Would Never Rule for Men Who Strangle Women or Against Women Who Merely Wrote Articles About Abuse They Had Received From Men: We don't intend to do "trial by media", so we won't be disclosing claims and defences until it's over
Windows is an Unnatural Disaster, It is Also Avoidable: there's a wide window of opportunity opening
Gemini Links 29/03/2025: Less YouTube and More Station: Links for the day
In Some Countries, Such as Thailand, Firefox is Already Measured at Less Than 2% (One Day Firefox Will Get Blocked, Not Only Lack Support): Web consolidation around Chrom-isms will doom the Web as we know it
Killing the News With Spam and Slop Benefits Those Whose Desire is an Uninformed Population: adoption of Free software depends indirectly on political activities/activism
Links 29/03/2025: Trademarks Battles, Fires Destroy More Than 3,000 South Korean Homes: Links for the day
Open Source Initiative (OSI) Privacy Fiasco in Detail: An Introduction: Perhaps tomorrow or perhaps next week we'll share more information about what happened and what was reported to the California Privacy Protection Agency
Links 29/03/2025: More Crackdowns on Science, "Hey Hi" Slopping is Flopping: Links for the day
IBM's BS (Bait, Switch) Regarding Ways to Stay Onboard: PIPs, RTOs, and forced relocations are just an illusion of choice (or ability to recover)
Costa Rica Almost Bankrupt Because of Microsoft: the incidents in Costa Rica are Windows incidents
Gemini Links 29/03/2025: Art of Looking, Wireguard, EMacs: Links for the day
Links 29/03/2025: Attacks on Social Security and War Updates: Links for the day
Banned evidence: Ars Technica forums censored email predicting DebConf23 death, Abraham Raji & Debian cover-up: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, March 28, 2025: IRC logs for Friday, March 28, 2025