Eye on Microsoft: Windows (In)Security in the News
- Dr. Roy Schestowitz
- 2009-04-24 10:24:19 UTC
- Modified: 2009-04-24 10:24:19 UTC
●
Windows Trojan That Infected Over 3.6 Million PCs Evolves with Worm Behavior
One of the top families of malicious code targeting the Windows platform has evolved with the addition of worm behavior, Microsoft warns. According to data made public via the Microsoft Security Intelligence Report, the Win32/Vundo Trojan infected over 3.6 million computers in the second half of 2008, and occupies the third position in a malware ranking behind Renos and Zlob. Vundo is a family of malware with various components that are designed to serve victims 'out of context' pop-up advertisements following infection. Microsoft warns that the Vundo family of malicious software can also
be used to download and execute arbitrary files.
●
One bot-infected PC = 600,000 spam messages a day
TRACElabs concluded that Rustock and Xarvester, the latter perhaps linked to the down-and-out Srizbi botnet, are the most efficient spam spewers of the nine bots. Each is capable of sending up to 25,000 messages per hour, or 600,000 per day, and 4.2 million per week.
●
Updated research of the largest base of real-world vulnerability data
4. Exploitation - Eighty percent of vulnerability exploits are now available within single digit days after the vulnerability’s public release. In 2008, Qualys Labs logged 56 vulnerabilities with zero-day exploits, including the RPC vulnerability that produced Conficker. In 2009, the first vulnerability released by Microsoft, MS09-001 had an exploit available within seven days. Microsoft’s April Patch Tuesday included known exploits for over 47 percent of the published vulnerabilities. This law had the most drastic change from the Laws 1.0 in 2004, which provided a comfortable 60 days as guidance.
Recent Techrights' Posts
- Open Source Initiative (OSI) Resists Software Freedom, Even by Attacking Its Own
- The OSI is compromised
-
- A Much-Needed Wake-up Call to Users of Wordpress.com, Blogspot, Substack and All Those Other Outsourced (and Centralised) Platforms
- There are several lessons in there
- The UEFI 9/11 - Part II - Campaign of Censorship and Defamation Against Critics
- In dictatorships, humour serves an important role. It's tragic.
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, August 27, 2025
- IRC logs for Wednesday, August 27, 2025
- Slopwatch: linuxsecurity.com, Slopfarms in Google News, and More
- Some readers of ours end up sending us links that are from slopfarms, not realising those are slopfarms
- Gemini Links 27/08/2025: Katrina Memories and Google Versus Software Freedom
- Links for the day
- Links 27/08/2025: Police Against Media Freedom in the UK, Energy-Hungry Countries Targeted by China
- Links for the day
- Microsoft Windows Fell to All-Time Lows in Egypt This Summer, Vista 11 Adoption Decreases While GNU/Linux Increases
- Vista 11 is going down rather than up
- Links 27/08/2025: Microsoft Demoralises Staff With Slop Demands, Leaving Mastodon Explained
- Links for the day
- 12 Hours Ago The Register MS Published a Fake (Paid-for) Article, But This One for a Change Did Not Promote a Ponzi Scheme
- There are also Free software alternatives, but they don't pay The Register MS for "synthetic" so-called 'journalism'
- More People Need to Call Out and Put a Stop to Serial Sloppers
- Unless slopfarms are stopped, people will read and share Microsoft propaganda made by chatbots
- Gemini Links 27/08/2025: Headphones and Tartarus
- Links for the day
- Morale at Microsoft is Terrible (Proprietary Plagiarism Machines Have No Future, LLM Slop is a Bubble)
- The slop sceptics/critics are going to have lots of "told you so" moments
- GNOME "governance issues, staff reduction, etc." amidst Albanian whistleblowing and women trafficking
- Notice the connection to Software Freedom Conservancy (SFC) and GNOME
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, August 26, 2025
- IRC logs for Tuesday, August 26, 2025
- Richard Stallman (RMS) Was Right About "Sideloading" in 1996
- We now have computers that treat booting GNU/Linux like an act of "Sideloading"
- Panama: Windows Down From 97% "Market Share" to Less Than 30%
- In 2009, Windows was measured at 97.24% (compared to 62.32% right now or less than 30% if one also counts Android)
- The UEFI 9/11 - Part I - Introduction to Impending Catastrophe (Microsoft Preventing People From Booting Non-Windows Systems)
- eight-part series
- Why Techrights is Slow Today (Bot Floods)
- We don't know if those bots are connected to LLMs (we have not checked), but that is a possibility
- Slopwatch: DDoS Slop, LinuxBSDos.com Spam, and Slopfarms in Google News, Including webpronews.com
- Among the news we also found fakes, albeit not so much today
- Links 26/08/2025: "Ballooning Debt" in France and "Transnational Repression in the UK"
- Links for the day
- Gemini Links 26/08/2025: Listening to Alcest and Google Doing Evil (Users Installing Software is "Sideloading" and Prohibited)
- Links for the day
- Links 26/08/2025: DNS Tampering and TikTok Layoffs
- Links for the day
- Microsoft's Windows "Market Share" Overestimated
- Microsoft's income sources are shrinking
- We Shall See...
- My wife and I are hardly the first victims of Brett Wilson LLP
- This New Determination on a Case Echoes the Modus Operandi of Microsoft's Serial Strangler vs Techrights (Its Online Decision/Judgment Says Truth and Public Interest Defend the Publisher)
- Noel Anthony Clarke hopefully has enough money left to pay his victims, which include the publishers
- Going Offline
- There was life before the Net
- The Register MS Has Apparently Shut Down Its Office
- It is basically a fake address on the face of it
- There Are Also Expectations of IBM Layoffs Very Soon With "Narrative Control."
- Some of them mention Red Hat and how IBM failed to achieve anything substantial with that acquisition
- After at Least Two Rounds of Mass Layoffs in August Microsoft Said to Have "September Layoff Confirmed - Performance Based"
- Those "M5 level meetings" sound plausible
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Monday, August 25, 2025
- IRC logs for Monday, August 25, 2025