Eye on Microsoft: Windows (In)Security in the News
- Dr. Roy Schestowitz
- 2009-04-24 10:24:19 UTC
- Modified: 2009-04-24 10:24:19 UTC
●
Windows Trojan That Infected Over 3.6 Million PCs Evolves with Worm Behavior
One of the top families of malicious code targeting the Windows platform has evolved with the addition of worm behavior, Microsoft warns. According to data made public via the Microsoft Security Intelligence Report, the Win32/Vundo Trojan infected over 3.6 million computers in the second half of 2008, and occupies the third position in a malware ranking behind Renos and Zlob. Vundo is a family of malware with various components that are designed to serve victims 'out of context' pop-up advertisements following infection. Microsoft warns that the Vundo family of malicious software can also
be used to download and execute arbitrary files.
●
One bot-infected PC = 600,000 spam messages a day
TRACElabs concluded that Rustock and Xarvester, the latter perhaps linked to the down-and-out Srizbi botnet, are the most efficient spam spewers of the nine bots. Each is capable of sending up to 25,000 messages per hour, or 600,000 per day, and 4.2 million per week.
●
Updated research of the largest base of real-world vulnerability data
4. Exploitation - Eighty percent of vulnerability exploits are now available within single digit days after the vulnerability’s public release. In 2008, Qualys Labs logged 56 vulnerabilities with zero-day exploits, including the RPC vulnerability that produced Conficker. In 2009, the first vulnerability released by Microsoft, MS09-001 had an exploit available within seven days. Microsoft’s April Patch Tuesday included known exploits for over 47 percent of the published vulnerabilities. This law had the most drastic change from the Laws 1.0 in 2004, which provided a comfortable 60 days as guidance.
Recent Techrights' Posts
- Microsoft Shares Collapse Again (Down $101), Fifth Round of Microsoft Mass Layoffs in Less Than 100 Days in 2025
- disaster
- Windows Has Fallen to All-Time Lows in Switzerland Since GNU Celebrated 40th Anniversary (GNU’s 40th Birthday in Biel, Switzerland)
- GNU/Linux has been doing well in Switzerland
- One Person's Take on Jef Spaleta, the New Fedora Project Leader
- "With a little searching, I wonder what else may be found regarding Microsoft."
-
- Links 07/04/2025: More Cuts to Science Funding, Snail-speed Internet in Germany
- Links for the day
- Gemini Links 07/04/2025: Leasehold and Safe Gifts
- Links for the day
- In Some Countries, Laptops and Desktops Become a Dying Breed (Even Before Tariffs), Windows Has Nowhere to Go
- expect more GNU/Linux on new and existing laptops
- When the Credibility or 'Quality' of Clients Ceases to Matter, It's About Helping Rich Companies Like Microsoft Censor Critics (No Matter the Risks)
- Bad ideas typically result in undesirable outcomes
- UAE: GNU/Linux and Android at Record Levels, Windows at New Lows and Falling Below Apple
- Even iOS is measured as bigger than Windows this month
- Links 07/04/2025: Reddit Occupied (Social Control Media Controlled by Oligarchy), Demise of Globalisation Ongoing
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Sunday, April 06, 2025
- IRC logs for Sunday, April 06, 2025
- Links 07/04/2025: Leaving Gemini/smolweb and Mastodon Migrations
- Links for the day
- In Iraq, Windows 3.1 (Percent)
- There's also zero
- Links 06/04/2025: Flood, Cool Gemini Capsule, and Long Form
- Links for the day
- Links 06/04/2025: Science, Politics, and Pricier Goods
- Links for the day
- LLM Slop Has Virtually Killed unixmen.com and Many Other Sites
- There's no longer any incentive to write real articles in there
- Sharp Declines for Microsoft Windows in Bangladesh (Pop. ~175,000,000), Big Gains for GNU/Linux
- Microsoft Windows has been having a really hard time in poor countries
- Links 06/04/2025: Fake Reviews, Privatisation Heists, and "AI" as Smokescreen for Impoverishing Humans
- Links for the day
- Taking a Moral Stand Against Strategic Lawsuits Against Public Participation (SLAPPs) and the Worst Offenders/Facilitators
- Any other stance would sidle with moral depravity or moral hazard
- Links 06/04/2025: Many New Acts of Repression and Elements of Financial Depression
- Links for the day
- In Qatar GNU/Linux Rose From Under 1% to Over 4% in Two Years (or Over 5% If Counting ChromeOS)
- It's a big improvement compared to what we saw last year
- LLM Scrapers Are a Nuisance, But They're Also a Reminder It's Time to Make Your Site Static
- Perhaps the best protection is the ability to endure surges
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Saturday, April 05, 2025
- IRC logs for Saturday, April 05, 2025
- Links 06/04/2025: Attacks on Education, Fake Patents, and Fake (Illegal) Patent Courts
- Links for the day
- France: Apple and Microsoft Down, GNU/Linux Up to New Record Levels
- How will tariffs against France impact things in the coming months?
- Open Source Initiative (OSI) Privacy Fiasco in Detail: What Was Reported to the California Privacy Protection Agency (CPPA)
- We hope to finish this whole lot within a week, then move on to election, lobbying etc.
- Links 05/04/2025: Tariffs Backfiring, YouTuber Arrested, X/Twitter Set to be Fined
- Links for the day
- Gemini Links 05/04/2025: Offline is For Everyone, Copyright Colonialism, and More
- Links for the day
- Links 05/04/2025: TikTok Unsold (Still), Royal Society is Dead
- Links for the day
- Techrights Will Spend the Next Few Years Writing a Lot About Strategic Lawsuits Against Public Participation (SLAPPs)
- It's a growing problem
- The State of EPO Staff's Health in Rijswijk or The Hague
- We're going to cover the EPO some more later in the month
- NVIDIA Corp Lost 36% of Its "Value" Since Cheeto Inauguration, But "Gen Hey Hi" (GenAI) is Totally Not a Bubble
- Selling loads of unneeded hardware based on hysterical hype; like selling shovels during a Gold Rush
- GNU/Linux Growing in East Asia, Windows by Default No More?
- GNU/Linux is now on the shelf
- Slopwatch: Anti-Linux 'Articles' From Linux-Hostile LLMs
- It is almost always negative things and nobody can be held responsible for it except the charlatans prompting the LLMs
- Links 05/04/2025: Fentanylware (TikTok) "Sale Looks Highly Imminent" (US), Stock Market Drowning in Panic
- Links for the day
- Gemini Links 05/04/2025: Moving Plants, No to Smartwatches, RAID Hygiene
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, April 04, 2025
- IRC logs for Friday, April 04, 2025