Eye on Microsoft: Emergency, Botnets, and No Remedy
- Dr. Roy Schestowitz
- 2009-07-26 08:50:30 UTC
- Modified: 2009-07-26 08:50:30 UTC
Summary: Self-explanatory news about Microsoft and security
●
Microsoft to issue emergency patches next week
Microsoft plans to issue two emergency patches next week that fix vulnerabilities in the Internet Explorer browser and Visual Studio developer suite that allow attackers to remotely execute malware.
●
Software Crackdown
Cyber attacks seem to be getting more sophisticated by the hour. A few weeks ago malware known as Zero Day was found to have exploited a vulnerability in Microsoft's Windows operating system that could allow online criminals to take control of a computer from anywhere in the world without being detected. The operation involved what is known as "drive by" attacks, in which visitors to legitimate Web sites are redirected to a page that secretly downloads the malicious software.
●
Microsoft admits it can't stop Office file format hacks
Microsoft's plan to "sandbox" Office documents in the next version of its application suite is an admission that the company can't keep hackers from exploiting file format bugs, a security analyst said today.
Recent Techrights' Posts
- Microsoft-Sponsored Xenophobia and Nationalism
- IBM is very similar in this regard
- Tentative Summary of Things to Publish in Project 2030
- I'll still be in my forties by then
- Rust People: Drain the Swap, You're Holding It Wrong
- Does Rust make sense?
-
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Saturday, September 20, 2025
- IRC logs for Saturday, September 20, 2025
- Gemini Links 20/09/2025: Snowy Photos and utism is a Spectrum
- Links for the day
- Vintage is Sometimes Better
- Why can't we get back to "simple" if (or where) "simple" means better?
- Climate Breakdown Means We'll be Publishing More, Not Less
- Press freedom will be a common, recurring theme
- Our 5-Year Geminispace Anniversary is Coming Up
- I still remember when Gemini Protocol was quite new
- It's Right to Point Out Violence From the Right
- Violence is a recurring theme
- Web Browsers That "Do Hey Hi" (AI)
- State-of-the-art plagiarism or "autocomplete on steroids" (not coined by us, nevertheless a nice description) don't have much/any prospect
- Links 20/09/2025: Hardware Projects in View, Some Independent Publishers About Russia Prosper After Cheeto Cuts Funding
- Links for the day
- Gemini Links 20/09/2025: Options and TV Time Machine
- Links for the day
- Links 20/09/2025: Retrocomputer, Antique Phone Experience, and More
- Links for the day
- Links 20/09/2025: Internet Shutdowns, Media Censorship, and Climate Worries
- Links for the day
- About 700 New Gemini Capsules in 13 Months (or 54 Per Month)
- 4.8K would represent a 20% increase
- Techrights the Name Turns 15
- About 6 weeks from now we turn 19
- Microsoft is Running Out of Time and Floating Fake Figures, Fake Projects, Fake Narratives, Fake Excuses
- Also, a lot of Microsoft's "revenue" claims are circular financing (i.e. Microsoft buying from itself, which means Ponzi-like fraud)
- Slopwatch: LinuxSecurity, linuxconfig.org, and Plagiarised Phoronix
- Many articles out there are nowadays fake
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, September 19, 2025
- IRC logs for Friday, September 19, 2025
- Gemini Links 20/09/2025: Navigating the Pressures of Modern Life and SpellBinding Accidentally Wrote Another Gemini Server
- Links for the day
- Links 19/09/2025: Press Freedom Dying in US, Anti-Austerity Strikes in France, and Alan Rusbridger to Leave 'Prospect'
- Links for the day
- European Patent Office Illegally Gutting and Outsourcing Its Functions, Acting Like an Above-the-Law Commercial Business (It Won't Stop at Formalities Officers (FOs) and Classification Slop at the EPO)
- breaking/violating laws and conventions
- Offloading to the Sister Site
- In the interest of not overwhelming readers
- Links 19/09/2025: Coffee Club and "SpellBinding is Now Absurdly Fast"
- Links for the day
- Links 19/09/2025: Lobbyist of American GAFAM Becomes Data Protection Commissioner in Europe
- Links for the day
- Links 19/09/2025: Media Freedom Ceases to Exist in US, "Consider Dropping Twitter/X"
- Links for the day
- Gemini Links 19/09/2025: Thinking and Insect Bites
- Links for the day
- Microsoft E.E.E.: Git Will Now (or Very Soon) Fully Depend on Rust, Which is Controlled by Microsoft
- Microsoft now makes Git dependent on Rust, or making Git dependent on GitHub, which is proprietary
- The Right to Punch People (Apparently)
- At Brett Wilson, Brett's job title is "Head of Crime" and Wilson normalises calls for violence
- Slop or Fake Articles Have Turned Linux Journal From a Pioneering/Trailblazing "Linux" Magazine Into a Nuisance
- some sites with former reputation - good reputation - turn into cesspools
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, September 18, 2025
- IRC logs for Thursday, September 18, 2025
Comments
David Gerard
2009-07-26 19:01:17
Roy Schestowitz
2009-07-26 19:28:25
Forget about malicious programs. When we have binary formats we also deal with malicious file formats and files that become malicious when merely interpreted, not executed.
David Gerard
2009-07-26 20:33:59
(a) in the '90s, Microsoft made a lot of their file formats dumps of C structs, for performance reasons;
(b) when this became incredibly hazardous with the Internet, and computers were powerful enough to check for malicious input ... they just kept on using the old code.
Then their master stroke of putting a complete programming language inside Office, thus inventing the macro virus.
Then their other master stroke of programs that execute any random instructions they happen to find in EMAIL MESSAGES.
INNOVATION!