Eye on Microsoft: Emergency, Botnets, and No Remedy

Dr. Roy Schestowitz

2009-07-26 08:50:30 UTC
Modified: 2009-07-26 08:50:30 UTC

Summary: Self-explanatory news about Microsoft and security

● Microsoft to issue emergency patches next week

Microsoft plans to issue two emergency patches next week that fix vulnerabilities in the Internet Explorer browser and Visual Studio developer suite that allow attackers to remotely execute malware.

● Software Crackdown

Cyber attacks seem to be getting more sophisticated by the hour. A few weeks ago malware known as Zero Day was found to have exploited a vulnerability in Microsoft's Windows operating system that could allow online criminals to take control of a computer from anywhere in the world without being detected. The operation involved what is known as "drive by" attacks, in which visitors to legitimate Web sites are redirected to a page that secretly downloads the malicious software.

● Microsoft admits it can't stop Office file format hacks

Microsoft's plan to "sandbox" Office documents in the next version of its application suite is an admission that the company can't keep hackers from exploiting file format bugs, a security analyst said today.

Comments

David Gerard

2009-07-26 19:01:17

Of course it's the formats! That's why every format vulnerability in MS Office is also found in OpenOffice.org ... oh wait, no they aren't. Gosh, it couldn't be crappy programming, or not validating untrusted input, or anything like that? I must be a zealot to think it.

Roy Schestowitz

2009-07-26 19:28:25

Yes, given more time I would have said something about the format issues.

Forget about malicious programs. When we have binary formats we also deal with malicious file formats and files that become malicious when merely interpreted, not executed.

David Gerard

2009-07-26 20:33:59

The real problem is that:

(a) in the '90s, Microsoft made a lot of their file formats dumps of C structs, for performance reasons;

(b) when this became incredibly hazardous with the Internet, and computers were powerful enough to check for malicious input ... they just kept on using the old code.

Then their master stroke of putting a complete programming language inside Office, thus inventing the macro virus.

Then their other master stroke of programs that execute any random instructions they happen to find in EMAIL MESSAGES.

INNOVATION!

Red Hat Layoffs Expected in 5 Days (Monday): "They will announce and proceed with the cuts on 08/11."
They Want You To Talk About Trump or 'The Other Bill' in Relation to Trafficking of Underage Girls for Sexual Exploitation: Just something we wanted to say...
How to Quadruple Your "Goodwill" Value and Grow Your (Wall) Street "Value" From $152B to $4000B Without Producing a Single Successful Product/Service: The longer it goes on for, the bigger the implosion will be
Staying Productive: Two very reputable institutions recently told us they now reckon Microsoft is somehow funding those SLAPPs against us
66 Countries Where More People Use iPhones (or iPads) Than Microsoft Windows, According to statCounter Data: a list of countries where iOS now exceeds Windows
Windows All-Time Lows, Android All-Time Highs in Kuwait: New lows for Windows can be found in many countries this month
August Hits Microsoft Hard: Dead Divisions, Dead Products, Layoffs Again (on Week 1): Microsoft's debt is soaring
Slopwatch: Slow Day for LLM Slop, Serial Sloppers Still at It in Their Slopfarms: The Web would be better off if those sites went offline
Links 06/08/2025: Substack in Trouble, Slop Sceptic Shira Perlmutter Seeks Emergency Injunction Pending Appeal: Links for the day
Gemini Links 06/08/2025: Pinephone, Reverse-Engineering, and More: Links for the day
Links 06/08/2025: Faked Values of Slop Companies and Government Bailouts: Links for the day
FOSSY 2025 Conference Safety: The GAFAM-funded FOSSY 2025 is over
Microsoft's Favourite Pay-to-Say 'Analyst' Firm Has Just Collapsed: 'Analysts' that helped propel Microsoft to fictional values akin to Ponzi schemes
Ask Google (Jeeves): What does Google "know", not know, or would rather forget (or embellish)?
A Blow for Patent Ambitions of Bill Epsteingate: It's about money
Apple's iOS Bigger Than Microsoft Windows in Many Countries: This ought to alarm Microsoft
The Mainstream Media Talks About Spotify Share Price and Price Hikes, Not Its Debt Increasing by About 33% in Just 12 Months: Spotify isn't a company in good shape
New "US Editor for The Register" is 80% Microsoft and Windows: they typically just treat Microsoft like the "Holy Grail" of "IT"
Microsoft is Apparently Sending Gag Orders or NDAs to Staff That Got Laid Off (“We were told not to post on LinkedIn. Not to say anything.”): The main lies we keep seeing
Richard M. Stallman Has Published AI Memos Since 1980 (45 Years Ago): Back when the term AI actually meant something
Gemini Links 06/08/2025: BitTorrent and Feedly Bots: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 05, 2025: IRC logs for Tuesday, August 05, 2025
Openwashing Slop... Using Slop!: So get ready for "open" "hey hi" with its proprietary models to engage in openwashing, helped by serial sloppers who use the LLMs to produce fake 'articles'.
On "Tragedy of the Commons in the Production of Digital Artifacts": There's a better way to do things. None of that should involve GAFAM.
Gemini Links 05/08/2025: Opel Zoo near Frankfurt and Alhena 5.2.5: Links for the day
The Inflammatory Influence of Social Control Media Giants: CPC's ByteDance says it's cool
Microsoft v Planet Earth: Is Microsoft profitable?
IRC Turns 37: Internet Relay Chat (short: IRC), which started in 1988, turns 37 this month
Shortly After a Microsofter Took Over The Register as Editor in Chief Microsoft Tim (Tim Anderson) is Back and It's Still Microsoft Propaganda, Sometimes Funded by Microsoft: Notice his focus
Stricter Enforcement of Worker Adjustment and Retraining Notification (WARN) Act is Sorely Needed: Who's keeping track anyway?
Calling Plagiarism "Intelligence" is Pure Genius, Brilliance!: One thing to "like" (or dislike) about LLMs is how they're falsely marketed using various buzzwords
Geminispace Promises Simplicity But Also Provides a "bunch of forums that get flood-filled by agitation against the very essence of Gemini itself": claims of stagnation in Geminispace started because of a person who spent a long time agitating against GNU/Linux as well
Zimbabweans Aren't Into Windows or Microsoft: This cannot be good news for GAFAM
Microsoft's Washington Layoffs Aren't Everything, They're Definitely Not Happening in Just One State in the US: Washington is just more strict with WARN notices
Gemini Links 05/08/2025: Lagrange v1.18.6, No Stagnation in Geminispace, and Fake Coding (Slop): Links for the day
The Register's Editor in Chief (Who Left for Google) Told Me "AI" Was a Bubble, But Now The Register Gets Paid to Participate in Inflating This Bubble: A lot of the online media is a scam
The Register is Desperate for Money, According to The Register: I decided to check how they're doing as a business
Some Cola Formulas Aren't Secret, But the Barrier is the Branding: That's the power of the channel/distribution, marketing, and brand recognition (accomplished through endless marketing)
Introducing Mission:Libre and FreeXR (and BreakXR): efforts that accompany the foundations put there by the Free Software Foundation in 1985
Slopwatch: WebProNews, LinuxSecurity, and Some Success Stories: Google News still has a slopfarm issue
Links 05/08/2025: Hey Hi (AI) Passing Fads and GAFAM "Embracing the Military": Links for the day
Links 05/08/2025: Samsung and Microsoft Layoffs: Links for the day
Rumours of Mass Layoffs at Red Hat Next Week (August 11th, 2025): The eleventh means next Monday
IBM is Shutting Down (Piecewise): IBM is basically being liquidated
The Debian Language Police Department (PD): "there has never been complaints about anyone that was offended by this -off package"
Tesla's Debt More Than Doubled in 2 Years and the Company Will Operate in the Red (at a Loss) Quite Soon: If your first-quarter net income is $409 million and you borrow billions from banks, plus interest to pay on those loans, then you're not far from returning to losses
When The Register MS Says "Linux Backdoor" It Actually Talks About Malware: The leading story in The Register US/MS this morning is Microsoft
Microsoft Windows Fell to 19% "Market Share" in Montenegro: Microsoft must be well aware of this trend
Why We Also Include Gopher Links in Our Gemini (Protocol) Links: There are still many people who use Gopher to relay their messages (like blog posts). They're mostly technical people.
Shouting is an Indication of a Lack of Convincing Argument: Beware what they are attempting to distract from
Mongolia: Microsoft Windows at All-Time Low: in 2009 when Windows was at 99.45% in Mongolia the company was "worth" less than 200 billion dollars
About a Quarter of Today's "linux" News in Google News Came From One Domain and It's a Slopfarm: Not kidding!
Gemini Links 05/08/2025: Zombie Threat and Switching to NixOS: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, August 04, 2025: IRC logs for Monday, August 04, 2025
ChatGPT in Trouble: Watch out for the newer buzzwords
The Register MS Links to the Wrong statCounter Page: They link to older data
Dr. Andy Farnell Explains How Google Turned From "Librarian" Into "Oracle", Telling Us What to Think Instead of Where to Look: Google was always a lousy librarian
Microsoft Layoffs Continue in August 2025: If Microsoft is doing so well, how come about 10 rounds of layoffs in about 7 months in 2025?
Microsoft and Windows Have Many Back Doors, But LLM Slop Keep Claiming That Linux Has "Backdoor": It's another example of LLM slop as FUD amplifier, via slopfarms as well
In Many Countries Vista 11 Adoption Stalled or Became Negative: Not just because people move to GNU/Linux
Microsofters' Lawyers Are Name-calling and Insulting Microsoft Critics, Even Their Spouses: How not to win arguments
Flagging or Tagging Slop That We Find Online: Right now we use ImageMagick
Links 04/08/2025: Very Bad Weather and Travel Restrictions in China: Links for the day
Gemini Links 04/08/2025: Misiamisia and Mobile Linux: Links for the day
Microsoft's Stock is Like a Religion, Microsoft Goes Into 'Hiding' (From Shareholders): like a religious person or devout believer, the media just parrot anything Microsoft says
Links 04/08/2025: 80 Years Since Last Nuclear War, IPv6 in China: Links for the day
Groklaw Static Site Relaunches With New Theme, But Many Pages and All the Comments Are Missing: We suppose that's still a lot better than the site being offline, as it was for several months
"For Five decades; For freedoms; For all users" (Original EMACS Turns 50 Next Year): Linus Benedict Torvalds was only 6 when EMACS started
In Spain, Microsoft's Search Engine Market Share Fell to 2%: 16 years have passed since Bing was introduced
Protecting GNU/Linux-Centric Journalism From Serial Sloppers: Unoriginal slop is taking away traffic from the people who did all the real work
It Looks Like Managers at Oracle Now Use LLM Slop to Write Blog Posts: Did he cheat by prompting LLMs for mindless text "filler"?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, August 03, 2025: IRC logs for Sunday, August 03, 2025
Gemini Links 04/08/2025: Qubes OS and Curious crypto case of certificates (CCCC): Links for the day

Eye on Microsoft: Emergency, Botnets, and No Remedy

Comments

Recent Techrights' Posts