Eye on Microsoft: Ransomware, Botnets, Critical Flaws, and Insecure Microsoft File Types
- Dr. Roy Schestowitz
- 2009-07-28 07:18:43 UTC
- Modified: 2009-07-28 07:18:43 UTC
●
Smut page ransomware Trojan ransacks browsers
Russian cybercrooks have come up with a variant of ransomware scams, which works by displaying an invasive advert for online smut in users' browsers that victims are extorted to pay to remove.
●
The Business of Botnets
Kaspersky Lab released some interesting statistics recently in a technical whitepaper. As part of its research into the cyber-underground, the company took a look at how botmasters are pricing the networks under their control.
●
Microsoft to fix critical hole in IE
In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.
●
Microsoft to Issue Emergency Patches Next Week
The advance notification advisory that Microsoft released about these upcoming patches doesn't say so explicitly, but a spokesperson for the company confirmed that the updates will address a critical security flaw in collection of code that Microsoft uses in a number of places in Windows. Having a vulnerability in this so-called "code library" is especially dangerous because Microsoft also provides this library to third-party software makers to help them build programs that can leverage certain built-in features of Windows.
●
Insecure by design: MS Office formats
You see, when you're opening an Office document today, you're not just opening static words, images, or numbers. You're actually starting a program that uses Microsoft Office as its interpreter. And, no matter whether you're using Word 2,0 formats or the 2008's 7,000+ pages mis-mash of 'standard' ECMA-376 Office Open XML file formats, there is no built-in network security layer. Instead, there is a mis-mash of fixes for one problem or the other.
Also see:
Emergency, Botnets, and No Remedy
Recent Techrights' Posts
- The "Cool Kids" Are Already Using GNU/Linux, Microsoft is Just Cheating
- The future and the present are Linux
- IBM Going International (and India)
- It's Monday and a national holiday
- Microsoft Lunduke Belongs in 4Chan
- Assuming Microsoft Lunduke is aware of the full context, he is now trolling not one but two decent organisations
-
- IBM's Chronic Neglect Won't Save Anything and It Might Even Get IBM Sued
- The problem is likely a lack of manpower, not deliberate shoddiness
- Gemini Links 17/02/2025: Ideal OS, AuraRepo Alpha, and Simple Code
- Links for the day
- Links 17/02/2025: War on Dissent and Bloggers, Nationalism a Growing Theme
- Links for the day
- GeekWire: Microsoft Bribes Us While We Cover Microsoft Affairs (Spin Doctoring), Hence We Are "Independent"
- What good is a "journalist" sponsored by the very same company he or she writes about?
- The Attacks on LinuxQuestions.org
- Going to Clownflare only worsens the problem
- The GNU Manifesto Turns 40 Next Month
- The guardian of Free software (definition, licences, philosophy, hosting and so on) has managed to endure and persevere for 40 years. Very few others can say the same.
- In Europe and in India Richard Stallman Need Not Duck Anymore, People Trying to Cancel His Talk Have No Sway
- the last time a talk by Dr. Stallman got canceled was about a year ago
- Back From a Short Break
- We can now resume and try to stick to the usual pace
- Links 17/02/2025: LLMs Failing and Patreon Support Becoming a Burden to Bloggers
- Links for the day
- Links 17/02/2025: Blogroll Conundrum; Research, Scientists Under Siege
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Sunday, February 16, 2025
- IRC logs for Sunday, February 16, 2025
- Links 16/02/2025: Nostalgia for Physical Media and the US Government Actively Promotes Pro-Kremlin Politicians in the EU
- Links for the day
- Gemini Links 16/02/2025:Life, Cynicism, and languages
- Links for the day
- Links 16/02/2025: Oligarchs "Collect Your Data and Control Your World", Global Temperatures Shoot Up
- Links for the day
- Promoting Microsoft Windows With LLM Slop
- What is the policy at BetaNews regarding LLM slop?
- Alex Oliva, the Potential 'Successor' of RMS, Has a New Web Site
- More freedom for Alex Oliva
- Links 16/02/2025: "Microsoft Is Laying Off Employees" and Internal Dissent Brewing at Facebook Over Regime Complicity
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Saturday, February 15, 2025
- IRC logs for Saturday, February 15, 2025
- Links 15/02/2025: Harms to Health, Public Domain, and More
- Links for the day
- Gemini Links 15/02/2025: On Autistic People, AuraGem Over HTTPS
- Links for the day
- The Cyber Show (C|S) Speaks of the "Rise of the Nerd Reich."
- This 'Valentine Episode' is quite good
- Azure is Turning 17 This Year, Still Losing Money and Staff
- Hallmark of pyramid schemes, deriving "value" out of things that do not really exist?
- Strong Momentum for the Free Software Foundation (FSF) as Winter Approaches Its End in Boston or in the Northern Hemisphere
- FSF's founder, Richard Stallman, gives another talk in Italy in 9 days from now
- The 'Drunken Plagiarists' Are Harming Journalism About GNU/Linux
- They lessen the incentive to do real journalism abut GNU/Linux
- Female Nazis and racist Swiss women
- Reprinted with permission from Daniel Pocock
- Richard Stallman on RISC-V and Free Hardware
- Invidious is under attack by Google
- Links 15/02/2025: Erasing of American Science and Tesla SLAPPing Critics
- Links for the day
- IDG 'Reviews' of GNU/Linux Now Contain LLM Slop
- It's typically ads or commercials... or sometimes spin disguised as news
- Gemini Links 15/02/2025: Spectacles and "Before Sunset", Moving Domains Out of the US
- Links for the day
- Microsoft Has Only $17,482 Million Left, "Cash on Hand" Sank 40 Billion Dollars in 2 Years
- Microsoft runs low on money in the bank
- YouTube Layoffs Mean That YouTube is Still Losing a Lot of Money (Net Income or Profit Almost Definitely Negative)
- In more recent years Google defunded many vloggers
- In Gopher and Gemini Protocol People Abandon Services Based in the United States
- There's no resistance whatsoever
- Python and Microsoft: Pandas Should Have Known OpenDocument Format (ODF) and Microsoft Excel Are Different and Competing Things
- now we're meant to think that in order to open ODF files we need some functions with "Excel" in their name
- Not Only Windows, Surface, and "Hey Hi" PCs; Microsoft's Hardware Ventures Are a Dumpster Fire; HoloLens Mixed Reality Hardware Now Axed Altogether and Staff is Miserable
- Microsoft is in a terrible state
- Certificate Authority (CA) Let's Encrypt Now Down to TEN (0.3% of the Whole) in Geminispace
- The number of capsules that use Let's Encrypt is, according to Lupa, about to fall to single-digit figures
- Links 15/02/2025: University Price Hikes and Copyright Action Against Slop Companies
- Links for the day
- Slopwatch: All Those New 'Articles' Are Fake and Crafted by Chatbots (LLM Slop)
- Google News is promoting these as "Linux" news; they're not even made by humans
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, February 14, 2025
- IRC logs for Friday, February 14, 2025