Eye on Microsoft: Ransomware, Botnets, Critical Flaws, and Insecure Microsoft File Types
- Dr. Roy Schestowitz
- 2009-07-28 07:18:43 UTC
- Modified: 2009-07-28 07:18:43 UTC
●
Smut page ransomware Trojan ransacks browsers
Russian cybercrooks have come up with a variant of ransomware scams, which works by displaying an invasive advert for online smut in users' browsers that victims are extorted to pay to remove.
●
The Business of Botnets
Kaspersky Lab released some interesting statistics recently in a technical whitepaper. As part of its research into the cyber-underground, the company took a look at how botmasters are pricing the networks under their control.
●
Microsoft to fix critical hole in IE
In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.
●
Microsoft to Issue Emergency Patches Next Week
The advance notification advisory that Microsoft released about these upcoming patches doesn't say so explicitly, but a spokesperson for the company confirmed that the updates will address a critical security flaw in collection of code that Microsoft uses in a number of places in Windows. Having a vulnerability in this so-called "code library" is especially dangerous because Microsoft also provides this library to third-party software makers to help them build programs that can leverage certain built-in features of Windows.
●
Insecure by design: MS Office formats
You see, when you're opening an Office document today, you're not just opening static words, images, or numbers. You're actually starting a program that uses Microsoft Office as its interpreter. And, no matter whether you're using Word 2,0 formats or the 2008's 7,000+ pages mis-mash of 'standard' ECMA-376 Office Open XML file formats, there is no built-in network security layer. Instead, there is a mis-mash of fixes for one problem or the other.
Also see:
Emergency, Botnets, and No Remedy
Recent Techrights' Posts
- Richard Stallman (RMS) Talk in Ethereum Cypherpunk Congress Will be Remote
- This past week RMS received lots of accolades online
- Links 28/08/2025: Chatbots Distorting/Fabricating History and Also Driving Suicide
- Links for the day
- Open Source Initiative (OSI) Resists Software Freedom, Even by Attacking Its Own
- The OSI is compromised
-
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, August 28, 2025
- IRC logs for Thursday, August 28, 2025
- Gemini Links 29/08/2025: Poems, Games, and Java 25 Performance
- Links for the day
- Links 28/08/2025: Greenland 'Interferences' by US and Skinnerboxes to Get Banned in Korean Schools
- Links for the day
- The Register MS (Run by Microsoft Operatives): Free Software is Putin, Hence Evil and Dangerous
- The current editor in chief is an American Microsofter, the previous one went to work for Google (US)
- Gemini Links 28/08/2025: Back in Japan and Why "Hacker News" Sucks
- Links for the day
- A Much-Needed Wake-up Call to Users of Wordpress.com, Blogspot, Substack and All Those Other Outsourced (and Centralised) Platforms
- There are several lessons in there
- The UEFI 9/11 - Part II - Campaign of Censorship and Defamation Against Critics
- In dictatorships, humour serves an important role. It's tragic.
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, August 27, 2025
- IRC logs for Wednesday, August 27, 2025
- Slopwatch: linuxsecurity.com, Slopfarms in Google News, and More
- Some readers of ours end up sending us links that are from slopfarms, not realising those are slopfarms
- Gemini Links 27/08/2025: Katrina Memories and Google Versus Software Freedom
- Links for the day
- Links 27/08/2025: Police Against Media Freedom in the UK, Energy-Hungry Countries Targeted by China
- Links for the day
- Microsoft Windows Fell to All-Time Lows in Egypt This Summer, Vista 11 Adoption Decreases While GNU/Linux Increases
- Vista 11 is going down rather than up
- Links 27/08/2025: Microsoft Demoralises Staff With Slop Demands, Leaving Mastodon Explained
- Links for the day
- 12 Hours Ago The Register MS Published a Fake (Paid-for) Article, But This One for a Change Did Not Promote a Ponzi Scheme
- There are also Free software alternatives, but they don't pay The Register MS for "synthetic" so-called 'journalism'
- More People Need to Call Out and Put a Stop to Serial Sloppers
- Unless slopfarms are stopped, people will read and share Microsoft propaganda made by chatbots
- Gemini Links 27/08/2025: Headphones and Tartarus
- Links for the day
- Morale at Microsoft is Terrible (Proprietary Plagiarism Machines Have No Future, LLM Slop is a Bubble)
- The slop sceptics/critics are going to have lots of "told you so" moments
- GNOME "governance issues, staff reduction, etc." amidst Albanian whistleblowing and women trafficking
- Notice the connection to Software Freedom Conservancy (SFC) and GNOME
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, August 26, 2025
- IRC logs for Tuesday, August 26, 2025