Eye on Microsoft: Ransomware, Botnets, Critical Flaws, and Insecure Microsoft File Types
- Dr. Roy Schestowitz
- 2009-07-28 07:18:43 UTC
- Modified: 2009-07-28 07:18:43 UTC
●
Smut page ransomware Trojan ransacks browsers
Russian cybercrooks have come up with a variant of ransomware scams, which works by displaying an invasive advert for online smut in users' browsers that victims are extorted to pay to remove.
●
The Business of Botnets
Kaspersky Lab released some interesting statistics recently in a technical whitepaper. As part of its research into the cyber-underground, the company took a look at how botmasters are pricing the networks under their control.
●
Microsoft to fix critical hole in IE
In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.
●
Microsoft to Issue Emergency Patches Next Week
The advance notification advisory that Microsoft released about these upcoming patches doesn't say so explicitly, but a spokesperson for the company confirmed that the updates will address a critical security flaw in collection of code that Microsoft uses in a number of places in Windows. Having a vulnerability in this so-called "code library" is especially dangerous because Microsoft also provides this library to third-party software makers to help them build programs that can leverage certain built-in features of Windows.
●
Insecure by design: MS Office formats
You see, when you're opening an Office document today, you're not just opening static words, images, or numbers. You're actually starting a program that uses Microsoft Office as its interpreter. And, no matter whether you're using Word 2,0 formats or the 2008's 7,000+ pages mis-mash of 'standard' ECMA-376 Office Open XML file formats, there is no built-in network security layer. Instead, there is a mis-mash of fixes for one problem or the other.
Also see:
Emergency, Botnets, and No Remedy
Recent Techrights' Posts
- Microsoft Shares Collapse Again (Down $101), Fifth Round of Microsoft Mass Layoffs in Less Than 100 Days in 2025
- disaster
- Windows Has Fallen to All-Time Lows in Switzerland Since GNU Celebrated 40th Anniversary (GNU’s 40th Birthday in Biel, Switzerland)
- GNU/Linux has been doing well in Switzerland
- One Person's Take on Jef Spaleta, the New Fedora Project Leader
- "With a little searching, I wonder what else may be found regarding Microsoft."
-
- Links 07/04/2025: More Cuts to Science Funding, Snail-speed Internet in Germany
- Links for the day
- Gemini Links 07/04/2025: Leasehold and Safe Gifts
- Links for the day
- In Some Countries, Laptops and Desktops Become a Dying Breed (Even Before Tariffs), Windows Has Nowhere to Go
- expect more GNU/Linux on new and existing laptops
- When the Credibility or 'Quality' of Clients Ceases to Matter, It's About Helping Rich Companies Like Microsoft Censor Critics (No Matter the Risks)
- Bad ideas typically result in undesirable outcomes
- UAE: GNU/Linux and Android at Record Levels, Windows at New Lows and Falling Below Apple
- Even iOS is measured as bigger than Windows this month
- Links 07/04/2025: Reddit Occupied (Social Control Media Controlled by Oligarchy), Demise of Globalisation Ongoing
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Sunday, April 06, 2025
- IRC logs for Sunday, April 06, 2025
- Links 07/04/2025: Leaving Gemini/smolweb and Mastodon Migrations
- Links for the day
- In Iraq, Windows 3.1 (Percent)
- There's also zero
- Links 06/04/2025: Flood, Cool Gemini Capsule, and Long Form
- Links for the day
- Links 06/04/2025: Science, Politics, and Pricier Goods
- Links for the day
- LLM Slop Has Virtually Killed unixmen.com and Many Other Sites
- There's no longer any incentive to write real articles in there
- Sharp Declines for Microsoft Windows in Bangladesh (Pop. ~175,000,000), Big Gains for GNU/Linux
- Microsoft Windows has been having a really hard time in poor countries
- Links 06/04/2025: Fake Reviews, Privatisation Heists, and "AI" as Smokescreen for Impoverishing Humans
- Links for the day
- Taking a Moral Stand Against Strategic Lawsuits Against Public Participation (SLAPPs) and the Worst Offenders/Facilitators
- Any other stance would sidle with moral depravity or moral hazard
- Links 06/04/2025: Many New Acts of Repression and Elements of Financial Depression
- Links for the day
- In Qatar GNU/Linux Rose From Under 1% to Over 4% in Two Years (or Over 5% If Counting ChromeOS)
- It's a big improvement compared to what we saw last year
- LLM Scrapers Are a Nuisance, But They're Also a Reminder It's Time to Make Your Site Static
- Perhaps the best protection is the ability to endure surges
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Saturday, April 05, 2025
- IRC logs for Saturday, April 05, 2025
- Links 06/04/2025: Attacks on Education, Fake Patents, and Fake (Illegal) Patent Courts
- Links for the day
- France: Apple and Microsoft Down, GNU/Linux Up to New Record Levels
- How will tariffs against France impact things in the coming months?
- Open Source Initiative (OSI) Privacy Fiasco in Detail: What Was Reported to the California Privacy Protection Agency (CPPA)
- We hope to finish this whole lot within a week, then move on to election, lobbying etc.
- Links 05/04/2025: Tariffs Backfiring, YouTuber Arrested, X/Twitter Set to be Fined
- Links for the day
- Gemini Links 05/04/2025: Offline is For Everyone, Copyright Colonialism, and More
- Links for the day
- Links 05/04/2025: TikTok Unsold (Still), Royal Society is Dead
- Links for the day
- Techrights Will Spend the Next Few Years Writing a Lot About Strategic Lawsuits Against Public Participation (SLAPPs)
- It's a growing problem
- The State of EPO Staff's Health in Rijswijk or The Hague
- We're going to cover the EPO some more later in the month
- NVIDIA Corp Lost 36% of Its "Value" Since Cheeto Inauguration, But "Gen Hey Hi" (GenAI) is Totally Not a Bubble
- Selling loads of unneeded hardware based on hysterical hype; like selling shovels during a Gold Rush
- GNU/Linux Growing in East Asia, Windows by Default No More?
- GNU/Linux is now on the shelf
- Slopwatch: Anti-Linux 'Articles' From Linux-Hostile LLMs
- It is almost always negative things and nobody can be held responsible for it except the charlatans prompting the LLMs
- Links 05/04/2025: Fentanylware (TikTok) "Sale Looks Highly Imminent" (US), Stock Market Drowning in Panic
- Links for the day
- Gemini Links 05/04/2025: Moving Plants, No to Smartwatches, RAID Hygiene
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, April 04, 2025
- IRC logs for Friday, April 04, 2025