2X on “One of the Biggest Security Vulnerabilities in the Windows OS for Many Years”

Dr. Roy Schestowitz

2010-02-25 22:23:59 UTC
Modified: 2010-02-25 22:23:59 UTC

Summary: New security policies sought by politicians as a 10-year old Windows flaw surfaces

A FEW days ago we wrote about the enormous cost of Windows being as insecure as it is. A 10-year old flaw has been reported in Windows and this one firm considers it perhaps the worst in a decade. Not everyone agrees, but here is the claim anyway.

A new Windows-based denial of service attacks reportedly exploits a 10-year old OS flaw to crash vulnerable systems.

[...]

2X, which is not well known in the world of information security research, issued a press release over its discovery on Wednesday billing it "one of the biggest security vulnerabilities in the Windows OS for many years".

The state of Windows botnets is alarming authorities:

The official British view casts ongoing talks between the US and Russia - aimed at fostering cooperation between states on internet security and agreeing ground rules - in a pessimistic light.

[...]

"The increasing sophistication of criminal cyber tools and the availability of cheap, fast broadband will mean that states are able to achieve their aims by hiring criminal botnets to carry out DDOS or other attacks on their enemies' infrastructure."

Governments may use this to pass new draconian laws and Microsoft can pass discriminatory measures to address a problem that its own negligence [1, 2, 3] has created. The US cybersecurity czar is former Microsoft employee Howard Schmidt [1, 2, 3], so this new US push for "government cybersecurity authority" might be trouble for Free desktops. ⬆

How We Process Screenshots of Slop to Suitably Tag Them as Slop: everything is a single command
Seductive Mirage or Allure of Complex, Proprietary Coffee Machines (or Similar White Elephants): Software is a lot like those things
Team GNOME Has Libeled Me for Nearly 20 Years: we are not dealing with sane people
Experience With Airlines in 'Web Sites' and in 'Apps': In a lot of ways, Stallman Was Right about what JavaScript would turn out to be
Open Does Not Mean Free: wiser to ask if some program is freedom-respecting
The Register MS Takes Money From Companies Banned by the Biden and Trump Administrations (National Security Risk): today's sponsor
Sabotaging GNU/Linux PCs (and Users) is Not a 'Joke': maybe cruelty is the very objective
Links 11/08/2025: Data Breaches, Politics, and Climate: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, August 10, 2025: IRC logs for Sunday, August 10, 2025
Gemini Links 11/08/2025: Tea Caffeine Hot and Super ZZ Zero: Links for the day
Slopwatch: LinuxSecurity, Brian Fagioli, and Other Serial Sloppers: Maybe Microsoft wants to dub this "Web5"
Gemini Links 10/08/2025: Residents Management Company, Automation, and Politics: Links for the day
Links 10/08/2025: AOL Ending Dial-up: Links for the day
Links 10/08/2025: Webrings, “AI Sunglasses” and “AI Eyeglasses”, US Administration Intensifies Attacks on Science and Research: Links for the day
Sometimes Newer is Worse: We generally need to reject this dumb notion that "old" means bad
The Code Used to Make Techrights Fits on a Seventh of a Floppy Disk (or 100KB When Compressed): For the sake of comparison I've just downloaded the latest version of WordPress. The ZIP file is 27.2MB in size, or ~27,200KB.
What They Tell Young Programmers: Coding in 2025
Simpler is Better When Simple is Enough: Over-complicating things to "sell" new versions is so 1990s
Links 10/08/2025: From Social Control Media to Prison, New Examples of Windows TCO: Links for the day
Sloppy Reporting About Slop, or How The Register MS Lowers Its Standards: Maybe the management isn't even aware of this
IBM's Strategy: Cull 'Expensive' Workers, Replace Them With Cheaper Ones: So far we saw not even one rebuttal or challenge to the claim of Red Hat layoffs scheduled for tomorrow
If You Attack Somebody Too Much You Legitimise and Strengthen That Somebody: at the end those attacks add up to a "martyr" status
The Man Who Helped Microsoft Kill Linux is Trying to Delay Our Lawsuits Against Him: By conservative estimates, and based on court documents submitted by them, they're prepared to spend over a million dollars on lawyers, fighting against me and my wife
Gemini Links 10/08/2025: Gen Con 2025 and Framework Laptop: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, August 09, 2025: IRC logs for Saturday, August 09, 2025
The Register MS (Microsoft) or The Register AI (Slop)?: What a slopfest!
Is Red Hat About to Give the Boot to GNOME People Who Helped Microsoft 'Secure' (Monopolised) Boot?: It was always a dumb idea to play along with Microsoft's hardware mischief
Sales of Windows on PCs (Windows Licences) Go Down: Microsoft has a big problem in its hands
The Hype That Microsoft and The Register MS (Among Others) Promote Helps Stage DDoS Attacks on Free Software Sites: Microsoft is, to put it bluntly, pure evil
The Goal of Coopetition Assumes You're Friends: it will never work with Microsoft
Links 09/08/2025: Putin Allegedly to Visit Alaska (Which He Deems Part of Russia), Mike Tyson Sued for Copyright Infringement: Links for the day
Slopwatch: Linux Journal, LinuxSecurity, and Google News With Its Slopfarms of Choice: SEO spam, made with LLMs
Follow the Money: The Register MS Gets Paid to Promote "Hey Hi" Ponzi Scheme/Hype, Some Fake 'Articles' Might Be Composed by LLMs Already: paid to promote slop
Gemini Links 09/08/2025: Rethinking Aliases and Posting on Gopher vs. the Web: Links for the day
Links 09/08/2025: Apollo 13 Astronaut Jim Lovell Dies, Slop Future Bleak: Links for the day
After Shutting Down Studios, Divisions, Applications (e.g. Skype) Microsoft is Also Shutting Down 'Apps': Cuts all around as layoffs persist this month, Microsoft tries to get many people to resign, and debt skyrockets
Most of Geminispace Can Probably Fit on a CD-ROM or a DVD (the Textual Part): If one excludes very large capsules and ones that contain non-textual contenty
Eventually UEFI 'Secure Boot' Will be Dropped (Users Will Demand Its Removal and Boycott Its Pushers): we expect OEMs will just listen to users
The Register MS: We Know Slop is a Bubble and Mindless Hype, But We Get Paid to Participate: Call out the culprits
Hate Mail From Anonymous Cowards: if this persists, we'll need to escalate
There Are Probably Over a Million Pages in Geminispace: there are two many limitations which merit a mention when it comes to assessing magnitude
Informal Open Letter to the Lawyer of the Microsofters (on Who's Funding the SLAPPs Against Techrights): Whenever I ask about the funding they try to change the subject and act all aggressive
Microsoft Lunduke is Just Provoking People for Provocation's Sake: Be forewarned and remember where this guy came from: Microsoft
Besieged by Plagiarists Who Play With LLMs and Image Fusions: We really need to exercise or use our collective voice to oppose Serial Sloppers
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, August 08, 2025: IRC logs for Friday, August 08, 2025
Gemini Links 09/08/2025: Water Painting and Political Violence: Links for the day

2X on “One of the Biggest Security Vulnerabilities in the Windows OS for Many Years”

Recent Techrights' Posts