Eye on Security: Windows is Vulnerable, GNU/Linux is Not
- Dr. Roy Schestowitz
- 2010-06-11 21:17:22 UTC
- Modified: 2010-06-11 21:17:22 UTC
Summary: Today's examples of security weaknesses in Windows (which help justify Google's recent abandonment of Windows on the desktop)
●
Microsoft Security Vulnerability Disclosed (no
silent patches yet?)
Microsoft was left racing to patch a Windows Help and Support Center vulnerability after Tavis Ormandy, an information security researcher who's charged with keeping Google's products secure, Thursday publicly disclosed both the bug as well as proof-of-concept attack code.
Ormandy reportedly informed Microsoft of the vulnerability on Saturday, June 5, and Microsoft acknowledged receipt the same day. Five days later, however, Ormandy went public with a posting to the Full Disclosure mailing list. Later that day, Microsoft issued its own vulnerability announcement.
●
Bug gives attackers complete control of Windows PCs [
via]
A security researcher has warned of a vulnerability in older versions of the Windows operating system that allows attackers to take full control of a PC by luring its user to a booby-trapped website.
The flaw resides in the Windows Help and Support Center, a feature that provides users with online technical support. Malicious hackers can exploit the weakness of Windows by embedding commands in web addresses that activate the feature's remote assistance tool, which allows administrators to execute commands over the internet. The exploit works in XP and Server 2003 versions of Windows and possibly others.
●
Malware Squared
Use browsers and operating systems that are more secure. Get away from the monopoly OS that is the main target of attacks. Cut down your risk by a factor of 1000 or so by a single step, migrating to GNU/Linux. It makes sense.
Recent Techrights' Posts
- Why the Articles From Daniel Pocock (FSFE, Fedora, Debian Etc. Insider) Still Matter a Lot
- Revisionism will try to suggest that "it's not true" or "not true anymore" or "it's old anyway"...
- Who really owns Debian: Ubuntu or Google?
- Reprinted with permission from disguised.work
-
- Gemini Links 03/05/2024: Diaspora Still Alive and Fight Against Fake News
- Links for the day
- [Meme] Reserving Scorn for Those Who Expose the Misconduct
- they like to frame truth-tellers as 'harassers'
- Links 03/05/2024: Canada Euthanising Its Poor and Disabled, Call for Julian Assange's Freedom
- Links for the day
- Dashamir Hoxha & Debian harassment
- Reprinted with permission from disguised.work
- Maria Glukhova, Dmitry Bogatov & Debian Russia, Google, debian-private leaks
- Reprinted with permission from disguised.work
- Keeping Computers at the Hands of Their Owners
- There's a reason why this site's name (or introduction) does not obsess over trademarks and such
- In May 2024 (So Far) statCounter's Measure of Linux 'Market Share' is Back at 7% (ChromeOS Included)
- for several months in a row ChromeOS (that would be Chromebooks) is growing
- Links 03/05/2024: Microsoft Shutting Down Xbox 360 Store and the 360 Marketplace
- Links for the day
- Evidence: Ireland, European Parliament 2024 election interference, fake news, Wikipedia, Google, WIPO, FSFE & Debian
- Reprinted with permission from Daniel Pocock
- Enforcing the Debian Social Contract with Uncensored.Deb.Ian.Community
- Reprinted with permission from Daniel Pocock
- Gemini Links 03/05/2024: Antenna Needs Your Gemlog, a Look at Gemini Get
- Links for the day
- IRC Proceedings: Thursday, May 02, 2024
- IRC logs for Thursday, May 02, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- Jonathan Carter & Debian: fascism hiding in broad daylight
- Reprinted with permission from disguised.work
- Gunnar Wolf & Debian: fascism, anti-semitism and crucifixion
- Reprinted with permission from disguised.work
- Links 01/05/2024: Take-Two Interactive Layoffs and Post Office (Horizon System, Proprietary) Scandal Not Over
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, May 01, 2024
- IRC logs for Wednesday, May 01, 2024
- Embrace, Extend, Replace the Original (Or Just Hijack the Word 'Sudo')
- First comment? A Microsoft employee
- Gemini Links 02/05/2024: Firewall Rules Etiquette and Self Host All The Things
- Links for the day
- Red Hat/IBM Crybullies, GNOME Foundation Bankruptcy, and Microsoft Moles (Operatives) Inside Debian
- reminder of the dangers of Microsoft moles inside Debian
- PsyOps 007: Paul Tagliamonte wanted Debian Press Team to have license to kill
- Reprinted with permission from disguised.work
- IBM Culling Workers or Pushing Them Out (So That It's Not Framed as Layoffs), Red Hat Mentioned Repeatedly Only Hours Ago
- We all know what "reorg" means in the C-suite
- IBM Raleigh Layoffs (Home of Red Hat)
- The former CEO left the company exactly a month ago
- Paul R. Tagliamonte, the Pentagon and backstabbing Jacob Appelbaum, part B
- Reprinted with permission from disguised.work
- Links 01/05/2024: Surveillance and Hadopi, Russia Clones Wikipedia
- Links for the day
- Links 01/05/2024: FCC Takes on Illegal Data Sharing, Google Layoffs Expand
- Links for the day
- Links 01/05/2024: Calendaring, Spring Idleness, and Ads
- Links for the day
- Paul Tagliamonte & Debian: White House, Pentagon, USDS and anti-RMS mob ringleader
- Reprinted with permission from disguised.work
- Jacob Appelbaum character assassination was pushed from the White House
- Reprinted with permission from disguised.work
- Why We Revisit the Jacob Appelbaum Story (Demonised and Punished Behind the Scenes by Pentagon Contractor Inside Debian)
- If people who got raped are reporting to Twitter instead of reporting to cops, then there's something deeply flawed
- Free Software Foundation Subpoenaed by Serial GPL Infringers
- These attacks on software freedom are subsidised by serial GPL infringers
- Red Hat's Official Web Site is Promoting Microsoft
- we're seeing similar things at Canonical's Ubuntu.com
- Enrico Zini & Debian: falsified harassment claims
- Reprinted with permission from disguised.work
- European Parliament Elections 2024: Daniel Pocock Running as an Independent Candidate
- I became aware that Daniel Pocock had decided to enter politics
- Publicly Posting in Social Control Media About Oneself Makes It Public Information
- sheer hypocrisy on privacy is evident in the Debian mailing lists
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, April 30, 2024
- IRC logs for Tuesday, April 30, 2024