Bonum Certa Men Certa

Microsoft Claims Credit for Failing in Security

Servers rack - amateur



Summary: Latest security issues and systematic deception, mostly from Microsoft and its various boosters across the Web (giving credit to Microsoft after Microsoft messed up)

Gratis as in Lock-in



A FEW days ago we wrote about Microsoft's attempt at disconnecting the air supply from third-party AV vendors, at least in small businesses. This would only decrease security due to monoculture, decreased competition, and lack of incentive to improve. The funny thing here is that Microsoft sells a vulnerable operating system and then claims to be distributing "free of charge" (only to some people) what ought to have been a characteristic of the operating system, not an add-on. The spinners from Seattle call it a "free" anti-virus software and what's meant by free is not freedom. It's free as in gratis, with lock-in. It decreases one's personal freedom and also impedes freedom of choice. A better headline than "Free Anti-Virus Protection Spurs More Robust Options" would be "Free-of-charge Anti-Virus Pseudo-protection Depresses More Robust Options".



Watch the Indian press turning the whole thing into Vista 7 promotion: "IT major Microsoft has launched a campaign to help computer users identify threats to their systems and how their networks can be made secure using Original Windows 7 that now comes with the advantage of Microsoft Security Essentials."

So Microsoft wants to dump Security Essentials on the market (as expected by many people all along) and already we learn that "Scareware Apes Microsoft Security Essentials". Microsoft has always performed very poorly among the security products already available and well established. "Anti-virus systems get tested" says The Inquirer which gives the following details:

A NUMBER of the most common anti-virus security systems have had a beady eye passed over their effectiveness and fitness for purpose in an assessment.

The study, which was carried out by the Austrian AV Comparatives group, looked at twenty products from the main providers that volunteered to take part.

We do not know who if anyone refused, but AV Comparatives said that it had limited test subjects to no more than twenty and required that participants adhered to its undisclosed criteria.


"Over half of all apps have security holes," claims Veracode (which we mentioned in [1, 2]).

More than half of all software applications failed to meet an acceptable level of security, according to a study based on real-world code audits by application security firm Veracode.

Around 57 per cent of applications failed to pass muster when first submitted to Veracode’s cloud-based testing service. A similar 56 per cent of finance-related applications failed first testing by Veracode’s security audit. The quality of the code used in many business-critical banking and insurance operations was simply not up to snuff.


ASP.NET Under Attack, Spin



In security news, the other major issue last week was the Microsoft ASP.NET vulnerability, which we wrote about in [1, 2, 3, 4].

“Is this really praise-worthy, especially when someone responds to flaws which the same someone is responsible for?”The ASP.NET problem alarmed Microsoft a great deal and the PR spin strives to make Microsoft be seen as responsive. An advisory was quickly issued [1, 2, 3] because of bad publicity and because it was already being exploited (a demo existed). There is only a temporary fix, not a permanent one. There are third-party fixes.

So, once again Microsoft pays attention to flaws a tad too late and then scrambles to limit damage it could probably prevent. Is this really praise-worthy, especially when someone responds to flaws which the same someone is responsible for?

Just like in the case of Russian spin [1, 2], Microsoft is trying to make itself look like the saviour rather than the problem. Lee Pender of the Microsoft boosters is trying to make Microsoft look good by painting it as responsive and responsible. To quote: "Well, late last week, we got an update from a Microsoft spokesperson who wanted to tell us that Microsoft hasn't just buried its head in the sand on Stuxnet."

We wrote about Stuxnet in [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14].

Microsoft-Police



Over in Australia, Microsoft is involving the police right now (funded by taxpayers) [1, 2, 3, 5]. It's about a computer scam that affects Microsoft.

Twitter and Fog Computing



The other day we wrote about the major problem Twitter.com was having. Half a million Twitter users are said to be affected by a Twitter worm and Slashdot discusses the matter before and after the patching. Here are "the names and faces behind the 'onMouseOver' Twitter worm attack". It's one of those risks of Fog Computing. Even a teenager turns out to have been smart enough to do it.

But later, some mischievous users of the site started using the exploit to make people "retweet" infected messages (when they hovered over a tweet with the code inserted) that they had not authorised.


The guy is Australian, so will the police get involved? Or does the Australian police get involved only to help Microsoft?

Recent Techrights' Posts

Links 26/10/2025: Microsoft Spies on Gamers, Open Transport Community Conference
Links for the day
Links 26/10/2025: LLM Slop / Plagiarism Programs Continue to Disappoint, CISA Layoffs Threaten Systems
Links for the day
Gemini Links 26/10/2025: Gemsync and Joining the Small Web
Links for the day
India.com a Click-baiting, SEO-Spamming, Slopfarming Heap
They do this almost every day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 25, 2025
IRC logs for Saturday, October 25, 2025
Without XBox Consoles, XBox is No More, It's Just a Brand (More Rumours of Microsoft Ending XBox, Then Laying Off Lots of Staff)
All signs indicate that Microsoft wants to "exit" the XBox business (not brand), but it does not want to publicly admit this as it would alarm staff and shareholders
Gemini Links 25/10/2025: Portugal, Midnightpub, and "Tech Right Admins"
Links for the day
Almost 2026 Already (When We Turn Twenty)
In just over a year the site will turn 20
When "Sponsored Feature" in The Register MS Means Ponzi Scheme Promotion From the Communist Party of China (CPC)
the promotion of a financial scam
Week of EPO Leaks: Workers of the EPO Are Getting a Pay Cut While Prices Rise Fast
More to come in the next few days
Microsoft is Finally Giving Up on XBox, The Chief Says the Grapes Are Sour Anyway
Microsoft loses hundreds of dollars on each XBox that it sells
Slopwatch: LinuxSecurity, UbuntuPIT, and Various Slopfarms Propped up by Google News
Why can't Google News do better than this?
Links 25/10/2025: Two New Smokescreens for Scam Altman and ‘TikTok USA’ Remains in Limbo
Links for the day
Bad faith: can't change Debian Social Contract (DSC) without unanimous consent of every joint author
Reprinted with permission from Daniel Pocock
Confirmed: Very Close Friend of Bill Gates and Microsoft's Biggest Patent Troll Nathan Myhrvold Flew the Lolita Express (a Gateway to Pedophilia), According to Bill Gates-Sponsored Seattle Times
There is no speculation or any "conspiracy theories" here;' those are verified facts
Gemini Links 25/10/2025: "The Highest Leader of The Global Civil Society Community", SSL Certificates Causing Bitrot
Links for the day
Links 25/10/2025: Target Layoffs and "Shutdown Sparks 85% Increase in US Government Cyberattacks"
Links for the day
"Big Data" Was a Big Lie
Remember "Big Data"? Remember "Data Scientists"...?
statCounter Has Been Broken for a Long Time
Considering the huge proportion of Web requests that come from LLM bots (more so this past year or two), statCounter may struggle to justify the operating costs
Techrights Anniversary Party on November 7th
Let us know if you need any accommodation-related arrangements
Trends That Must Alarm Microsoft and Mozilla
Expect Firefox to no longer be supported by various sites in the US
Why Microsoft Became the Layoffs Leader
The corporate media is projecting or signalling its own dishonesty when it tells us that Microsoft is a very "valuable" company while the data shows Microsoft is also a "market leader" in layoffs
Speaking for Ourselves and Letting the Facts Speak for Themselves
we've already published over 50,000 pages
For Second Time in a Day The Register MS Takes Money From Private Companies to Sell a Ponzi Scheme
Do not have empathy for those who have zero empathy towards you
IBM is Misleading IBM Shareholders
IBM is still all about vapourware and buzzwords
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, October 24, 2025
IRC logs for Friday, October 24, 2025
The Serial Slopper Starts Up - or Restarts - His Plagiarism Machine (LLMs)
Serial Sloppers like these don't belong in news sites. That's why he got sacked by BetaNews.
Links 24/10/2025: Esperanto Music History, Anxiety, and New Portals
Links for the day
[Video] Richard Stallman's Talk in Sweden, Attended by Nearly 700 People, is Now Online
The Web page is in Swedish, but the talk is in English
Slopwatch: LinuxSecurity.com, Linux Journal, and Pet Slopfarms of Google News
Why does Google News still advance these fake sites to the top of search results?
Links 24/10/2025: Inequality Grows, Billion-Dollar Scam Center Industry
Links for the day
Links 24/10/2025: "Independent Media in Cambodia is Collapsing" and Serious F5 Breach
Links for the day
Coping With the Site Going More Mainstream
Fame is no laughing matter
They Never 'Put Down' Corporations
There are "pests" that are traded in Wall Street
21 Pages in Less Than 7 Hours is No Joking Matter
We've become a lot more effective and efficient
Correct Information is a Valued Asset in the Age of Slopfarms and Public Relations (PR) or Spin
Publishing suppressed facts is never easy
The Register MS Continues to Bag Money to Promote a Ponzi Scheme, Even Money From China
Today in the front page
analytics.usa.gov: The Only Supported Version of Windows (This Past Week) is Only Used by About 13.9% of People in the US, the Home Base of Windows
Even Vista 7 is still used more
Rust is Very Secure
If only Rust itself is secure
Who Will be Held Accountable for Breaking Ubuntu by Imposing Rust on Otherwise-Functional Programs, in Effect Replacing GNU With Proprietary Microsoft (GitHub)?
they're practical people who merely point out that a bunch of buffoons not only ruin Ubuntu but also every future distro based on Ubuntu
Generation Chaff - Phase VIII: In Summary
Like "Science" with a capital "S", what we see here commercial interests usurping everything
Generation Chaff - Phase VII: Curtailing Alternative Media
There was always an obligation - a collective duty of sorts - to uphold independent journalism
Generation Chaff - Phase VI: Centralisation of Information (X, Cheetok/Fentanylware)
Would you trust information when controlled by such people?
Generation Chaff - Phase V: Censorship of Dissent (Painted as Harassment or Terrorism)
Censorship is all around us now
Generation Chaff - Phase IV: Apps Only Few Companies Decide On
Tools are being collectively confiscated, under the premise or false prospect of "security"
Generation Chaff - Phase III: Slop and Plagiarism
A lot of the current so-called 'economy' is built upon false valuations
Generation Chaff - Phase II: "Cloud", Blockchains and Other Hype
For those of us who turned down those propositions there was a struggle; we needed to justify not having skinnerboxes or "social" accounts in some site run by a private company
Generation Chaff - Phase I: Social Control Media
IRC predates the Web
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 23, 2025
IRC logs for Thursday, October 23, 2025
More Clues Shed on Collapse of Microsoft XBox
XBox is basically circling down the drain as Microsoft implements 2-3 waves of layoffs each month
'Vibe Coding' Doesn't Work
In a lot of ways, so-called 'Vibe Coding' is already considered vapourware or a passing fad promoted in the media by managers who try to justify mass layoffs, especially ridding companies of "very expensive" software engineers
Links 24/10/2025: Microsoft's Killing of XBox Connected to Revenue/Profit Problems, "How Elon Musk Ruined Twitter"
Links for the day
Gemini Links 24/10/2025: 86,400 Seconds and "Society's Task"
Links for the day