Bonum Certa Men Certa

Windows Kernel Vulnerability for Thanksgiving, Insecurity Used for Surveillance Again

Oppression and proprietary software are a pair

Guard with machine gun



Summary: Another major security problem in Windows, new destinations for Stuxnet, and new excuses for tracking one's Web trails

IT IS not uncommon for Microsoft to leave systems administrators rather restless over the holidays, most typically over Christmas. Users too are left paranoid. This holiday season (US in particular) was no exception as a new Windows kernel vulnerability bypasses UAC, says Slashdot, citing Sophos:



"A new vulnerability in the Windows kernel was disclosed Wednesday that could allow malware to attain administrative privileges by bypassing User Account Control (UAC). Combined with the unpatched Internet Explorer vulnerability in the wild this could be a very bad omen for Windows users."


From the original source rather than Slashdot's summary:

A new zero-day exploit in Microsoft Windows was disclosed today. The exploit allows an application to elevate privilege to "system," and in Vista and Windows 7 also bypass User Account Control (UAC). The flaw was posted briefly on a programming education site and has since been removed.


According to another report, Stuxnet is still out there and now it is sold on the black market.

According to a report from Sky News, the Stuxnet worm has already been traded on the black market. The report does not clarify whether this refers to the source code or to binary samples. British security specialists now fear that terrorists could use the worm to attack critical infrastructure. The report quotes an IT security consultant to the UK government as claiming, "You could shut down power stations, you could shut down the transport network across the United Kingdom".


We wrote about Stuxnet many times before and it is interesting because some say it was engineered in order to spy on or to sabotage nuclear facilities in so-called 'rogue' nations. See for example:

  1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran's Nuclear Programme
  2. Windows Viruses Can be Politically Motivated Sometimes
  3. Who Needs Windows Back Doors When It's So Insecure?
  4. Windows Insecurity Becomes a Political Issue
  5. Windows, Stuxnet, and Public Stoning
  6. Stuxnet Grows Beyond Siemens-Windows Infections
  7. Has BP Already Abandoned Windows?
  8. Reports: Apple to Charge for (Security) Updates
  9. Windows Viruses Can be Politically Motivated Sometimes
  10. New Flaw in Windows Facilitates More DDOS Attacks
  11. Siemens is Bad for Industry, Partly Due to Microsoft
  12. Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
  13. Microsoft's Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
  14. Microsoft Software: a Darwin Test for Incompetence
  15. Bad September for Microsoft Security, Symantec Buyout Rumours
  16. Microsoft Claims Credit for Failing in Security
  17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data
  18. Windows Users Still Under Attack From Stuxnet, Halo, and Zeus
  19. Security Propaganda From Microsoft: Villains Become Heroes
  20. Security Problems in iOS and Windows
  21. Eye on Security: BBC Propaganda, Rootkits, and Stuxnet in Iran's Nuclear Facilities
  22. Eye on Security: ClamAV Says Windows is a Virus, Microsoft Compromises Mac OS X, and Stuxnet Runs Wild


A few days ago we mentioned MSBBC articles which clearly neglected to mention Windows in stories that were about Windows-exclusive problems.

"ANOTHER Windows only story from the #BBC not mentioning Windows," wrote Gordon, "they send people to jail for not paying for this s**t," he added" (the MSBBC is funded by British taxpayers).

Gordon is right because Windows malware is the central issue discussed in the article (although it avoids mentioning Microsoft or Windows). For example:

He was caught installing password-capturing software by computer staff examining network problems.


This is a form of surveillance by a criminal. But we previously explained how surveillance uses security as a pretext (sometimes targeted marketing is the preferred excuse) and this includes security problems in software. On that issue, Gordon shares another MSBBC article . It talks about "virus alert system" (not mentioning Windows of course) and Gordon says one "gotta love the ISPs who spy on their customers connections #TalkTalk... this excuse is "malware protection" [still Windows of course]":

Talk Talk is launching trials of a controversial anti-malware system following intervention by the Information Commissioner (ICO).

The Virus Alert system keeps an eye on the websites customers visit to stop them accidentally going to places riddled with viruses.


More here in The Inquirer:

BROADBAND PROVIDER Talk Talk has announced it will continue rolling out a traffic monitoring system that it claims will protect its customers.

The opt-in Virus Alerts Service (VAS) was recently likened to the now banned traffic snuffling operation Phorm by the UK Information Commissioner's Office. It claims to track URLs visited by Talk Talk customers and warn them if a website harbours malware.


The problem here is proprietary software and also this illusion of needing government help (with Phorm that's harboured by it) to simply navigate through some Web pages.

Recent Techrights' Posts

They Made Technology Scary and Taught Us That It's Innocent, Friendly, Even "Social"
Rejection of all this "apps" and "gadgets" and "Smart" (whatever that means!) status quo isn't a rejection of society
 
Microsoft's Big Lies Regarding This Week's Mass Layoffs Have Already Begun (and They're Already Being Spread by Slopfarms)
Microsoft is the "market leader" in slop
Summer Plans in Techrights and Elsewhere
massive layoffs at Microsoft
Explaining the Full Story of SLAPPs From Microsoft Staff
For every action there is a reaction, for every attack there will be proportionate consequences
The Openwashing Shills Initiative (OSI) - Part III: IRS and Status of OSI
"They lied to the US IRS and there’s a paper trail"
IBM Red Hat's Dogmatic Fanaticism Under a Thin Veil of "Modernism"
IBM now has the audacity to paint people who don't agree as "nazis"
Microsoft's Share in Guatemala Fell From 97% to 14%
Eventually Microsoft will get stuck in a loop of layoffs, layoffs, and more layoffs
The Media is Under Attacks Partly Because There's Little Other (Remaining) Press to Speak in Its Defence
The biggest danger here is that when there's very little press or no "opposition media" left it becomes even easier to crush critics because there aren't many people left to speak about the matter
If Your Web Site is Run by Bots, Eventually Nobody Will 'Read' It Except Bots (People Don't Want to Read Slop)
Eventually people learn from mistakes
Links 29/06/2025: Microsoft Releases False/Fake Benchmarks, "Google Wants You to Watch Ads or Take Surveys to Read Articles"
Links for the day
Links 29/06/2025: Data Breaches and Online Censorship
Links for the day
Gemini Links 29/06/2025: "The Price Of Eggs" and Gemini 3D Tic Tac Toe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 28, 2025
IRC logs for Saturday, June 28, 2025
The "News" You Saw About Canonical is Misleading, It Made Only 18 Million Dollars Last Year and Barely Paid Any Taxes
Lies are the norm these days...
Pushing Wayland Using Straw Man Arguments
phoronix.com has long promoted the talking point of "Wayland people" (for at least a decade already)
Australia: Windows Fell to All-Time Low, Even Lower Than iOS
There's a good reason why next week there will be so many Microsoft layoffs
Slopwatch: Linuxsecurity, WebProNews, and Google News Boosting Slopfarms as 'News'
People who don't recognise the slopfarms and don't know which sites are fake would struggle to understand what's really going on
Links 28/06/2025: Hardware/GPU Wars, GAFAM Throws Money (Borrowed Cash) at Hopeless Slop Pipe Dream
Links for the day
Gemini Links 28/06/2025: Shellshock and Network UPS Tools
Links for the day
Links 28/06/2025: The Age of Integrity and FreeBSD Foundation Added John Baldwin as Board Member
Links for the day
Fedora 44
IBM now does to Fedora what it did to RHEL
Microsoft Already Shaved Off Costs Anywhere It Could. It Was Not Enough.
Office and Windows aren't "selling" (licences) like they used to
Scheduled Maintenance Next Week
Our community is alive and well
BetaNews: We're Publishing LLM Slop About LLM Slop
Beta version of a slopfarm?
3-Month Updates on Our Complaint to the Solicitors Regulation Authority (SRA)
In short, the complaint remains open, updated, and is advancing
IBM Red States Hat (Project 2025): Our "New Thing" Replaces This "Old Thing"
The new replaces the old. That's how IBM frames it.
Start X
Just because something is old does not mean it is bad
Slopwatch: Linuxsecurity, Google News Slopfarms, and Linux Journal (LJ)
Today we take a quick look at 3 slopfarms
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 27, 2025
IRC logs for Friday, June 27, 2025
Links 28/06/2025: "CC Signals" Virtue-Signals to Slop Ponzi Schemes, North Korea Aims for Tourism
Links for the day
Links 27/06/2025: International Tensions and Contentions Over Plagiarism Perfumed as "Hey Hi" and "Fair Use"
Links for the day
Gemini Links 27/06/2025: Poetry and Censorship by Social Control Media Centralisation
Links for the day
Links 27/06/2025: Journalists Under Fire and Microsoft Has Serious Slop Problems
Links for the day
X is Dying, But Not XServer/X11. Twitter X.com is Dying.
People or businesses or government officials (and departments) that still rely on Social Control Media are playing Russian Roulette with their future online
Wayland is About Less Choice, About Removing Choices, It's Not About Freedom
IBM insists that it cares about "diversity"
Keeping Things Accessible
Gemini Protocol seems to be growing
Escaping Colonialism (or 'Hegemony') Requires Abandoning GAFAM, Microsoft in Particular
Europe is already in the process of abandoning Microsoft
Microsoft Will Shut Down More Studios This Week, Its Media Operatives Will Tell Lies About the Magnitude of the Shutdowns and Layoffs (They Always Do)
Many people who get counted as "workforce" are "temps" or similar
Not Much Better Than LLM Slop: Linux Foundation-Funded 'News' Site Writes Linux Foundation 'News', Composed by Linux Foundation Operative, Quoting Linux Foundation Staff
...they get paid (sponsored) to produce this spam. Then they call it "journalism".
What Linux Foundation 'Research' is: Paid Marketing
What is Linux Foundation 'Research'?
Annual Southern California Linux Expo (SCALE 22x) 'Bought' by Microsoft and Microsoft Exceeded Sponsorship Limits by Giving Double the Maximum Permitted Amount
When people get bribed they tend to forget how to utter a simple word: "No."
No, IBM Does Not Care About People With Disabilities
"Aktion T4" did not seem to bother Watson
Microsoft's Financial Problems Mean Shutdowns, Not Just Mass Layoffs
If the original rumour is true, then expect almost 30,000 Microsoft workers to be let go this year
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 26, 2025
IRC logs for Thursday, June 26, 2025
The Netherlands: GNU/Linux Measured at All-Time High
Are any Dutch cities going to announce dumping Microsoft?
Gemini Links 27/06/2025: "Interstitial Existence" and Autocorrect
Links for the day