Bonum Certa Men Certa
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Microsoft Back Door in Windows (All Versions) Intentionally Left Open For Over a Year, Existed for 15 Years

Summary: It has become more obvious that Windows back doors are there by design (or knowingly left there by intention) even after Snowden's NSA leaks

THERE ARE SOME corporate media reports about Microsoft patches, but few realise the significance of it. Microsoft tells the NSA about unpatched holes in Windows and other Microsoft software, which is the equivalent of giving the NSA back door access.



As we noted some weeks ago, evidence shows that Microsoft doesn't care about security and it is evidently the same with Apple. They both sat on known flaws that were critical for longer than 3 months, refusing to patch them. Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known).

"Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known)."Dan Goodin, who typically spends his 'journalism' career bashing Free software over security, has finally decided to shift some focus and write about a massive Windows flaw. It's a major one, no doubt; But no name, no "branding"...

In Goodin's own words:

Microsoft just patched a 15-year-old bug that in some cases allows attackers to take complete control of PCs running all supported versions of Windows. The critical vulnerability will remain unpatched in Windows Server 2003, leaving that version wide open for the remaining five months Microsoft pledged to continue supporting it.

The flaw, which took Microsoft more than 12 months to fix, affects all users who connect to business, corporate, or government networks using the Active Directory service. The database is built into Windows and acts as a combination traffic cop and security guard, granting specific privileges to authorized users and mapping where on a local network various resources are available. The bug—which Microsoft classifies as MS15-011 and the researcher who first reported it calls Jasbug—allows attackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a man-in-the-middle exploit that executes malicious code on vulnerable machines.


The significant part is in the second paragraph above ("took Microsoft more than 12 months to fix"). We can interpret that as saying that the hole, which NSA used for over a year for back door access (because Mirosoft told the NSA about it), is finally being acknowledged to the public. Therein lies the 'magic' of proprietary software. Is the NSA now 'done' cracking all the world's networks that have Windows in them? Is it now 'safe' to finally close this back door?

Microsoft Windows is an utter joke when it comes to security, as Microsoft's own actions serve to show. Back doors surely look like the goal, not an error. Windows was recently used to crack Sony years after the NSA had cracked North Korea's network. Those who knowingly used an operating system with back doors can't blame anyone other than themselves and perhaps Microsoft/NSA. Misplaced blame these days typically names China, Russia, or North Korea.

Remember that Microsoft leaves security holes open/in fact anyway, no matter if versions of Windows are supported or not (upgrades are neither simple nor free). As Goodin's former employer puts it:

What happens six months from now, on 14 July? That's the date Microsoft issues its last security fix ever for Window Server 2003 – the end of extended support from the server operating system's maker.


The article states that many servers will basically be left with permanent back doors. Many of them contain customers' (or patients') data.

As Robert Pogson put it, "Server 2003, which is due to go without support this summer won’t be fixed for a recent Patch Tuesday revelation of a vulnerability built-in by design a decade ago and impossible to fix without breaking everything…"

He concludes correctly: "Maybe it’s time people switched to GNU/Linux, an operating system not designed by salesmen. It’s not perfect but at least the bugs are fixable."

Yes, even bugs with special names, logos, and "branding" -- those that the corporate media loves to hype up.
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Recent Techrights' Posts

[Video] IBM Shakes Hands of Prince Mohammed bin Salman
handshake of loyalty
The SLAPPs From Microsofters Distract From Serious Copyright Infringement by Microsoft and Apparent Business Crimes
Aside from other issues, such as strangling women
Trolls With LLM Slop Are Disrupting Communications About Mass Layoffs at IBM
LLM slop to drown out the signal
 
Gemini Links 17/05/2025: Happier on Gemini and Manipulating Reddit
Links for the day
ComEd and Microsoft: A Mess of Spaghetti Held Together By Circus Clowns
Reprinted with permission from Ryan Farmer
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 16, 2025
IRC logs for Friday, May 16, 2025
Links 16/05/2025: Microsoft Sacks Pregnant Women, People Fired on Their Birthday; Adobe Censorship Failing
Links for the day
Gemini Links 16/05/2025: "Repairing Our Way out of Commodity Fetishism" and Pre-librebooted Computers
Links for the day
The Microsofters Have Just Shared Privileged Trial Data With Microsoft
There are serious ramifications for liability accountability as Microsoft salaries sponsor these SLAPPs
Enshittification is Everywhere: You Pay More, the Services Get Worse
"Enshittification" is a term coined by an online friend; I increasingly use this term to describe what's happening even outside the realm of technology (which it was adopted to describe)
Microsoft Reduces Office Space Ahead of More Waves of Mass Layoffs
"The Gerstnerisation of Microsoft"
Anti-Linux FUD Produced by Microsoft LLMs to Blame "Linux" for Microsoft's Own Failures
We call out some of the worst culprits
Gemini Links 16/05/2025: Hoking GPS, Grabovac, and Tanana
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 15, 2025
IRC logs for Thursday, May 15, 2025
Microsoft WARN Notices Proliferate in the United States
From what we've seen, this wave was more than 3% (a lot more) and the next wave/s will be even bigger (possible as imminent as weeks from now), based on insider leaks
Links 15/05/2025: Google Betrays Publishers Again, Openwashing by Sysdig
Links for the day
Richard Stallman Still Respected by Many in the Libre Graphics Community
Richard Stallman and Professor Moglen never harmed anyone
If You Read Techrights, Then You Probably Want to Read Tux Machines as Well
That site is more active than this one
Gemini Links 15/05/2025: Forced Music in Publicly Accessible Space and ~silv is Online
Links for the day
Links 15/05/2025: KOSA Censorship (USA Becomes More Like KSA) and More National Cuts
Links for the day
Bing Might Shut Down - Just Like Skype Did - Some Time in the Coming Months/Years (Parts of It Already Shut Down)
they try to bring the losses under control
Your Real Ally Would Not Defend the Company of SLAPP and Strangling of Women
who's left to tell us what's true?
Breakdown of Microsoft Layoffs Shows It's About Cost, Not Performance or Hype (Like "AI")
MSN (Microsoft) reposted this with some unnecessary spin
The Lawyers Working for the Serial Strangler From Microsoft on SLAPPing Techrights Have Apparently Lost Their Voice
the moment we mentioned that their media lawyer is leaving they went all quiet in social control media
At IBM, Relocation Can be a Trick or a Trap (IBM Gets Rid of Staff Under the Guise of "Relo")
IBM is not being honest with employees
Microsoft Rumours: This Week's Scale of Layoffs "Higher Than Reported" and More Coming Soon ("A Lot More Severe" Than May's)
The "3%" figure is false
Slopwatch: Sloppy Brian, Brittany Slop, and General Observations
Creative people don't need slop; there's just nothing good about it, slop appeals to lazy people careless about quality
Over at Tux Machines...
GNU/Linux news for the past day
Beyond Mass Layoffs at Microsoft: Entire Units Shut Down for Good
And it's far from over
Links 15/05/2025: Crikvenica, Analog Computer, and Slop 'Hallucinations'
Links for the day
IRC Proceedings: Wednesday, May 14, 2025
IRC logs for Wednesday, May 14, 2025