Bonum Certa Men Certa

Eye on Microsoft: Another Messy Week for Security

The state of the botnet is a reality that can't be immediately escaped unless there is a large-scale disconnection of Windows-running PCs. However, rather than making steps in the right direction, the situation appears to be worsening.



This post is a quick roundup (due to time constraints) of the past week's developments, with special emphasis on complete comprise that brings the world SPAM, DDOS attacks, espionage, ransom, and wasted productivity.

Rise of the Zombies



Halloween is far behind, but the zombies are back.

Most of Srizbi's new command and control servers were located in Estonia and all of its domains were registered in Russia. For about 13 hours, some 100,000 or so infected machines had the ability to connect to those servers, though it's not clear exactly how many of them did so, since many of them were likely not powered on, Lanstein said.


IDG covered this too.

The zombie computers used to send spam are coming back to life.

Security vendors say spammers are reconnecting with hacked PCs used for sending spam as evidenced by a rising number of spam messages circulating on the Internet the last few days. Spam levels suddenly dropped two weeks ago after the shutdown of McColo, a rogue ISP (Internet Service Provider) based in San Jose, California, whose connectivity was used to control networks of hundreds of thousands of computers to send spam, known as botnets.


According to the following report, these botnets can easily increase their size by recruiting more nodes.

A new analysis of botnets has come up with a possible reason for their prodigious ability to infect PCs -- many anti-virus programs are near to useless in blocking the binaries used to spread them.


SPAM on the Rise Again



A recent statistic suggested that over 150 billion SPAM messages are sent per day. Biblical proportions by all means! Some of this can be intercepted at server level, but it increases load on the servers (and thus everyone's connection fees), not to mention the severe issue of false positives (especially affecting businesses that rely on E-mail).

With increase in botnet activity comes increase in SPAM that threatens small businesses.

The fight against spam rages on after a spike in spam levels following the shut-down of hosting service McColo. SMBs are particularly vulnerable to malware and spam; ensuring secure, spam-free email should be a prominent security interest.


This was also covered by the BBC.

Spam on rise after brief reprieve



Some 450,000 infected computers have been spotted trying to connect to the largest of the networks McColo hosted.


Worms Warming Up



More worm problems emerge:

1. Vulnerable Windows Machines Sitting Ducks for the Conficker Worm

First Microsoft, and now McAfee is warning Windows users to expedite the process of applying a patch for a Critical vulnerability in Server Service affecting both client and server versions of the operating system.

According to the Redmond company, all supported platforms are vulnerable, including Windows 2000, Windows XP (even SP3), Windows Vista RTM/SP1, Windows Server 2003, Windows Server 2008 and Windows 7. McAfee has indicated that users not deploying the patch are vulnerable, while Microsoft has already informed that it had detected active attacks and infections in the wild, following a period when exploits were just targeted.


2. Windows worm infection accelerates

Microsoft is currently observing an increase in the spread of a new Windows worm that exploits the known vulnerability in the RPC functions of the Server service to penetrate systems. The infection rate of Conficker.A worm is reported to be accelerating over company networks in particular. The Microsoft Malware Protection Center says most reports are coming from the USA, but customers in Europe, Asia and South America too are affected, and reports have also been received from several hundred home users.


3. Microsoft Warns of Worm Attack on Windows

Security researchers at Microsoft Corp. last week warned of a significant climb in exploits of a Windows bug it patched with an emergency fix last month, confirming earlier reports by Symantec Corp.

Microsoft again urged users to apply the MS08-067 patch if they have not already done so.


4. Microsoft Warns Of Attack Exploiting Windows Vulnerability

Specifically, the worm deletes any use-created System Restore points, and attempts to contact numerous sites, including those of Google, Yahoo, MSN and ask.com, to obtain the current date, according to researchers at the SANS Institute. The worm then uses the date information to generate a list of domain names, which it then contacts in an attempt to download additional malicious files onto a user's affected computer.


5. Microsoft warns of new Windows attacks

The new attacks, which Microsoft's Malware Protection Center said began over the weekend but spiked during the past two days, use the same worm that Symantec first spotted last Friday.


6. Microsoft: Worm Exploiting Networked Computers via HTTP

Microsoft informed in its most recent security bulletin that a worm dubbed Win32/Conficker.gen!A is messing around with computers across a network by exploiting a vulnerability in the Windows Server service, allowing remote code execution to take place while file sharing is enabled.


How did computing fall into this mess? Well, the following article magically vanished (we did try to find it again, to no avail), but its headline was (is) "Microsoft Not Rushing To Fix Vista Kernel Vulnerability." The disappearance of this article might be innocent, but it still raises a brow.

We covered this last week. Even when severe flaws are found, Microsoft will leave them unpatched unless or until there is an attack exploiting them, i.e. when it's too late. It is not only vain but it's also irresponsible. It also enables Microsoft to 'massage' and lie about security using meaningless figures [1, 2, 3].

Once infected, nothing on a machine can be trusted, as proven by this new report.

A DANGEROUS new variant of malware is attacking PCs in the UK, the INQ has discovered. It hijacks the victim's browser and directs them to a fake site masquerading as AVG's own front page.


Needless to say, without radical change, things are bound to get worse before they get better. It's time for consideration of secure platforms.

Fire alarm

Comments

Recent Techrights' Posts

GNU/Linux is Replacing Microsoft Windows. But We Need to Eradicate Microsoft, It's a Hub of Crime.
I have been writing about Microsoft since the 1990s when I was in school
Microsoft Staff Harassing Women, Strangling Women, Telling Women to Kill Themselves and Worse? Not a Problem!
Two women have left Brett Wilson LLP
 
Happy Independence Day to Our American Readers
Maybe tomorrow will be a good opportunity to explain to American people - in terms of concepts, not brands - which tools respect their independence
Slopwatch: Linux Journal, Linuxsecurity, and Google News Getting Even Worse (More Slopfarms Added Which Attack Linux With Bruce-Force SPAM)
Google News is part of the same problem
Links 03/07/2025: More Cuts and Cancellations at Microsoft Revealed
Links for the day
Gemini Links 03/07/2025: Favourite Child and Launching WikiGem
Links for the day
Mystery Surrounding the PCLinuxOS Sites and PCLinuxOS Magazine
Let's hope this isn't something major
People and Companies Do Learn Some Lessons From Their Mistakes (Stubborn Ones Don't)
Brett Wilson LLP is an example of one that would rather drown in mistakes
Links 03/07/2025: 'Hey Hi' Slop Ridiculed Some More and Microsoft's Layoffs Tally for 2025 Reaches About 29,000 in Just 6 Months (Almost 5,000 Per Month)
Links for the day
The Slopfarms Are Losing the Plot (and Google is Propping Up Rogue Sites)
Google is part of the attack on the Web, on information, and on technology
New BetaNews Realises There's No Potential or Future in Slopfarms, Prior Editor Wayne Williams is Back
They realise that slop (so-called "AI") cannot replace humans
Claims That Microsoft Looks for Staff That Works More and Gets Paid Less (or Can Only Code by Grabbing Other People's Code, Under the Guise of "AI")
People can form their own opinion
Richard Stallman Was Right About Reasons Not to Use Microsoft
last updated 2017
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 02, 2025
IRC logs for Wednesday, July 02, 2025
Gemini Links 03/07/2025: No to Cloudflare and Small Web July
Links for the day
Links 02/07/2025: Deep Microsoft Cuts, Macron Speaks to Putin
Links for the day
Confirmed: Microsoft Shutdowns Today, Not Only Mass Layoffs
"The Initiative is the only studio closure planned today, although some other teams have seen cuts of varying degrees."
Microsoft Windows Nosedives in Switzerland While GNU/Linux Leaps Above 6%
sooner or later they might have to make the move anyway
Anxiety at Microsoft: Many Workers (Maybe Over 10,000) Still Don't Know They're Being Laid Off Just Before US Independence Day
"Has anyone gotten the notification yet?"
Microsoft "Declined to Say How Many People Would be Laid Off," According to Associated Press
Some other prominent publications said they reached out for comment from Microsoft and received none
The X War is Over and the "Wayland People" Lost
People will gravitate towards what works for them
20 Years Since My Thesis
It's still online
GNU/Linux is Replacing Windows in Laptops/Desktops
The world will move on while Windows and Microsoft shrink
Now Comes the Expected Webspam, Framing Microsoft Layoffs as "Hey Hi" Success Story (False Marketing That's Piggybacking the Layoffs)
falsely marketed as "intelligence"
Hungary: Microsoft Windows Sinks to 17% "Market Share"
In many nations in Europe it seems like the era of Windows is coming to an end
Microsoft Media Operatives and Bill Epsteingate-Funded Sites Said Microsoft Lays Off 9,000, But Other Sites Say More (Including 2,300 in Redmond Alone)
We might never know the real number/s (Microsoft will keep the cards close to its chest) until there are leakers or unless there are whistleblowers with hard proof
Microsoft Layoffs in Spain, Portugal Record for GNU/Linux
in Portugal we see GNU/Linux at record levels
GNU/Linux Reaches All-Time High in the United States of America
Windows is trending down
Yes, Microsoft is Again Using Its Favourite Liars (Stenographers) to Seed Fake Layoff Numbers, Much Lower Than What's Really Happening
It is Jordan Novet again, just as we predicted
Will Microsoft Once Again Choose Its Favourite Liar to Spread Lies About Today's Layoffs, Quickly to be Replicated and Spread by Slopfarms?
What lies is Microsoft briefing its media moles to tell today?
"OSS Fetishism" Wins After Ferenc Zsolt Szabó Ousted (Microsoft Mole From Capgemini)
Many people said 2025 would be the "year of Linux on the desktop"
There is Nothing That LLMs Can Offer Honest People
LLMs are a passing fad; they're expensive and offer poor "value" for energy; they usually offer no value at all unless you are a cheater, spammer, and liar
What statCounter Shows Today Helps Explain Microsoft's Helplessness, Mass Layoffs
Since many US journalists are already away on holiday almost nobody will dare ask the difficult questions or give a voice to whistleblowers
Microsoft Gets the Chop in South America
The notion of digital sovereignty gained a lot of popularity
Europe Has an 'Exit'
Let's see what happens the rest of this year
El Presidente Talks, Canada Walks (Away From Windows)
GNU/Linux rising
Cities in France and Germany Move to GNU/Linux and statCounter Detects Big Differences
Will governments lead by example?
Microsoft Lost Its Foothold in Africa
How many of these are "old" Windows machines converted to GNU/Linux? Probably a lot.
Led by Europe, GNU/Linux Makes Big Gains This Month
statCounter started showing new/fresh stats
Links 02/07/2025: Massive Microsoft Layoffs About to Commence, "Tesla's Robotaxi Program Is Failing"
Links for the day
Why the Microsoft People Who Started SLAPPs Against Techrights Could Very Well be Sent Back to Prison
White-collar crime is also a crime
The Company Run by Former (and Last Proper) Red Hat CEO, Promoting Microsoft Mono, Faces Shock as Senior Partner Jailed for 33 Sexual Offenses Including Pedophilia
"As reported by The Oxford Mail in April 2025, the offenses include rape, sexual assault, engaging in non-penetrative activity with a child, and more."
Microsoft Lost 29% of Windows Users, Based on Microsoft, Now Come Massive Layoffs
Microsoft collapse is today
Slopwatch: Google Serves to People Linux Slop and Linux FUD (Made by Bots)
"Slopwatch" finds it difficult to ignore Google's role in encouraging LLM slop
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 01, 2025
IRC logs for Tuesday, July 01, 2025
"Wayland People" Behave Like the Googles and Microsofts of This World
Published yesterday by Igor Ljubuncic
Gemini Links 02/07/2025: Arch Linux and Fulfillment in Gemini
Links for the day
Links 01/07/2025: "Independence Day in Taiwan", Bounties on Software Patents
Links for the day
What Happens When Your Law Firm is Preoccupied With Harassing and Trying to Extort a Humble Couple in Manchester, Even on Behalf of Violent Microsoft Staff From Another Continent
It's good to see that law firms which operate in bad faith are perishing
Lawyer X, Law Firm X and Elon Musk's X: scandals linked by Old Xaverian
Reprinted with permission from Daniel Pocock
Gemini Links 01/07/2025: Distraction-Free Writing and Hytale Mismanagement
Links for the day
Links 01/07/2025: "Beauty of Blogging" and "Etiquette of Collapse"
Links for the day
Microsoft Uses LLM Slop to Defraud (or Rob) Shareholders
Microsoft is basically defrauding its shareholders by LLM slop
The Web is a Dead End
We need to adopt alternatives
When Words Lose Their Intended Meaning
examples of words that, at least in the technical spheres, don't mean what they sound like
People Who Disagree With You on Technical Matters May or May Not Agree With You on Political Things (But Usually They Do)
What bothers me a great deal is seeing left-leaning people accusing other left-leaning people of being "nazis"
"Too Much Choice" and "Too Many Programming Languages"
What IBM and its apologists aim for was attempted in the 1930s and it failed
Microsoft Lost 400,000,000 Windows Users, According to Microsoft
more people adopt smaller computers and many people replace Windows with GNU/Linux, as they don't really need a new computer
The "Davos Effect": Tarnishing the Reputation of Places Not by Overtourism But by Oligarch Infestation
The last Venice needs is an affiliation with Venetian oligarchs
Half a Year Gone, What's to Come Next
In the second half of 2025 we expect to be done with the Microsoft SLAPPs
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 30, 2025
IRC logs for Monday, June 30, 2025
People at the Very Top of Microsoft Know How Bad Things Really Are
There's no product that can replace the former profitability of Windows licensing and stuff that went on top of Windows
Gemini Links 01/07/2025: Mid Year and a Tour of Old Languages
Links for the day