Latest Security Dangers Are Windows Only

Dr. Roy Schestowitz

2009-01-12 13:26:07 UTC
Modified: 2009-01-12 13:26:07 UTC

More than a million PCs turned to zombies

NOT A WEEK goes by without new dangers to users of Windows, and it's only fair to list the latest examples since it falls within our scope.

USB drives continue to be a risk to Windows because of the way the operating system handles devices insertion (namely execution) and the privileges it hands over to untrusted code.

Businesses who may not have applied a Microsoft patch issued last year are now being attacked by a worm targeting the vulnerability.

Multiple security organizations have issued warnings about the worm, deemed Downadup, which attacks the vulnerability outlined in the Windows Server service flaw, MS09-067, that was patched last October, Zdnet.com reports. The worm uses a dictionary attack in an attempt to crack user passwords, as well as using "server-side polymorphism and modification to the Access Control Lists."

According to this report from The Register, the Major League Baseball (MLB) Web site is serving malware which is only Windows compatible. The click-to-install or drive-by-install (ActiveX) paradigm takes its toll.

Once again, Major League Baseball's website has been caught serving ads designed to infect its considerable base of visitors with malware that trashes their machines.

With so much malware afloat, it's hardly surprising that almost 1 in 2 PCs is a zombie PC and it keeps getting worse. (emphasis below is ours)

The Storm Worm has been causing havoc for over two years now, transforming more than a billion computers into drones. Following a surprisingly unsuccessful mission by Microsoft’s Malicious Software Removal Tool around 100,000 drones still remain.

This fight is being taken to the Web as well. NATO's Web site has just been cracked, as well as Web sites of the United States military.

The attacks on Thursday took down the Web sites for The United States Army Military District of Washington and the NATO Parliamentary Assembly, according to Zone-H, a Web site that tracks defacement activity.

The IRS, which is most likely operating in a Windows-based environment, may suffer a similar fate.

Auditor: IRS Still Vulnerable to Cyber Breaches

"These deficiencies represent a material weakness in IRS's internal controls over its financial and tax processing systems," the GAO report said. "Until IRS takes these steps, financial and taxpayer information are at increased risk of unauthorized disclosure, modification, or destruction, and the agency's management decisions may be based on unreliable or inaccurate financial information."

Well, at least no lives at risk this time around... 'just' people's finances. How reassuring. ⬆

breaking the bank
Cracking the bank

EPO Staff Can Go Listen to Richard Stallman Next Week in Munich (Technical University of Munich, Rudolf-Diesel Hörsaal (MW2001) on Campus Garching at 18:00): "The talk is open to the public and attendance is free. Registration is not required."
At IBM, Relocation Means Layoffs (Downsizing): Silent or 'invisible' layoffs?
Dystopian Trends in Technology Make Richard Stallman More Relevant Than Ever: It's good to see him attracting vast audiences
Richard Stallman (RMS) Announced His Talk Less Than 24 Hours Before It Took Place and Still Filled Up the Auditorium at Sapienza Università di Roma: Photos from yesterday evening [...] It looks like it was a very successful event
Gemini Links 14/10/2025: An Opportunity to Consider GNU/Linux and Another Simple IRC Client: Links for the day
Slopwatch: UbuntuPIT, LinuxSecurity, Google News, and the Serial Slopper Brian Fagioli: Nothing of merit here, just more slop
Links 14/10/2025: Lack of Trust in Slop and "Retirement Challenges": Links for the day
Rhonda D'Vine, Gerfried Fuchs, Pronouns & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Central Staff Committee of the European Patent Office (EPO) Warns That EPO Management is Robbing or Manipulating Pension Funds Again: Faking "growth" is just about as bad as forgery
Probably a Lot Worse Than LLM Slop: GNOME Tying Itself to Divisive Politics, Even Where It's Clearly Not Relevant: Something has gone terribly wrong in GNOME
Links 14/10/2025: Microsoft OneDrive Scanning Faces in Photos (Without Asking First), "OpenAI Says It Will Move to Allow Smut": Links for the day
They Generally Don't Like Scholars, as They're Less Compelled or Pressured to Repeat What Corporations and Oligarchs Say: People who loathe scholars have an agenda in mind that, unlike that of reasonable people, revolves around controlling people
Belated New Article About Last Thursday's Lecture by Richard Stallman in Helsinki, Finland: there are good reasons to pay with cash, not limited to privacy
Attacking Richard Stallman Has Become 'Career Suicide': If you're going to viciously attack somebody, make sure your arguments are rock-solid
Microsoft's Failing XBox Business Has Turned Games Into Funerals: How does it feel to depend on Microsoft?
Yesterday's "Distinguished Lecture" by Richard Stallman Possibly Attended by Close to 1,000 People: The capacity of the place is about 900
Slop Poisons Everything: Imagine wanting to find what Torvalds has just said or what has just been released
Taking Software Freedom 'Mainstream': interest in Software Freedom must have grown
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, October 13, 2025: IRC logs for Monday, October 13, 2025
Gemini Links 14/10/2025: Ada Lovelace Day, Sony CLIE PEG-TG50 Review, Why to Avoid Network Solutions: Links for the day
The EPO's War on Techrights Was a Massive Mistake: The EPO started the SLAPPs after we had published a few hundreds of articles; we've since then published close to 6,000 because the attacks on us emboldened insiders to help us
General-Purpose Computers to Become Growing Area of Coverage: Without them, we have little left for controlling our lives
"They missed a great opportunity to shut up." -Jacques Chirac: Brett Wilson LLP has been trying to cheat the legal system many times
Harassment evidence: Switzerland, overcrowded fitness and yoga centers, incompetence and racism in accident response: Reprinted with permission from Daniel Pocock
Vincent Danjean & Debian NXIVM collateral, blackmail risks: Reprinted with permission from Daniel Pocock
In Sweden This Past Friday Richard Stallman Explained Why Copyleft is Important: And he didn't have to 'bash' BSDs, either
IBM Layoffs Due to a Lack of Money and Company Debt Rising by Almost 10 Billion Dollars in 6 Months: IBM didn't buy Red Hat for any ideological reasons; it was a fast "cash grab" for revenue
Forbes Already Stopped Being a News Sites. Now It's a Spam and Propaganda Platform for "Paying Partners" (Companies).: news from Forbes became very scarce
Is the Second-Largest Institution in Europe (EPO) Gradually Becoming More Like a Sweatshop?: Underpaid, unqualified, inexperienced and incompatible people are already recruited to replace veteran examiners
The Register MS Has No FOSS Coverage Anymore: The Editor in Chief is like a Microsoft plant
Links 13/10/2025: "Toasty Subwoofer" and WiFi Speakers "Are About To Go Dumb": Links for the day
Gemini Links 13/10/2025: iNaturalist and Tove Jansson’s Moominpappa at Sea: Links for the day
Microsoft Does Not Deny That Large Retailers Like Walmart, Costco and Target Are Giving Up on XBox (and Not Stocking It): No doubt XBox is in trouble and rumours suggest that more mass layoffs are imminent
We'll Encourage Richard Stallman to Talk About Software Patents at the EPO Next Week When He Visits Munich (EPO Headquarters): Go listen to Richard Stahlmann
Investigative Journalism Protects Society From Corruption, Crimes Against Women, Assaults on Civil Society: "what is the point of men doing military practice to defend a system that is so rotten?"
Swiss pimp usurping reputation of legendary Tissot boss Francois Thiébaud from France (BaselWorld, SWATCH Group SA): Reprinted with permission from Daniel Pocock
Paris 'Love Nest' & Debian Outreachy: from Lycée Lakanal to ENS Cachan, Cr@ns, nepotism: Reprinted with permission from Daniel Pocock
Richard Stallman to Give Public Talk in 3 Hours, Then in the Technical University of Munich (Germany) Next Week: Richard Stallman at TUM on 21.10.2025 18:00, MW2001
Arnaud Parreaux lost case defending rogue employer: Reprinted with permission from Daniel Pocock
Mathieu Elias Parreaux declared bankrupt in Switzerland: Reprinted with permission from Daniel Pocock
Breakdown of the Rule of Law and Patent Law in the European Union (EU): The EPO cannot recruit suitably qualified patent examiners this way, let alone retain them
Gemini Links 13/10/2025: Good Films, Wizard of Earthsea, Upgrading the Steam Controller's Stick: Links for the day
Leaks and Whistleblowers: Our Plan for Today: Society simply cannot advance when too many people self-censor
It's Not Justice When One Side Denies the Other Side the Ability to Even Speak: At this stage, Brett Wilson LLP is in my humble opinion acting in contempt of the Court
Links 13/10/2025: Australian Catholic University Uses Slop to Libel Students, Canada Threatens to Kill Beluga Whales: Links for the day
How Not to Silence Tux Machines (It'll Only Backfire, Badly): defending Microsoft while attacking this site
Slopwatch: UbuntuPIT and Google News: It seems abundantly clear that Google News and Google in general participates in the slop epidemic
Vincent Danjean (not INTERPOL), Claire Bardel & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Christmas lynchings: Martin Krafft (madduck), Penny Leach (mjollnir) & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Gemini Links 13/10/2025: Birthdays and "Committee Unable to Contact Nobel Prize Winner": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, October 12, 2025: IRC logs for Sunday, October 12, 2025
The Same People Who Attacked Richard Stallman (RMS) Are Attacking Daniel Pocock to Discourage People From Listening to His Information: Pocock is being demonised for the same reasons and by the same people who attack RMS
Your Typical Anti-Richard Stallman (RMS) Cancellist: "About the RMS cancellation"
Richard Stallman (RMS) Has Announced His Talk in Rome Less Than 20 Hours in Advance (and on a Sunday): Why did he wait until the night before?
We Are Safe in a Modern "Tech" Society, Right?: People are safer if they control their own computing
GNU Tools Cauldron Event in Portugal: Videos Now Available via Invidious: Go have a look
The Way Things Are Going, They May Soon Stop Saying "Web Address" and Instead Say "Chrome Address": The Web isn't built or based around open Web standards anymore. It's centered around user-agent.
Microsoft as a Golden Cage: "I was laid off by Microsoft and can't find a job. I'm weeks away from giving up my apartment and moving across the country to live with family."
Weekend Discussion About How IBM's Bluewashing of Red Hat Will Cause "Enshittification" for Users: "I worked at a software company that was acquired by IBM so I knew it was game over for RedHat the day they were acquired"
Brett Wilson LLP Getting Sued by Its Very Own Clients, a Legal Story That Has Made the Mainstream News (Law360): Law360 or Law.com are about as mainstream as one can get in that "sector" (litigation 'industry')
Slopwatch: GNU/Linux Sites That Became Slopfarms and Spamfarms: The Web is a mess and "Linux" or "Ubuntu" sites became part of the problem
Richard Stallman's Talk 25 Hours Away, Aula Magna Palazzo del Rettorato (CU001), Sapienza Università di Roma (Piazzale Aldo Moro, 5): The talk is 25 hours away and we see some QR code for it
Gemini Links 12/10/2025: Watches, the Depression of 2026, Gamboling with Odds: Links for the day
Links 12/10/2025: 'False' DMCA Claims and Slop Facing Perils Again (the Hype Wears Off): Links for the day
Microsoft Has Just Lost Privacy Case in Austria and Its Latest Moves Make a Complete Ban Seem Imperative: Microsoft is not a software company, it's a spying agency that uses software to collect data
The Register MS: Microsoft is the Security Expert, Not the Prime Culprit, So Buy More Microsoft: This front page feature is devoid of any actual substance, it's just Microsoft copypasta
Stefano Zacchiroli (Zack) & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Lucas Nussbaum & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Gemini Links 12/10/2025: "Palm Computering", Further Exploration of Slide Rules, and Key Takeaways from The Well-Grounded Rubyist: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, October 11, 2025: IRC logs for Saturday, October 11, 2025
Tomorrow: Founder of the Free Software Foundation and of GNU/Linux, Richard Stallman, Speaks in Roma (Rome), Italy at 4PM: GNU/Linux is more important than ever in this dystopian world
Microsoft and Apple Are Rare Topics in Geminispace: in Geminispace it's rather safe to assume everyone is into BSD, GNU/Linux, and sometimes retro

Latest Security Dangers Are Windows Only

Auditor: IRS Still Vulnerable to Cyber Breaches

Recent Techrights' Posts