Bonum Certa Men Certa

Latest Security Dangers Are Windows Only

More than a million PCs turned to zombies

NOT A WEEK goes by without new dangers to users of Windows, and it's only fair to list the latest examples since it falls within our scope.

USB drives continue to be a risk to Windows because of the way the operating system handles devices insertion (namely execution) and the privileges it hands over to untrusted code.

Businesses who may not have applied a Microsoft patch issued last year are now being attacked by a worm targeting the vulnerability.

Multiple security organizations have issued warnings about the worm, deemed Downadup, which attacks the vulnerability outlined in the Windows Server service flaw, MS09-067, that was patched last October, Zdnet.com reports. The worm uses a dictionary attack in an attempt to crack user passwords, as well as using "server-side polymorphism and modification to the Access Control Lists."


According to this report from The Register, the Major League Baseball (MLB) Web site is serving malware which is only Windows compatible. The click-to-install or drive-by-install (ActiveX) paradigm takes its toll.

Once again, Major League Baseball's website has been caught serving ads designed to infect its considerable base of visitors with malware that trashes their machines.


With so much malware afloat, it's hardly surprising that almost 1 in 2 PCs is a zombie PC and it keeps getting worse. (emphasis below is ours)

The Storm Worm has been causing havoc for over two years now, transforming more than a billion computers into drones. Following a surprisingly unsuccessful mission by Microsoft’s Malicious Software Removal Tool around 100,000 drones still remain.


This fight is being taken to the Web as well. NATO's Web site has just been cracked, as well as Web sites of the United States military.

The attacks on Thursday took down the Web sites for The United States Army Military District of Washington and the NATO Parliamentary Assembly, according to Zone-H, a Web site that tracks defacement activity.


The IRS, which is most likely operating in a Windows-based environment, may suffer a similar fate.

Auditor: IRS Still Vulnerable to Cyber Breaches



"These deficiencies represent a material weakness in IRS's internal controls over its financial and tax processing systems," the GAO report said. "Until IRS takes these steps, financial and taxpayer information are at increased risk of unauthorized disclosure, modification, or destruction, and the agency's management decisions may be based on unreliable or inaccurate financial information."


Well, at least no lives at risk this time around... 'just' people's finances. How reassuring.

breaking the bank
Cracking the bank

Recent Techrights' Posts

Parties and Milestones Again
we've begun putting up about 40 balloons
Microsoft is Disloyal Towards Its Most Loyal Employees
Against its most faithful enablers
Following the Line of Cocaine All the Way to the Top
Even a million denials and spin-doctoring won't distract from the core issue
Thankfully We've Made Copies of More Interesting Data From statCounter
If statCounter (the Web site or the 'webapp') vanished overnight, we'd still have something left of it
More Silent Layoffs at IBM/Red Hat
when the media counts such layoffs or presents tallies the numbers are very incomplete
 
Google News Drowning in Slop (and Slopfarms That Hijack About Half the Results)
Google News seems to be drowning in this stuff
Gemini Links 28/10/2025: "How to Maximize Your Positive Impact" and ASCII Art and Artist Attribution
Links for the day
PETA and Activism
Being staff or volunteer in PETA isn't easy
Big Blue, Huge Debt
debt will soar again
Links 27/10/2025: Mass Surveillance Sold as "AI", People Reluctant to Lose Physical Media
Links for the day
Techrights' 19th Anniversary: Bronze
Time to go back to preparing for this anniversary
Our Latest European Patent Office (EPO) Series Will Last Several Weeks, Will Ask the EPO Management and the European Union (EU) Very Difficult Questions
If nobody loses a job (or jobs) over this, then the EU basically became no better than Colombia or Nicaragua
Slopwatch: LinuxSecurity, UbuntuPIT, Brian Fagioli, and Google News
We focus on stories that are fake or LLM slop that disguises itself as "news" about Linux
Links 27/10/2025: Wikipedia Vandalism, Bruce Perens Opens up on Childhood
Links for the day
This Site Could Not be Done by LLMs Even If It Wanted to (Because It's Not a Parrot of What Other Sites Say)
LLMs have no knowledge or deep understanding
19 Years, No Censorship
No factual information is ever going to be removed, more so if it is in the public interest
We Are Not a Conventional Site, That's Why They Hate (or Love) Us
Throughout the week this week we'll be focusing on the EPO
The Cocaine Patent Office - Part I: António Campinos Brought Corruption and Nepotism to the EPO, Then Came the Cocaine
High-level manager at the European Patent Office (EPO) caught in public with cocaine, the Office has some answering to do
Purchasing/Possessing Computers Isn't the Same as Controlling Computers
Let's strive to put computers back under the control of their users, no matter who purchased these (usually the users)
Gemini Links 27/10/2025: Alhena 5.4.3 and Fixing Bash
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 26, 2025
IRC logs for Sunday, October 26, 2025
Links 26/10/2025: Microsoft Spies on Gamers, Open Transport Community Conference
Links for the day
Links 26/10/2025: LLM Slop / Plagiarism Programs Continue to Disappoint, CISA Layoffs Threaten Systems
Links for the day
Gemini Links 26/10/2025: Gemsync and Joining the Small Web
Links for the day
India.com a Click-baiting, SEO-Spamming, Slopfarming Heap
They do this almost every day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 25, 2025
IRC logs for Saturday, October 25, 2025
Without XBox Consoles, XBox is No More, It's Just a Brand (More Rumours of Microsoft Ending XBox, Then Laying Off Lots of Staff)
All signs indicate that Microsoft wants to "exit" the XBox business (not brand), but it does not want to publicly admit this as it would alarm staff and shareholders