01.22.09

One Windows Worm, One Week, and Possibly 250,000,000+ New Windows Zombies

Posted in Microsoft, Security, Windows at 6:14 am by Dr. Roy Schestowitz

Time for urgent “Change”

THIS IS A HUGELY important issue that we tracked a few days ago. We already knew that almost 1 in 2 Windows PCs had become zombie PCs, but it keeps getting worse. According to this report, as many as one in three Windows PCs may have been occupied by one single worm in a matter of just days! That’s how serious it is.

The computer worm responsible for the biggest attack in years has infected at least 1 out of every 16 PCs worldwide, a security company said Wednesday, and may have managed to compromise as many as nearly 1 in 3.

This may be the right time to contract law-makers or regulators and make a request for new laws to be applied to bad platforms that can leave people dead.

The victims of this latest storm are so many and the BBC says that even a UK-based Fire and Rescue service is downed by its use Windows, which came under virus attack.

Strathclyde Fire and Rescue has said its IT network has “come under attack from a computer virus”.

Once again, this is costing lives.

Vista and Vista 7, as we pointed out a few days ago, are not immune. It’s more of the same.

Windows worm trickery for Vista

The Conficker virus has opened a new can of worms for security experts.

Drives such as USB sticks infected with the virus trick users into installing the worm, according to researchers.

Microsoft would like naive reporters to propagate the perception that this could happen to anyone, but it was Microsoft itself that said: “Our products just aren’t engineered for security.” Well, now they find out?

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2009/01/22/downadup-disaster-peaks/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

8 Comments

  1. David Gerard said,

    January 22, 2009 at 9:50 am

    Gravatar

    I’m quite pleased to see that press articles I’ve seen on the subject make it clear this is a Windows problem, not one that affects all computers.

    (One story suggested in the headline it would affect Linux systems running Wine – which is a real concern, as Wine is good enough to run most worms – but the end of the story asked if anyone had seen Conficker running in Wine and could verify it actually did anything. ?!)

  2. Roy Schestowitz said,

    January 22, 2009 at 10:27 am

    Gravatar

    That’s like saying that the chef is dangerous because he carries a knife (for chopping carrots and stuff).

  3. David Gerard said,

    January 22, 2009 at 10:38 am

    Gravatar

    Well, yeah. It’s quite easy for an app to break out of its WINEPREFIX (referred to as “bottles” in CrossOver), so Wine-aware malware could certainly trash your home directory, try to read your Firefox passwords, etc. (This is not easy to reliably secure against, and the Wine project isn’t bothering to try. If you really want to run toxic waste in Wine, create a new user and do it there.) However, much like theoretical Mac OS X or Linux viruses, there remain 0 examples in the wild.

  4. David Gerard said,

    January 22, 2009 at 10:39 am

    Gravatar

    The key point was, the article was basically an attention-grabbing headline that was actually a complete lie. Ad-banner trolling.

  5. Roy Schestowitz said,

    January 22, 2009 at 10:44 am

    Gravatar

    Which article?

  6. David Gerard said,

    January 22, 2009 at 3:25 pm

    Gravatar

    This one:

    http://network.itproportal.com/articles/2009/01/21/linux-windows-7-beta-could-be-hit-downadup-worm/

    Page 1: “Furthermore, there are rumours that even Linux could be affected by the Worm if they run Wine, an application that allows Linux to execute programs written for the Windows environment. In theory, the virus would only affect the Windows partition rather than the whole operating system.”

    Page 2: “It would be great if someone could confirm the Linux rumours and Wine’s autorun.inf capabilities.”

    i.e. we made up some rubbish to give a splash headline.

  7. Roy Schestowitz said,

    January 22, 2009 at 3:30 pm

    Gravatar

    Extra extra!

    Chef Could Murder Waiter

    Page X: “It would be great if someone could confirm the chef cut the waiter and not onions.”

  8. Yggdrasil said,

    March 31, 2009 at 7:18 pm

    Gravatar

    Where exactly do you get this figure of 250 million? That number is 100 million more than the total number of Internet users in the United States alone. One of your references from Panda Security suggests rates anywhere from 1 in 16, all the way to 1 in 3. Why so high? Because as the article states, Panda security based this data on machines that had come to the website to have their machine scanned. Imagine the percentage of people who go to the doctor due to symptoms of illness, you might find a high percentage who are sick. Everything else was pure speculation, with little hard evidence. While, I’m not surprised you use the worse figure you could find, I’m surprised you don’t better analyze the sources you use to test their integrity. This reflects poorly on you.

    Late January, UPI reported 15 million Conficker infections:

    http://www.upi.com/Top_News/2009/01/25/Virus_strikes_15_million_PCs/UPI-19421232924206/

    But the real nitty gritty from the article is here:

    “Symantec noted on its blog last week that very few computers in North America had been infected, a trend which it attributed to the greater prevalence of legal and fully patched software.”

    In several other places on this site you note that there is no way to be safe with Windows, yet as the article shows, legitimate installed were not affected. Not only because security updates are downloaded, but since XP SP2 the Windows Firewall is enabled by default.

    While you dispute the obscurity of Linux on the desktop, it’s interesting to note that even popular distros like Ubuntu do NOT have a firewall enabled be default. This is unwise, regardless of how many countless security updates are installed.

What Else is New

  1. Politicians Need to Crack Down on Microsoft's Monopoly Abuse Amid Yet More Attacks on Linux (Even From the Inside)

    The most abusive 'tech' company (akin to a cult disguised as "software company" since the 1970s) is distracting lawmakers and attacking Linux from the inside; thankfully, those insipid plans of theirs face major backlash from longtime kernel developers and GNU/Linux users

  2. [Meme] Timely Timing?

    There’s a hearing next week and the timing is a bit interesting (journalists away from their desks, most English-speaking lawyers also on holiday)

  3. IRC Proceedings: Wednesday, June 23, 2021

    IRC logs for Wednesday, June 23, 2021

  4. Virtual Injustice -- Part 15: A Pandora's Box... But for Whom?

    EPO insiders suspect that Campinos is trying to supplement the "absentee governance" of the Administrative Council with a new layer of "remote management" based in Alicante

  5. Links 24/6/2021: End of Akademy 2021 and Good News From SCOTUS (About PTAB)

    Links for the day

  6. Links 23/6/2021: TeXmacs 2.1 and Blender LTS Support

    Links for the day

  7. How to Install and Then Use NetSurf as a Web Browser for the User-Centric Web, Not 'GAFAMNet'

    Today we take a quick look at what it's like to actually install NetSurf (some distros, like some Xfce-based ones, are bundled with it); we then take it for a spin

  8. Shifting Back to Fundamentals and Basics of the World Wide Web (and Gemini)

    Gemini protocol or simplified Web might be the way to go; it's easier to maintain, secure, and it's vastly better in terms of performance

  9. First I Came

    Time after time people will be reminded — or learn the hard way — that self reliance and avoidance of disappointment typically requires self-hosting, proper standards, free software, and simplicity, not outsourcing, large frameworks, and other kinds of unnecessary complexity

  10. IRC Proceedings: Tuesday, June 22, 2021

    IRC logs for Tuesday, June 22, 2021

  11. Time for Linus Torvalds to Enforce and Protect His Brand From Misuse by His Employer, the So-called 'Linux' Foundation

    The gross misuse or misapplication of the brand "Linux" is being highlighted in this video about the latest examples. It has gone too far; whether Linus Torvalds wishes to rock the boat that’s the so-called ‘Linux’ Foundation is totally up to him, but it might help if people contact him directly, especially longtime users and proponents of GNU/Linux.

  12. Links 23/6/2021: WordPress 5.8 Beta 3 and More Openwashing by LF

    Links for the day

  13. Links 22/6/2021: KDE Plasma 5.22.2, FreeBSD 13.0 Compared to DragonFlyBSD 6.0

    Links for the day

  14. “Linux Foundation Partners With Microsoft” Again

    Jim "Open Source Loves Microsoft" Zemlin shows (or rears) his face again, and as usual it’s just more promotion of marketing rubbish and openwashing of Microsoft (several new partnerships with Microsoft announced just hours ago)

  15. Links 21/6/2021: NVIDIA’s DLSS and Most Beautiful GNU/Linux Distributions

    Links for the day

  16. Neil's Misgovernment

    The GNOME Foundation has one member of staff fewer; the attack on the founder/father of Free/libre software activism and GNU (the "G" in GNOME) failed and backfired spectacularly

  17. IRC Proceedings: Monday, June 21, 2021

    IRC logs for Monday, June 21, 2021

  18. Virtual Injustice -- Part 14: How Mandatory ViCo Became the “New Normal”

    How mandatory ViCo hearings gradually became the "New Normal" at the EPO

  19. Links 21/6/2021: Rocky Linux 8.4, IPFire 2.25 - Core Update 157, and SUSE Linux Enterprise 15 SP3

    Links for the day

  20. There Are Bigger Scandals Than Revisionism and Brand Dilution at the Linux Foundation

    There are some misconceptions that need tackling; back in February (more than 4 months ago) the so-called 'Linux' Foundation decided to associate with yet another controversial drive that has nothing to do with Linux; some people think it's a new thing and leap to conclusions

  21. Techrights Video Gallery Without JavaScript

    Some of the improvements made this morning to the gallery of recent videos

  22. IRC Proceedings: Sunday, June 20, 2021

    IRC logs for Sunday, June 20, 2021

  23. Links 21/6/2021: Linux 5.13 RC7, IRC.com by Freenode

    Links for the day

  24. Virtual Injustice -- Part 13: Let the Games Continue…

    "It would be nice to think that the events of 28 May have given the Enlarged Board pause for thought."

  25. Links 20/6/2021: Akademy 2021 Underway and Linux Foundation Blasted

    Links for the day

  26. EPO: Fake Patents, Fake (Paid-for) Patent Coverage, and Fake Awards for Public Relations Purposes

    The media has been thoroughly corrupted, patent legitimacy has been severely damaged (far too many European Patents aren't in compliance with the EPC anymore), and Team UPC is trying to undermine the EPC and turn Europe into another Texas

  27. Changes in IRC and New Features Over Gemini Protocol or the World Wide Web

    We examine more closely some of the latest changes in the site and the capsule (Web and Gemini, respectively); we show that it’s possible to keep abreast of IRC using nothing but a text editor, a Gemini client… or even the command line alone

  28. IRC Proceedings: Saturday, June 19, 2021

    IRC logs for Saturday, June 19, 2021

  29. We Need and Deserve a Saner Patent System in Europe

    The laughing stock that the patent system, the patent law firms, and patent media became (over the past few years) must be replaced; at the moment we have a cabal connected to a bunch of criminals running the entire show and the public understandably grows impatient (at least people who are sufficiently informed; the criminals have already intimidated and bribed a lot of the media and they're still bribing more of it, as we shall demonstrate later today)

  30. [Meme] IRC Wars in a Nutshell

    In terms of large IRC networks, we’re in trouble (unless we self-host) because they seem to be dividing themselves along political lines rather than anything technical or something of an on-topic/relevant substance. Using networks for Free software projects/organisations to push one’s political agenda is not acceptable because it’s starting to seem like in IRC space, FN has become the Front Nationale (French) and LC is Liberal Coalition. Both FreeNode and Libera Chat have managed to turn from technical platforms into political parties, in effect using technical networks (intended for technical projects) to push someone's political agenda and thus misusing them for personal gain. There’s no free lunch. As it turns out, FreeNode’s new owner (Andrew Lee) has just outed himself as a huge Donald Trump supporter who speaks of “these fuckers who stole that shit” (he meant the election, which he insists Trump actually won in 2020).

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts