Eye on Microsoft: Windows (In)Security in the News
- Dr. Roy Schestowitz
- 2009-04-24 10:24:19 UTC
- Modified: 2009-04-24 10:24:19 UTC
●
Windows Trojan That Infected Over 3.6 Million PCs Evolves with Worm Behavior
One of the top families of malicious code targeting the Windows platform has evolved with the addition of worm behavior, Microsoft warns. According to data made public via the Microsoft Security Intelligence Report, the Win32/Vundo Trojan infected over 3.6 million computers in the second half of 2008, and occupies the third position in a malware ranking behind Renos and Zlob. Vundo is a family of malware with various components that are designed to serve victims 'out of context' pop-up advertisements following infection. Microsoft warns that the Vundo family of malicious software can also
be used to download and execute arbitrary files.
●
One bot-infected PC = 600,000 spam messages a day
TRACElabs concluded that Rustock and Xarvester, the latter perhaps linked to the down-and-out Srizbi botnet, are the most efficient spam spewers of the nine bots. Each is capable of sending up to 25,000 messages per hour, or 600,000 per day, and 4.2 million per week.
●
Updated research of the largest base of real-world vulnerability data
4. Exploitation - Eighty percent of vulnerability exploits are now available within single digit days after the vulnerability’s public release. In 2008, Qualys Labs logged 56 vulnerabilities with zero-day exploits, including the RPC vulnerability that produced Conficker. In 2009, the first vulnerability released by Microsoft, MS09-001 had an exploit available within seven days. Microsoft’s April Patch Tuesday included known exploits for over 47 percent of the published vulnerabilities. This law had the most drastic change from the Laws 1.0 in 2004, which provided a comfortable 60 days as guidance.
Recent Techrights' Posts
- Rewriting Things in Rust
- How far would you go?
- What Microsoft Reputation Laundering (With a Weaponised Law Degree) Looks Like in a Foreign Continent
- You would expect this in uncivilised and primitive countries
- Slopwatch: LLMs 'Write' Fake or Distorted 'News' About "Linux"
- LLM slop disguised as news
-
- “Twibel” Actions Against Comedians (and Why It's a Truly Low Blow)
- they try to make up in quantities for a lack of merit or quality
- Linux Foundation Apparently Flirting With Slop (Marketing by LLM-Generated SPAM)
- The Web is in a really bad state!
- COVID-19 Sped Up Site Improvements in Techrights
- A few months later we created our very own IRC network
- Gemini Links 05/07/2025: Negative Questions and 'Touching Grass' (Going Outside)
- Links for the day
- Links 05/07/2025: Dalai Lama Succession as 90th Birthday Approaches, 40 deg C in China
- Links for the day
- Links 05/07/2025: Hungary and US Defecting to Russia, "Google's Hotseat Hypocrisy"
- Links for the day
- Gemini Links 05/07/2025: 4th of July 2025 and "Zig Roadmap 2026"
- Links for the day
- How to Combat the Exploitation and Abuse by Microsoft GitHub
- Not to mention corruption and crimes against women
- Bryan Lunduke is Actually Sending His Audience to Attack People
- "[Lunduke] is actually sending his audience to attack people."
- Even The Right Wing is Rejecting Bryan Lunduke
- no wonder he became so irrelevant and marginal
- Microsoft's MSN Helps Microsoft Spread Lies About the Layoffs' Scale (Well Over 25,000 People Laid Off This Year)
- There seem to be monopolies on lies and on truth
- The Death of X Has Been Greatly Exaggerated (by Compromised Media)
- X.Org Server is alive and well
- In 2025 Everything is "AI". Remember Blockchains?
- Talk about what companies and things (services, products, software) actually do, not the labels they use
- Julian Assange Has Been Free for a Year
- Julian Assange and I disagreed on some things
- Monopolies and Scalping
- Monopolies gravitate towards price hikes
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, July 04, 2025
- IRC logs for Friday, July 04, 2025
- Microsoft's August Layoffs Wave: "August is Confirmed for Additional Performance Based Cuts"
- "August is confirmed for additional performance based cuts from the recent connects along with additional organizational cuts."
- Links 04/07/2025: Google Replaces the Web With Slop, "AI Might Kill Us All"
- Links for the day
- Gemini Links 04/07/2025: Mindfulness and F1
- Links for the day
- Weeks After Microsoft Bankruptcy in Russia the Company Shuts Down in Pakistan, Too
- Last month Windows' share in Pakistan fell to an all-time low
- Rob Musial's June 2025 Additions of Malware in Proprietary Software
- Via the GNU Web site this week
- Links 04/07/2025: Microsoft's H-1B Visa Applications Show Another Crisis Unfolding, Many More Deep Cuts and Shutdowns Revealed, Complete Microsoft Exits
- Links for the day
- Gemini Links 04/07/2025: A Day To Remember and "Stop Killing Games"
- Links for the day
- Crime and Corruption at Microsoft GitHub Cannot be Covered Up by SLAPPs in Another Continent
- We'll write about this for a long time to come
- Slop Videos Are Disappointing Garbage, Nothing New, Just Brute Force up on Display or a Pedestal of Slop
- Slop videos aren't a new thing
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, July 03, 2025
- IRC logs for Thursday, July 03, 2025
- The War on Local Storage (People Hosting Their Files Locally and Privately)
- There's nothing wrong with controlling one's computing
- What Digital Independence Means
- Independence in the digital realms means abandoning platforms like GitHub, not just rejecting proprietary software
- NVidia is a Bubble
- they temporarily see fortunes and wrongly assume perpetuity thereof
- Fedora Does Not Care About Diversity and Inclusion, It's About Optics (Corporate Image)
- any notion of inclusion is superficial and misleading
- Don't Buy the Excuses for Microsoft's Mass Layoffs
- Back in the 90s, Microsoft bought a lot of companies to get and stay ahead
- Happy Independence Day to Our American Readers
- Maybe tomorrow will be a good opportunity to explain to American people - in terms of concepts, not brands - which tools respect their independence
- Slopwatch: Linux Journal, Linuxsecurity, and Google News Getting Even Worse (More Slopfarms Added Which Attack Linux With Bruce-Force SPAM)
- Google News is part of the same problem
- Links 03/07/2025: More Cuts and Cancellations at Microsoft Revealed
- Links for the day
- Gemini Links 03/07/2025: Favourite Child and Launching WikiGem
- Links for the day
- GNU/Linux is Replacing Microsoft Windows. But We Need to Eradicate Microsoft, It's a Hub of Crime.
- I have been writing about Microsoft since the 1990s when I was in school
- Mystery Surrounding the PCLinuxOS Sites and PCLinuxOS Magazine
- Let's hope this isn't something major
- People and Companies Do Learn Some Lessons From Their Mistakes (Stubborn Ones Don't)
- Brett Wilson LLP is an example of one that would rather drown in mistakes
- Links 03/07/2025: 'Hey Hi' Slop Ridiculed Some More and Microsoft's Layoffs Tally for 2025 Reaches About 29,000 in Just 6 Months (Almost 5,000 Per Month)
- Links for the day
- Microsoft Staff Harassing Women, Strangling Women, Telling Women to Kill Themselves and Worse? Not a Problem!
- Two women have left Brett Wilson LLP
- The Slopfarms Are Losing the Plot (and Google is Propping Up Rogue Sites)
- Google is part of the attack on the Web, on information, and on technology
- New BetaNews Realises There's No Potential or Future in Slopfarms, Prior Editor Wayne Williams is Back
- They realise that slop (so-called "AI") cannot replace humans
- Claims That Microsoft Looks for Staff That Works More and Gets Paid Less (or Can Only Code by Grabbing Other People's Code, Under the Guise of "AI")
- People can form their own opinion
- Richard Stallman Was Right About Reasons Not to Use Microsoft
- last updated 2017
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, July 02, 2025
- IRC logs for Wednesday, July 02, 2025
- Gemini Links 03/07/2025: No to Cloudflare and Small Web July
- Links for the day