04.01.10

Eye on Security: Windows Malware, Emergency Patches, and BeyondTrust’s CEO from Microsoft

Posted in Antitrust, GNU/Linux, IBM, Microsoft, Security, Vista 7, Windows at 8:54 am by Dr. Roy Schestowitz

Summary: Security holes — some of which highly critical — continue to be found in Microsoft software; Justification of skepticism when it comes to new ‘research’ from former Microsoft staff, based on Microsoft-supplied data

OVER the past few days we have gathered more evidence to show that security problems only affect/target Windows and that those who flatter Windows for security are often tied to Microsoft (Window Snyder is just one example).

Windows-only Threats

Download Squad has this new post which compares Norton’s Security Scan to malware (it sure takes up a lot of resources). Those who think it’s bizarre should check out this minor piece of FUD and the rebuttal from The Source.

Right, so the Murphy’s Law headline is “Stop Supporting Open-Source Bloat“, where the author goes on to decry shady tactics of several programs, like:

* Revo Uninstaller
* Digsby
* ImgBurn

…NONE OF WHICH ARE OPEN SOURCE

Ignorance or deliberate deception? Either way, it looks bad for Maximum PC. Windows problems are now being described as “Open-Source” for no apparent reason.

TechDirt shows how copyright scare is being used to install malware/back-doors on people’s Windows machines. This relies on the infamous click-to-execute mentality that’s so prevalent in the Windows world. Actually, Microsoft software also tends to execute arbitrary code when one just visits a Web page (Active X is notorious for this reason).

Microsoft Emergency

The security flaws are so serious that Microsoft has just released an “emergency” patch for no less than 10 holes in Internet Explorer (which Microsoft neglected to patch for many months, leading to otherwise-preventable chaos [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12]).

From The Inquirer:

SOFTWARE INSECURITY SISYPHUS Microsoft has released an out-of-cycle patch for users lazy or ignorant enough to still be using an old version of Internet Explorer.

It’s generally rare that threats are deemed serious enough for Microsoft to not wait until its next Patch Tuesday, which would be April 13th now, but a vulnerability hit Internet Explorer 6 and 7 that left them open to potential remote code execution.

More at CNET:

Microsoft issued an emergency security update on Tuesday to plug 10 holes in Internet Explorer, including a critical vulnerability that has been exploited in attacks in the wild.

The cumulative update, which Microsoft announced on Monday, resolves nine privately reported flaws and one that was publicly disclosed. The most severe vulnerabilities could lead to remote code execution and a complete takeover of the computer if a user were to view a malicious Web site using IE, Microsoft said in the bulletin summary.

Internet Explorer 8 is also affected.

BeyondTrust is Hard to Trust

BeyondTrust logo

Judging by previous incidents, past Microsoft employees who become 'researchers' typically produce output that's biased in Microsoft's favour. That’s why we decided to take a careful look at BeyondTrust. Their web site is all Microsoft stack-based (showing the lower probability that they understand security) and their CEO “spent seven years at Microsoft Corporation in a variety of executive sales and marketing positions,” according to the company’s own pages. “Sales and marketing,” eh? Now, we have already covered security problems Vista 7 suffers from, in a wide range of posts including:

“Statistics must not depend on Microsoft’s own data and presented in a favourable way by design.”This brings us back to BeyondTrust (wow, what a name!). Their latest promotion of Windows for security is quoted a lot by Microsoft boosters like Emil this week. They are measuring the wrong thing by wrongly assuming that Microsoft tells the truth about its patches. Microsoft is patching its software secretly a lot of the time. We saw that many times before and thus we urge people to be skeptical. Statistics must not depend on Microsoft’s own data and presented in a favourable way by design. Remember that there are “lies, damned lies, and statistics,” according to Benjamin Disraeli and others. There may also be reason for bias here.

Speaking of potential connections to Microsoft, an anonymous reader told us to “beware that TurboHercules might be financed by Microsoft”. This reader has not produced evidence to show what led to such suspicions (it may give away the identity), but as we recently showed, TurboHercules did join a Microsoft front. It aligned itself with Microsoft and companies/campaigns that are partly owned by Microsoft.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2010/04/01/skepticism-research/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. IBMFanboyMSHater said,

    April 1, 2010 at 11:18 am

    Gravatar

    I really liked the Hercules Software. Alas!

What Else is New

  1. Links 10/5/2021: Huawei's GNU/Linux Laptops and Kotlin 1.5.0

    Links for the day

  2. Richard Stallman on Writing rm, ls, and cp (Also Working on Bison)

    Dr. Richard Stallman, the Free Software Foundation's founder, explains what programs he developed in the eighties

  3. Raise the Roof

    Out comes the taxpayers’ subsidy, assured; with military the sky is the limit (and bailout guaranteed)

  4. Richard Stallman Replatformed 10 Hours From Now

    Link to the talk (when it goes live)

  5. [Meme] Bill Says, Bill Saves

    Bill Gates seems more likely to be indicted than to win a presidential election/term

  6. IRC Proceedings: Sunday, May 09, 2021

    IRC logs for Sunday, May 09, 2021

  7. According to the Wall Street Journal, Bill Gates’s Relationship with Jeffrey Epstein Caused the Bill-Melinda Divorce (While the Media Deflected to Dr. Stallman, Using a Phony 'Scandal')

    It’s becoming rather obvious that there’s real substance to accusations that Mr. Gates was in some sense enabling Jeffrey Epstein; while Gates-funded media told us that he was saving us from climate change and a pandemic (PR stunts for empathy and sympathy) Melinda worked really hard to distance herself from him, the father of her kids

  8. [Meme] Bill, What's Your Opinion?

    While it's ludicrous to insinuate that Mr. Gates somehow "started" COVID-19 he certainly "rode the wave" for reputation laundering purposes, profit, and distraction from scandals that precede the epidemic in China (and caused his marriage to break down)

  9. Links 10/5/2021: SystemRescueCD 8.03, KeePass 2.48 Released

    Links for the day

  10. How We Process and Upload Videos Hosted in Techrights

    With ffmpeg as the Swiss army knife (and various other utilities/programs ‘in between’) it’s possible to automate much of the pipeline associated with video production and self-hosting

  11. Richard Stallman's Free Software Speech in 2020 (FSF Turning 35)

    We've re-encoded (as WebM) the likely sole/only speech Richard Stallman gave about his movement last year; today seems like a suitable time to republish it because tomorrow a British university/group will replatform him (to use their term)

  12. The Chaos Theory

    Making GNU/Linux less stable and less predictable isn't good for GNU/Linux users; but it certainly helps sell Red Hat support contracts and vexation inside the community weakens Red Hat's competitors

  13. Gemini and Techrights: Still Growing in Gemini Space and Always Supporting/Loving the Protocol

    As we continue to expand in Gemini space (where our very large site became a very large and likely the largest capsule) it's worth explaining some of the overlooked merits of the protocol; unlike the World Wide Web (WWW) it does not impose things on the user/visitor, who is more or less in charge

  14. Links 9/5/2021: KDE Frameworks 5.82.0 Release and Patents Related to COVID Subjected to Waivers

    Links for the day

  15. Act More 'Professional' to Appease Mobs

    We should all think alike, dress alike, and like everybody (especially the business overlords)

  16. IRC Proceedings: Saturday, May 08, 2021

    IRC logs for Saturday, May 08, 2021

  17. Some Background on the Free Speech Society at the University of Buckingham, Where Richard Stallman is Being 'Replatformed'

    A private British university, the University of Buckingham, will 'host' (virtually) the most-defamed person in the Free software world; the Free Speech Society is only two years old and rationality for its existence is explained by its co-founder James Oliver

  18. Web Sites or News Sites Perish When Their Arguments Are Weak and/or Invalid

    "Just be honest!" is a simple motto for any site; but some sites sell out in pursuit of money or grandiosity, unlike us (we turned 14.5 years old on Friday)

  19. GNU/Linux Turns 38 (in 4 Months From Now)

    Contrary to what the Linux Foundation wants you to think, the operating system turns 38 later this year

  20. Richard Stallman: Steve Jobs Did Some Very Bad Things

    Dr. Richard Stallman told me about Steve Jobs that he had helped digitally imprison computer users

  21. GNU/Linux Founder Richard Stallman to Give a Talk at the University of Buckingham Tomorrow (Live Stream)

    Tomorrow it will be possible to watch this new talk live using Free software

  22. Then We Take Berlin...

    Homage to EPO, based in Munich and Berlin (and defended by the government in Berlin)

  23. The Right to Assemble, Fundamental Rights of Ownership, and Many Other Rights Are Under Attack

    Techrights will be dealing a lot more with erosion of what people have come to assume were “rights” (real rights, such as human rights, labour rights, not copy “rights” or patent “rights”); when rights are reduced to rubble the long-term consequences are severe, shows history

  24. TechBytes Episode 91: End of Privacy and End of Windows 10X

    Tim and Roy produce their 2nd audiocast since TechBytes returned

  25. The Cancel Song

    People who work for (or receive funding from) Nazi-associated IBM are still trying to turn the work/legacy of Richard Stallman (RMS) into dust/ashes

  26. Pro-Software Freedom Advocates and Free/Libre Software Supporters Face Barriers Due to Domination of Communication Channels (Beyond the Media)

    A carefully-checked assessment of an overlooked aspect surrounding the 'cancel mob', which incites and brainwashes people based on lies; there's an attempt to control channels of communication (e.g. Open and Free Technology Community and Freenode) and to generally suppress people who support the founder of GNU/Linux

  27. Bashing Free Software and GNU/Linux is a Terrible Business Model for Publishers

    Contrary to unflattering portrayals by hostile media that's sponsored by foes of Free software, the usage of Free software grows, even if things such as DRM and surveillance stand in the way of software freedom (which was wrongly assumed to be ushered in by Free software, irrespective of malicious features like 'telemetry')

  28. Links 8/5/2021: GIMP 2.99.6, Wine 6.8 Released

    Links for the day

  29. IRC Proceedings: Friday, May 07, 2021

    IRC logs for Friday, May 07, 2021

  30. [Meme] Outsourcing Audacity Development to Microsoft Proprietary Software and Then Copying Microsoft Tactics (and 'Telemetry')

    They've had the audacity to call it "telemetry" and pretend that surveillance companies (spying giants) cannot figure out who you are based on IP addresses

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts