Eye on Security: Windows is Vulnerable, GNU/Linux is Not
- Dr. Roy Schestowitz
- 2010-06-11 21:17:22 UTC
- Modified: 2010-06-11 21:17:22 UTC
Summary: Today's examples of security weaknesses in Windows (which help justify Google's recent abandonment of Windows on the desktop)
●
Microsoft Security Vulnerability Disclosed (no
silent patches yet?)
Microsoft was left racing to patch a Windows Help and Support Center vulnerability after Tavis Ormandy, an information security researcher who's charged with keeping Google's products secure, Thursday publicly disclosed both the bug as well as proof-of-concept attack code.
Ormandy reportedly informed Microsoft of the vulnerability on Saturday, June 5, and Microsoft acknowledged receipt the same day. Five days later, however, Ormandy went public with a posting to the Full Disclosure mailing list. Later that day, Microsoft issued its own vulnerability announcement.
●
Bug gives attackers complete control of Windows PCs [
via]
A security researcher has warned of a vulnerability in older versions of the Windows operating system that allows attackers to take full control of a PC by luring its user to a booby-trapped website.
The flaw resides in the Windows Help and Support Center, a feature that provides users with online technical support. Malicious hackers can exploit the weakness of Windows by embedding commands in web addresses that activate the feature's remote assistance tool, which allows administrators to execute commands over the internet. The exploit works in XP and Server 2003 versions of Windows and possibly others.
●
Malware Squared
Use browsers and operating systems that are more secure. Get away from the monopoly OS that is the main target of attacks. Cut down your risk by a factor of 1000 or so by a single step, migrating to GNU/Linux. It makes sense.
Recent Techrights' Posts
- Some Large German Media Covers Richard Stallman's Talks in Germany Earlier This Week
- LLM-based chatbots are just "bullshit generators" (as he has long called them)
- Trouble in Red Hat/IBM and a Retreat to Ponzi Economics in Search of Wall Street Market Heist
- Would you invest your life savings in this kind of crap?
- Who Asked Software in the Public Interest (SPI) for a Refund? ($100,000, Resulting in Losses of $267,201 in 12 Months, Highest-Ever Losses)
- The IRS does not reveal who or what's tied to this refund (or the cause/reason)
-
- Why We Support Richard Stallman and You Probably Should Too
- It's not about being "Richard Stallman fan", it is about maintaining the right to hold positions (on technology) like his
- Linux Foundation Uses LLM Slop to Promote Microsoft in Linux.com (Again), Rendering It a Linux-Hostile Slopfarm
- Openwashing with slop by "Linux.com Editorial Staff", which basically seems to be a bot
- Links 23/10/2025: Windows TCO Galore and "The Internet Is Going to Break Again"
- Links for the day
- Social engineering attack: Debian voted to trick you on binary blobs
- Reprinted with permission from Daniel Pocock
- Techrights Will Always Stand for Women's Rights
- We even invest money - personal savings that it - in our principles
- Certified Lawyers Should Know Better (Than to Intimidate Us With Man Who Drives on Motorcycle Through a Really Bad Storm Between Distant Cities, Then Collects Photos of Our Home)
- Mentioning someone was in prison for bad things isn't a crime, it's a public service
- The "AI" (Slop) Bubble is Already Imploding
- "ChatGPT Usage Has Peaked and Is Now Declining, New Data Finds"
- The So-called "Sexy" Buckets (AI, Quantum) Cannot Save IBM From Reality, Shares Tank
- "No matter how much financial hocus-pocus they use to reclassify revenues to land in the "sexy" buckets (AI, Quantum), it still smells old and musty - just like this company."
- Paul Krugman is Wrong About the Scope of Mass Layoffs in the United States
- A few years ago society was accelerating its journey towards feudalism, boosted by COVID-19
- Links 23/10/2025: Proprietary Blunders and CISA's Latest Disclosure of Holes
- Links for the day
- Gemini Links 23/10/2025: Fast Past (F1), 99.9% Uptime
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, October 22, 2025
- IRC logs for Wednesday, October 22, 2025
- Slopwatch: Google News is Promoting Fake 'Articles' About Fake Xubuntu, Fake Articles About Replacing Windows With GNU/Linux
- The quality of the Web deteriorates and unless someone cleans up the mess, real sites will lose an incentive to produce anything
- When "AI Layoffs" Mean Layoffs Due to the "AI" Bubble Popping
- many people that are laid off by Microsoft claim to be specialists in "AI"
- Mysterious grant forfeited, $100,000 from Software in the Public Interest accounts 2023
- Reprinted with permission from Daniel Pocock
- Evidence: bullying, student union behaviour: Armijn Hemel's FSFE resignation
- Reprinted with permission from Daniel Pocock
- Evidence: psychological abuse, stalking, Galia Mancheva, Susanne Eiswirt ignored by FSFE judgment for Matthias Kirschner
- Reprinted with permission from Daniel Pocock
- Helping FSFE scam victims and conference organisers
- Reprinted with permission from Daniel Pocock
- Nigerian fraud in FSFE constitution
- Reprinted with permission from Daniel Pocock
- Worrying and Amusing Stories of "Clown Computing" Gone Awry
- Many of these disasters could be avoided
- Links 22/10/2025: Amazon Plans to Replace Workers With Robotics, AWS and Clown Computing in General Ridiculed
- Links for the day
- Gemini Links 22/10/2025: Niri Completely Changes Multitasking and Overview of Diff-ers
- Links for the day
- Links 22/10/2025: Study on Misinformation by Slop and Heavily Debt-Sabbled Microsoft OpenAI (ClosedSlop) Uses "Browser" as Gimmick/Distraction
- Links for the day
- They've Already Spent Close to a Million Dollars on Lawyers and Sent Us About 50 KG of Legal Papers (Sponsored by Mysterious Third Party) to Try to Censor Techrights, Without Success
- They try to overcompensate with sheer volume for a lack of solid, clear arguments (we are the victims here)
- 12 Months Ago the 'Hulk Hogan of UEFI' Officially Went 'Tag-Team'
- We're actually sort of flattered or proud that such despicable people are so desperate to censor us
- "Cloud Computing" Was Always a Joke, But This Week Was the Punchline
- Maybe stop following tech trends and fashions
- "Cloud Computing" Does Not Mean Safety
- Fault tolerance is related to the notion of software freedom
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, October 21, 2025
- IRC logs for Tuesday, October 21, 2025
- The Fall of Windows: From Something to Nothing
- Of course Microsoft will pretend everything is fine and "just trust the hey hi" (AI)
- Sounds Like Fedora is Ready to Become Less of a Slave of Microsoft (GitHub)
- This seems like a belated move in a positive direction
- XBox is a Dead Microsoft Product in a Dying Industry
- It's probable that another wave of XBox layoffs is just over the horizon (maybe even before month's end)
- Progress on Techrights Site Search
- Fun times
- IBM's Bluewashing of Red Hat Means the Layoffs Are Silent, Barely Reported
- Don't wait to hear about "Red Hat layoffs"
- Gemini Links 21/10/2025: Happy Disconnection, AWS Falling Apart, Closing of Gemlog Blue
- Links for the day
- Full Audio of Today's Richard Stallman Talk in the Technical University of Munich
- Free/Libre software and freedom in the digital society
- Microsoft XBox is Just Vapourware (Promises of Hardware That Doesn't Exist), Real Products Perish
- just as developers lose interest in developing for XBox Microsoft is increasing the costs imposed upon them
- Slopwatch: Fake Articles (Slop) in "Linux" Clothing in Google News (Noise)
- all about what Google does
- Links 21/10/2025: Even "Inventor of Vibe Coding" Rejects Vibe Coding, USPTO Experiments With Slop in Examination
- Links for the day
- Richard Stallman Talk Now Available for Viewing (Archived Copy, Not Live-streamed)
- This recording is over 2 hours old
- Links 21/10/2025: AWS-Induced Chaos and Social Control Media Curbs
- Links for the day
- Gemini Links 21/10/2025: Programming, StarGrid, Brand-New Palm OS Strategy Game in 2025, and Chatbot as Addiction Mechanisms
- Links for the day
- The African Lion and the American Cowards
- Safaris exist for people to watch and enjoy animals
- Amazon Web Shenanigans Perfectly Timed for Today's Talk by Richard Stallman
- Maybe listen to him instead of looking for excuses to ridicule the messenger
- Mission:Libre Has Taken Off (Project by Carmen Maris)
- there will be a lot more to report on next month (after the event)
- Techrights to Publish More EPO Leaks Next Week
- We're meanwhile also doing lots of work on search, whose interface now looks better
- Links 21/10/2025: 'The Lost Art' of Neon Signs and Twitter (X) to Enable Identity Theft (or Handle Theft) as a Service
- Links for the day
- Plagiarism With LLM Slop: Hindustan Times (HT Digital Streams Limited) Has Become a Slop Factory/Hub
- What a disgrace
- A radical proposal to keep your personal data safe, by Richard Stallman
- "The surveillance imposed on us today is worse than in the Soviet Union. We need laws to stop this data being collected in the first place"
- Next Week We Launch Search at Techrights
- We're planning to launch it some time next week. Maybe Tuesday, maybe Thursday.
- Talk by Richard Stallman Will be Live-streamed in Less Than 10 Hours
- Happy hacking
- "No Kings" in the Software World (GAFAM Should Not Exist, Either)
- "No Kings" is a good slogan. Let's start by ridding ourselves of masters, not only those who reside in DC or visit DC
- Every Morning
- Bugs/edge cases combined with automation can spell disaster
- Insane, Deliberately Dishonest, or Just Another Bigot?
- very intellectually-dishonest human being
- A Lot of Techrights is Built on Perl
- Perl also runs the sister site
- The Register MS Selling Slop for Microsoft (Vapourware, Ponzi Scheme, False Claims)
- What will be left of The Register MS if it keeps repeating falsehoods and looking to profit from Ponzi schemes?
- analytics.usa.gov Says Less Than 14% of Web Requests (to Government Sites) Come From Vista 11
- Vista 11 was released more than 4 years ago!
- People Who Attempt to Take Down Correct Information Need a Doctor a Day
- “Journalism is printing something that someone does not want printed. Everything else is public relations.” ― George Orwell
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Monday, October 20, 2025
- IRC logs for Monday, October 20, 2025
- Vista 11 is Sinking While Microsoft is PIPing (Mass Layoffs But Silent Layoffs)
- We're witnessing a shift in platform dominance
- Richard Stallman is Having a Good Week Already (Stallman Was Right About 'Clown Computing')
- That alone is worth bringing up in his talk
- An Update About Soylent News, With Jan Rinok "Back in the Saddle"
- Burnout or "near burnout" a possibility when having to curate abuse
- When Prominent GNU/Linux Distros Are Run by Spies
- What has Microsoft Canonical become?
- More Publishers and Companies Nowadays Say "GNU/Linux", Not "Linux"
- It's not to see InstallAware saying GNU/Linux this week