Bonum Certa Men Certa
Microsoft Sued for Patent Infringement, Patents Brain Probing | Patent Concerns Invade GNU/Linux, GPLv3 Offers Remedy

How Jim Allchin, Gartner and Enderle Lied to the Whole World

If you say it often enough, people will believe it

We have developed a habit of keeping track of analysts who are obviously paid or compensated for serving corporate agenda (e.g. [1, 2, 3]). This is very relevant in light of the recent OOXML propaganda that came from IDC and the Burton Group.

Here is another fine example from the news. We wish to debunk the said analysts using compelling evidence and fact. One of the predications which certain people made is this:

5. Windows Vista will be secure Analysts were: Wrong

When Windows Vista was launched, Microsoft platforms group vice president, Jim Allchin, described a platform where its "safety and security" will be the "overriding features" for which most people will want Windows Vista.

Analysts from Gartner and the Enderle Group further touted Vista's security features, highlighting in particular its spyware-fighting prowess.


Enderle and Gartner have been caught many times before. The former is a one-man, attention-seeking 'consultancy' whose major client is Microsoft. The latter, Gartner, is funded by Bill Gates and plenty of its revenue stream comes from work it does for Microsoft. Jim Allchin, by the way, escaped Microsoft as soon as Windows Vista was released. It truly make you wonder, does it not?

The people above claimed that Vista will be secure, but let us take a look at some headlines which cover separate incidents that occurred in the past year (sorted reverse chronologically for the most part).

The latest round of patches revealed that Vista could be hijacked by merely sending a packet to it.

Microsoft's first set of security bulletins for 2008 may be slim, but will include a fix for a critical vulnerability in XP and Vista.


More information about this incident can be found here.

One of the updates is considered critical for Windows Vista and XP users because the flaw it fixes could be used by attackers to install unauthorized software on a victim's computer.


As we showed before, especially when Microsoft's Jeff Jones was lying to the public, Microsoft redefines and reinvents the science of security in attempt to show that Windows is more secure. Seconia was accused of playing similar games just days ago. Here is what needs to be pointed out:

1. Critical Vulnerability in Microsoft Metrics

For Microsoft this makes sense because these fixes get the benefit of a full test pass which is much more robust for a service pack or major release than it is for a security update.


2. Skeletons in Microsoft’s Patch Day closet

This is the first time I’ve seen Microsoft prominently admit to silently fixing vulnerabilities in its bulletins — a controversial practice that effectively reduces the number of publicly documented bug fixes (for those keeping count) and affects patch management/deployment decisions.


3. Beware of undisclosed Microsoft patches

Forget for a moment whether Microsoft is throwing off patch counts that Microsoft brass use to compare its security record with those of its competitors. What do you think of Redmond’s silent patching practice?


4. Microsoft is Counting Bugs Again

Sorry, but Microsoft's self-evaluating security counting isn't really a good accounting.

[...]

The point: Don't count on security flaw counting. The real flaw is the counting.


Getting back to Vista, let us look at some of the flaws we have seen:

1. Microsoft fixes 11 flaws in 7 patches; 5 affect Windows Vista

Microsoft on Tuesday released its December 2007 security bulletin, which includes seven updates: three are designated as critical by the software giant and four are deemed important.


2. December 2007's Patch Tuesday's Going to Be Big - Really Big

A Trio of Critical Patches

First up is a remote code execution patch for DirectX versions 7.0 (Windows 2000) through 10.0 (Windows Vista).


3. Security hole in MS-Windows Vista on Thanksgiving

Microsoft, although late, but did acknowledge that it is a flaw even in the latest OS (Vista) which should have been fixed long back.


4. Thirty-Six Updates Later—and Counting

Over the Thanksgiving holiday, I refreshed one of my Windows Vista test machines. Oh my, there were so many Windows Updates.


5. Vista security threats to rise in 2008: McAfee

Microsoft’s Windows Vista operating system will face increasing security threats, according to McAfee Avert Labs predictions for top 10 security threats in 2008.


6. Microsoft issues 6 'critical' patches

The updates affect many versions of Windows, Server and Office software -- including Windows XP and Windows Vista -- and are meant to prevent hackers from breaking into Web surfers' computers using specially crafted Web pages.


7. Buffer the Overflow Slayer v. the ActiveX Files [Vista included]

The vulnerability was discovered by Krystian Kloskowski and is rated "highly critical" in this posting on Secunia. It's also discussed here on the US-Cert website. Proof-of-concept code can be found on MilW0rm here.


8. Microsoft plans six critical patches

At least one of the critical vulnerabilities involves Internet Explorer 7 and Windows Vista, both of which were conceived under new and highly vaunted development rigors designed to produce more secure products.


9. Patch Tuesday: Critical IE, Vista patches on deck

Of the four criticals, two will include high-severity patches for Windows Vista. The bulletin rated ?moderate? only affects Vista.


10. June Patch Tuesday to deliver Vista fixes and more

Four of this month's bulletins are labelled 'critical' and relate to vulnerabilities that may allow remote code execution.


11. Microsoft Plugs Critical Vista Hole

Microsoft has just patched another critical hole in Vista that it knew about as long ago as last Christmas. The delay was similar to its lag in patching the serious (and heavily targeted) animated-cursor flaw I told you about last month.


12. Microsoft Patches Not One, But Three Vista Holes

Microsoft today released an update for the recently popular 'animated cursor' vulnerability. The update was originally scheduled for April 10th, but due to recent exploits, was rushed out today. The update wasn't just for this one vulnerability though, in Vista, it addressed two others, and in all covered seven vulnerabilities in Vista, XP and 2000.


13. Windows Vista's Built-in Rootkit

This poor implementation of the permissions structure can be exploited by malware to make files that are undetectable to Anti-Virus products.


14. More Windows cursor patch trouble [Vista included again]

A new issue with the fix has also come up. Some customers have experienced trouble when printing from SQL Reporting Services to a Printer Command Language (PCL) printer, Microsoft said.


15. Windows cursor patch causing trouble

Installing Microsoft's Tuesday patch for a "critical" Windows vulnerability is causing trouble for some users.


16. MS Patch Tuesday: Vista dinged again

For the second time this month, Microsoft has shipped a security bulletin with patches for a "critical" Vista vulnerability that puts millions of users at risk of code execution attacks.


17. Security Researchers Say Windows .ANI Problem Surfaced Two Years Ago

Security researchers say the Windows .ANI bug that has been plaguing users for the past week first surfaced -- and was patched -- in early 2005.


18. Week in review: Cursing Windows' cursor flaw

The software giant broke with its monthly patch cycle to fix a bug that cybercrooks had been using since last week to attack Windows PCs, including those running Vista.


19. ANI takers for Asus website virus?

Asus.com.tw, the website of Taiwanese motherboard maker Asustek, has been spraying visitors with the .ANI virus, security software makers confirmed today.


20. Will Next Tuesday's 3 Updates Effect Vista?

I would suspect that one will be a patch for the Windows MessageBox exploit, so Vista should get it. Might another be for the Vista 'Timer/2099 Crack'? I wouldn't consider it critical, but Microsoft probably does.


21. Windows Vista now has its first exploit spotted in the public

Security experts have confirmed that a proof of concept code for an unpatched vulnerability in Windows Vista has been released on the internet.


There were warning signs in advance. Windows Vista was not made to have a considerable impact, security-wise, but hype was a key driver. It happens to be the same case with DirectX 10, whose hype was generated by faking images which create a false perception that it is a big jump compared to DirectX 9 (that is another shocking story about deception, but it's worth a separate post). Here are some more articles of interest:

1. Windows Vista: It's More Secure, We Promise

Well, allow me to take a moment to remind everyone of something that you might not remember - XP was also touted as being ultra secure. Seriously, can anyone honestly look themselves in the mirror and say this is the gospel truth? You have got to be kidding me. Similar to XP, Microsoft promises to have the most secure Windows version to date yet again.


2. Cisco exec: Windows Vista is scary

"Parts of Vista scare me," Gleichauf said at the Gartner Security Summit here on Monday. "Anything with that level of systems complexity will have new threats, as well as bringing new solutions. It's always a struggle in security, trying to build for what you don't know."


3. Symantec Finds Flaws In Vista's Network Stack

Researchers with Symantec's advanced threat team poked through Vista's new network stack in several recent builds of the still-under-construction operating system, and found several bugs -- some of which have been fixed, including a few in Monday's release -- as well as broader evidence that the rewrite of the networking code could easily lead to problems.

[...]

Among Newsham's and Hoagland's conclusions: "The amount of new code present in Windows Vista provides many opportunities for new defects."

"It's true that some of the things we found were 'low-hanging fruit,' and that some are getting fixed in later builds," said Friedrichs. "But that begs the question of what else is in there?"


With so many incidents out there, there remains this Big Lie that Vista is secure. Paid analysts do not help here.

Comments

Microsoft Sued for Patent Infringement, Patents Brain Probing | Patent Concerns Invade GNU/Linux, GPLv3 Offers Remedy

Recent Techrights' Posts

Links 31/01/2026: "Introducing Encrypt It Already" and "Huge Cache of Epstein"
Links for the day
A Can of WORMS - Part I - Trying to Throw RMS Under the Bus at MIT and Everywhere Else
This series won't give air to online 'trolls'
Mobbing at the European Patent Office (EPO) - Part I - An Introduction
When the series ends, some time around the second or third EPO strike of this year, we'll contact the relevant authorities and plead for intervention
The Solicitors Regulation Authority (SRA) Delusion - Part I - Who Regulates This Regulator? (Only Itself!)
We won't self-censor or prematurely terminate this series
Norway Almost Trusts Russia More Than the Bill Gates (Sleeping With Young Russian Girls) Company, Microsoft
Microsoft represents crime
Riddle Us This... (Jim Zemlin and Bill Gates)
Do these people even understand the literal meaning of "safe space"?
Is "Nobel Prize for Peace" a Sick Person's 'Code Word' for Gangbanging Now? Ask Bill Gates.
Watch all the Gates apologists getting all silenced/silent
BBC Gaslights Women Sexually Exploited (Many Under Legal Age) for Its Rich Sponsor, Bill Epsteingate (Gates)
Is this a national broadcaster or a propaganda tool "For Rent"?
Microsoft 'Open' 'AI' Reportedly About to Become Bankrupt, Seeking Emergency Cash Infusion (Loans)
the money promised to Microsoft 'Open' 'AI' failed to arrive
Gemini Links 31/01/2026: Deep Ice and Slide Rules
Links for the day
Writing About Abuse
Never ever allow misogynists to get their way if you strive to live in a decent society
MIT DEDP MicroMasters online learner's blog post about cover-up linked to resignation of Swiss financial regulator
Reprinted with permission from Daniel Pocock
Salary Erosion Procedure (SAP) as the Primary Reason for EPO Strikes
They focus on financials, as the corruption aspects are un-sayable or unspeakable, except in private
IBM Bluewashing: Feels Like IBM is Scuttling Neudesic (and Some of Red Hat)
We recently saw some Red Hat staff joining a Microsoft proxy
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, January 30, 2026
IRC logs for Friday, January 30, 2026
Microsoft Stock Collapsing Due to the Slop Bubble and Microsoft is Hiding Budget 'Black Holes'
Microsoft does not perform like it tells "the media" and "the market"
Gemini Links 30/01/2026: Love and Cultivation, Gemtext Anchors
Links for the day
Will Jim Zemlin Also Sell His Daughter or Only the "Linux" Brand (and Linux Foundation) to Bill Epsteingate?
Torvalds "ate a bug"
The Epstein Files Don't Say the Ages of Those "Russian Girls" Bill Epsteingate Exploited
This E-mail was sent around the time an arrest was made for pedophilia
Only One in 33 EPO Staff Voting on the Strike Opposed It
Kudos to all those who participated in the strike
Still Hoping for "Slop Zero" in 2026
We've also noticed that linuxiac.com shows a glimmer of hope this week
Links 30/01/2026: Waymo Crashing Into 'Small People' (Children), Microsoft at Risk Due to Slop Debt
Links for the day
Amutable’s Management and Founders Are 100% Microsoft!
It'll be focused on promoting Microsoft's agenda in everything it does
IBM Tries to Get Rid of Workers Without Paying Them (and It Appears to be Working)
be sure to speak to people who actually work there
He Has No Money, But He Has Power, He Has a Voice
That's why they envy and attack him
Free Software in Swiss Media This Week
RMS is still going places with his Migros bag (Swiss retail giant)
TV Programs Disseminate False Numbers of Microsoft Layoffs (About 31,000 Laid Off Last Year, Not Including PIPs, Contractors and so on)
large-scale layoffs are inevitable, no matter how long Microsoft delays or procrastinates
Links 30/01/2026: Microsoft's "OpenAI Is Headed For Bankruptcy" and Bitcoin Crashes
Links for the day
Why Would Anybody be Afraid of Talking to Richard Stallman?
We need to get rid of the baseless stigma
Amutable is a Microsoft Proxy Like Xamarin, With Some IBM/Red Hat Staff Added for Good Measure
Amutable chasing money and trying to impose TPM etc. on everybody
The Letter Sent to the Ringleader of the Alicante Mafia This Week
Call for industrial actions to stop the salary erosion of EPO staff
EPO on Strike
organisation operating outside the Rule of Law
Oracle's Debt Exploded by 22 Billion Dollars in 6 Months, the Ponzi Scheme With Scam Altman Was Classic 'Pump and Dump'
The founder of Oracle now uses his wealth for right-wing ideological reasons, nothing else
Facebook ('Meta') is Dead Meat, This GAFAM Company's Debt Exploded by Almost 33 Billion Dollars in Just 3 Months (11 Billion Per Month)
we can expect many sales/contracts to get canceled
Australia's top nurse takes on Musk, Zuckerberg & rogue health influencers, birthkeepers
Reprinted with permission from Daniel Pocock
Affirming What We Already Know: Solicitors Regulation Authority (SRA) is Profoundly Incompetent
"SRA ordered to pay solicitor £50k in costs after failed prosecution"
The "Alicante Mafia" - Part XVI - The Associates of Mr. Cocainegate Don't Want to Talk About Cocainegate (Right of Reply)
Nobody wanted to talk about cocaine at the EPO
The "Open Source" (Corporate Openwashing) Fake Community Rejects Democracy, Open Source Initiative is in Effect Dead
This is basically the end of the OSI
Cracks and Holes in Microsoft's Slop Bubble (Also, Windows is Declining)
"More Bad News For Xbox As Microsoft Blames Gaming For An Annual Decline In Its PC Business"
Microsoft's Debt Exploded by More Than 20 Billion Dollars This Past Year, Says Microsoft
Expect more mass layoffs
Strike at the EPO Today
Next month we'll start a new EPO series
State of the Slop and The Register MS Runs Ads as 'Articles'
Yesterday we could not find much slop about "Linux"
Gemini Links 30/01/2026: Announcing Crossyword and SYN Attack
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, January 29, 2026
IRC logs for Thursday, January 29, 2026
Gemini Links 29/01/2026: Naps, Letting Go, and Terribly Cold Weather
Links for the day
Links 29/01/2026: Kennedy Center Officials Resigning and Amazon to Cut 16,000 Jobs
Links for the day
Goodbyes to Red Hat and IBM
PIPs let them do the same with less "wasted" on severance or with obscene narrative-shaping
RMS Was Right 35 Years Ago
Stallman’s viewpoints have remained the same
The Need to Understand the Projection Tactics Against RMS
There's an old and common saying (or "wisdom") about who's guilty when there's a fart in elevators (lifts)
Links 29/01/2026: Neocities Is Blocked by Microsoft, “Intellectual Freedom Centers” as the New "Intelligent Design"
Links for the day
Microsoft XBox Dying Not Only as a Console, Reveals Microsoft
Microsoft is trying to rebrand or repurpose the brand
Don't be Mistaken, Microsoft Boasts About Money That Does Not Exist and Revenue (Buying From Oneself!) Is Not Income
the company's debt grew
Fedora is IBM and There's Hardly Any Community Left
It's more like an onboarding mechanism for unpaid labour at (and for) IBM
IBM's Financial Performance in IBM's Own Words: Money Down, Debt Up Sharply
IBM isn't a healthy company
In Dominica, GNU/Linux Has Risen to All-Time High in 2026
a lot of America is moving to Free software this year
The "Alicante Mafia" - Part XV - EPO is on Strike Tomorrow, Lots to be Angry About (Except Money)
We'll soon finish the series
Gemini Links 29/01/2026: "Lady Audley's Secret" and "The Value Of Our Fear" (Carney's Speech)
Links for the day
Emmanuel Macron on Europe's GAFAM Addiction/Dependence: "There is No Such Thing as Happy Vassalage"
Microsoft has long worked to prevent commodification
It's Official, Mass Layoffs at IBM Again (2026)
In a matter of days we'll just see how much IBM's debt has grown
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, January 28, 2026
IRC logs for Wednesday, January 28, 2026