Eye on Microsoft: Windows (In)Security in the News
- Dr. Roy Schestowitz
- 2009-04-24 10:24:19 UTC
- Modified: 2009-04-24 10:24:19 UTC
●
Windows Trojan That Infected Over 3.6 Million PCs Evolves with Worm Behavior
One of the top families of malicious code targeting the Windows platform has evolved with the addition of worm behavior, Microsoft warns. According to data made public via the Microsoft Security Intelligence Report, the Win32/Vundo Trojan infected over 3.6 million computers in the second half of 2008, and occupies the third position in a malware ranking behind Renos and Zlob. Vundo is a family of malware with various components that are designed to serve victims 'out of context' pop-up advertisements following infection. Microsoft warns that the Vundo family of malicious software can also
be used to download and execute arbitrary files.
●
One bot-infected PC = 600,000 spam messages a day
TRACElabs concluded that Rustock and Xarvester, the latter perhaps linked to the down-and-out Srizbi botnet, are the most efficient spam spewers of the nine bots. Each is capable of sending up to 25,000 messages per hour, or 600,000 per day, and 4.2 million per week.
●
Updated research of the largest base of real-world vulnerability data
4. Exploitation - Eighty percent of vulnerability exploits are now available within single digit days after the vulnerability’s public release. In 2008, Qualys Labs logged 56 vulnerabilities with zero-day exploits, including the RPC vulnerability that produced Conficker. In 2009, the first vulnerability released by Microsoft, MS09-001 had an exploit available within seven days. Microsoft’s April Patch Tuesday included known exploits for over 47 percent of the published vulnerabilities. This law had the most drastic change from the Laws 1.0 in 2004, which provided a comfortable 60 days as guidance.
Recent Techrights' Posts
- New XBox Leaks Probably Serve to Confirm XBox's Collapse (Many More Layoffs)
- It's very much consistent with what many other sites have reported lately
-
- Noteworthy Claim That IBM is Firing a Lot of Lawyers This Week (RAs in the Legal Department)
- A lot of what they do is patent 'trolling' or lawyering up against their own staff (e.g. HR disputes)
- Links 10/10/2025: US Judge Bars Attacks by ICE On Journalists and Protesters; “We Took The Freedom of Speech Away” Says the President
- Links for the day
- Slopwatch: Serial Sloppers, Google News Gifting Slopfarms, and Fake News/Plagiarism About "Linux"
- Google itself is a slop pusher these days
- Qualcomm, the New Owner of Arduino, Blasted for Its Software Patents Tax on 'Smartphones'
- A lot of Qualcomm's patents are on software. We wrote about this in prior years.
- XBox Layoffs Rumours, Downtime, and Criticism From XBox Co-Founder
- "everyone is ditching the xbox."
- Links 10/10/2025: Honoring The Legacy Of Robert Murray-Smith, Many Articles on the Hey Hi (AI) Bubble
- Links for the day
- Gemini Links 09/10/2025: October Gothic and Reading Middle Earth Role Playing; C and Ada
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, October 09, 2025
- IRC logs for Thursday, October 09, 2025
- Links 09/10/2025: Farewell to Jane Goodall, California Bans Algorithmic Price-Fixing
- Links for the day
- Gemini Links 09/10/2025: Lost Wages and a Saga Of Continuing To Use Palm PDAs
- Links for the day
- Richard Stallman's Talk in Helsinki is Done. Tomorrow Göteborg.
- There are scarce details in Finnish about Dr. Stallman's talk
- The Slop Song
- The train wreck marches on
- LLM Slop/Advanced Plagiarism Flooding the Zone With Capital That Does Not Exist
- Many publishers out there still participate in this bubble instead of calling it what it is
- Links 09/10/2025: Sacked Microsoft Workers Make "Sackbird", IBM Taps CockroachDB for PostgreSQL
- Links for the day
- "Happy Hacking Day" Richard Stallman Talk This Afternoon (From 14:00 to 16:00) at Haaga-Helia University in Pasila
- Richard Stallman in Helsinki, Finland
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, October 08, 2025
- IRC logs for Wednesday, October 08, 2025
- Links 09/10/2025: Impact of Microsoft Layoffs, More Data Breaches
- Links for the day
- Gemini Links 09/10/2025: Autumn Blues and C IRC Bot
- Links for the day
- Slopwatch Appreciated by Real Authors of GNU/Linux Articles
- We do try to keep on top of those things
- Upgraded R.R.R.R.R.R. Today
- The Web of 2025 is full of garbage, not limited to slopfarms
- Freedom From Proprietary Prisons
- Forking always an option
- IBM's Watson Died in 1956, Now Watson Dies Again
- IBM is becoming just a reseller of GAFAM and other stuff
- Slopwatch: LinuxSecurity, UbuntuPIT, and Google News
- We've also just noticed more slop from UbuntuPIT
- Microsoft Says That Constant Mass Layoffs Are Success, the Media Isn't Buying This Microsoft Narrative Anymore
- If people in the media feel an obligation to repeat whatever lies Microsoft tells, what point will there be to the media?
- Links 08/10/2025: "Mali Puts Free Speech on Trial" And Apple Enforces Dictatorship
- Links for the day
- Links 08/10/2025: ‘Death to Spotify’ and Law to Ban Loud Commercials on Streaming (Dis)Services
- Links for the day
- Links 08/10/2025: Real Innovation and Nina.chat is Dead
- Links for the day
- Links 08/10/2025: Y2K38 Bug is a Vulnerability, Chat Control in Europe a Threat
- Links for the day
- Microsoft Windows is No Longer an Operating System, It's Surveillance Project
- Why is this even legal to preload on PCs outside the US?
- How and Why Once-Legitimate Sites Turn Into Slopfarms
- Many sites will go offline and many social control networks will shut down once they realise or even openly admit they spend money and time gardening a bunch of bots and slop
- UbuntuPIT Became a Slopfarm and Gnoppix Tarnishes Its Own Brand With Slop
- It fits all the characteristics of mildly-edited (if at all) slop
- Slopwatch: Linux Journal and Other Slopfarms
- GAFAM needs to go the way of the dodo
- Gemini Links 08/10/2025: "Seek Seek Revolution" and Gradient Backgrounds
- Links for the day
- Qualcomm Arduino Takes Aim at Raspberry Pi
- Qualcomm is a Microsoft partner
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Tuesday, October 07, 2025
- IRC logs for Tuesday, October 07, 2025
- Stagnation of the Economy and What Free Software Can (or Could) Do For It
- If your economic model is based on a pyramid of lies, it won't last very long
- Social Control Media is Sinking
- it would rightly seem like the era of centralised "social" sites (they're not social, they're about controlling the users) is ending, not overnight but gradually