Eye on Microsoft: Emergency, Botnets, and No Remedy

Dr. Roy Schestowitz

2009-07-26 08:50:30 UTC
Modified: 2009-07-26 08:50:30 UTC

Summary: Self-explanatory news about Microsoft and security

● Microsoft to issue emergency patches next week

Microsoft plans to issue two emergency patches next week that fix vulnerabilities in the Internet Explorer browser and Visual Studio developer suite that allow attackers to remotely execute malware.

● Software Crackdown

Cyber attacks seem to be getting more sophisticated by the hour. A few weeks ago malware known as Zero Day was found to have exploited a vulnerability in Microsoft's Windows operating system that could allow online criminals to take control of a computer from anywhere in the world without being detected. The operation involved what is known as "drive by" attacks, in which visitors to legitimate Web sites are redirected to a page that secretly downloads the malicious software.

● Microsoft admits it can't stop Office file format hacks

Microsoft's plan to "sandbox" Office documents in the next version of its application suite is an admission that the company can't keep hackers from exploiting file format bugs, a security analyst said today.

Comments

David Gerard

2009-07-26 19:01:17

Of course it's the formats! That's why every format vulnerability in MS Office is also found in OpenOffice.org ... oh wait, no they aren't. Gosh, it couldn't be crappy programming, or not validating untrusted input, or anything like that? I must be a zealot to think it.

Roy Schestowitz

2009-07-26 19:28:25

Yes, given more time I would have said something about the format issues.

Forget about malicious programs. When we have binary formats we also deal with malicious file formats and files that become malicious when merely interpreted, not executed.

David Gerard

2009-07-26 20:33:59

The real problem is that:

(a) in the '90s, Microsoft made a lot of their file formats dumps of C structs, for performance reasons;

(b) when this became incredibly hazardous with the Internet, and computers were powerful enough to check for malicious input ... they just kept on using the old code.

Then their master stroke of putting a complete programming language inside Office, thus inventing the macro virus.

Then their other master stroke of programs that execute any random instructions they happen to find in EMAIL MESSAGES.

INNOVATION!

Upcoming Techrights Series About the Failure of the Solicitors Regulation Authority (SRA) to Stop Hired Guns Who Work for Americans That Abuse Women: The SRA has demonstrated nothing but considerable incompetence at many levels
The "Alicante Mafia" - Part XIV - The EPO Vice-President Steve Rowan and the Hidden Alicante Connection is a Big Deal: We'll soon take a closer look at Ernst
Links 27/01/2026: Japan-China Feud Escalates Again, "Iran's Internet Blackout Persists": Links for the day
Upcoming Techrights Series About the Public Appearances of Richard M. Stallman (RMS) in the United States: we plan to drop all pretences about "Open Source" and instead focus on Software Freedom
Upcoming Techrights Series About the Experiences of EPO Insiders: We'll start the new series some time next week
Links 28/01/2026: Microsoft Ordered to Stop Spying on School Children, Apple's Brand Tarnished by Its Complicity With Human Rights Abusers: Links for the day
Gemini Links 28/01/2026: Particle and AirMIDI: Links for the day
Amandine Jambert (EDPB/CNIL/FSFE), motive for lying, trust in blockchain and encryption: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, January 27, 2026: IRC logs for Tuesday, January 27, 2026
Expect More XBox Layoffs Shortly: As expected
Online 'Gathering' Held Today to Organise Industrial Actions in EPO, Strikes Will be Starting Shortly: "Online Extraordinary General Meeting on Action Plan"
It's Not About What You Know, It's About Who You Know (and Stay Quiet About the Cocaine): This is not an organisation that exists to ensure laws are followed
FOSDEM 2026: democracy panel: FSFE uses women as stooges, gerrymander: Reprinted with permission from Daniel Pocock
Must Use Proprietary JavaScript to Submit Feedback to the European Commission About Moving From GAFAM to Free Software: Nevertheless, go tell them why Software Freedom would benefit Europe's defence and economy
Distortion of the Facts About Mass Layoffs at IBM: more layoffs are ahead
Gemini Links 27/01/2026: "Waiting Isn't a Waste", Posting from Lynx, and Bookmarks: Links for the day
Links 27/01/2026: "Oracle Debt and TikTok Transition Troubles Vex the Ellison Media Empire", Richard Stallman Quoted on Copyrights: Links for the day
Steven Field (Red Hat) Speaks of "Recent Layoff" (RA/Wave) in Red Hat: IBM really doesn't like it when people talk about "RAs"
The "Alicante Mafia" - Part XIII - Is EPO Vice-President Steve Rowan in Cahoots With the "Alicante Mafia"?: that deserves much media attention, political intervention, and condemnation
A Week Ago We Contacted the EPO's Stephen (Steve) Rowan About Cocainegate: Tomorrow we'll write some more about Rowan
“Wikilaundering” Explained: "London PR firm rewrites Wikipedia for governments and billionaires"
IBM Reports 'Results' Tomorrow, Expect More "RAs" (Mass Layoffs): they use words like "efficiency", "optimisation", "AI", "pivot", "modernisation" and so on
Earlier This Month Microsoft Lunduke Said in Public It Was Good That Renee Good Was Murdered, Now He Mocks or Demonises People for Saying the US is Unsafe: Don't be easily conned by demagogues
Google News and "Linux" Slop: Why won't Google be interested in tackling this issue? Instead Google has been trying to participate in this issue.
IBM Kills Red Hat in the Darkness: What IBM does to Red Hat is malicious
IBM Red Hat's Goal Is Not Real Security (It Probably Never Was): Spies and trolls are very malicious people and sometimes they're the same thing
With Absurd Lies About Slop, Which Lacks Intelligence or Financial Potential, GAFAM and IBM Will Twist Mass Layoffs as 'Efficiency Drive' or 'AI Pivot': More layoffs are on the way
Animal Advocacy Works: All it takes is effort and determination
EPO Strike This Week: What has happened to Europe?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, January 26, 2026: IRC logs for Monday, January 26, 2026
For the EPO to Survive, António Campinos and the "Alicante Mafia" Must Fall on Their Sword: There are EPO insiders who are convinced Campinos too is (or was) a cocaine addict
Some Slopfarms and Some Real News Sites Cover Richard Stallman’s (RMS) Talk: If his message about Software Freedom spreads, then we're all better off
Gemini Links 26/01/2026: Pocket Power Pack, Batteries, and Breaks: Links for the day
"Microsoft Vista 11 Emergency Update" as Windows Fails to Boot (Again): Microsoft is desperately trying to find some new business model as the debt soars
4 Hours Ago The Register MS Published Paid-for Spam About "AI" (Slop, Buzzwords): "AI" mentioned 13 times in the page
IBM 'Results' Due Wednesday Evening, Expect Clues About Mass Layoffs: Don't expect IBM to say anything about "layoffs" or "RAs"
The Fall of the EPO (or the "Alicante Mafia" at EPO) Will be Due to This Reckless Lawyer Who Does Cocaine in Public While Speaking for the EPO: The longer European politicians (and media) turn a blind eye to this corruption, the worse it'll get
Why RMS is Scary to GAFAM 'Engineers' and the GAFAM Apologists (or Addicts): especially because of his ideas and his way of life
Firefox 'Market Share' Down to All-Time Low in 2026, Adding to It User-Hostile 'Features' Only Worsens Things: What is the goal of Mozilla at this point?
Links 26/01/2026: Windows Back Doors, American Winter Storm, and Report Says Iran's "Protest Death Toll May Exceed 30,000": Links for the day
Life Got Simpler and Therefore Also Healthier and Happier: Some people envy not wealth but happiness (which they're unable to attain, even with hoarding and accumulation)
Richard Stallman's Experiences With 'Cancel Brigades' Ought to Educate Linus Torvalds: Now they talk about "if Linus dies" scenarios
Links 26/01/2026: Financial Stress in German Farms and Germany Wants to Take Its Gold Reserves Out of the US: Links for the day
Gemini Links 26/01/2026: "Lack of Meaningful Things" and Getting Back to Programming: Links for the day
Strong Correlation Between the Slop Ponzi Scheme (or Bubble) and Major Disasters: BitCoin ruins the planet; so does slop
We Will Never Allow the "Alicante Mafia" to Hide "Cocainegate": transparency typically scares malicious actors
Fewer Involuntary Interruptions This Year: This year we're doing much better
Prisons Are for Dangerous People Who Pose a Threat to the Public, Not People Who Inform the Public: At the end of the week EPO workers go on strike
Microsoft Loses Grip on Indian Ocean: Many countries, including in older allies of the US (such as Canada and the US), look for ways to get out of Microsoft dependence urgently
XBox Consoles Nearly Dead by Now, the 'XBox' (ex-Box) Brand Now Stands for Something Full of Slop, Spam, Filler, and Chaff: We're seeing the last day (maybe year) of "XBox"
The Great "AI" CON Explained by Dr. Andy Farnell: LLMs are basically advertisers of sorts
Links 26/01/2026: "Journalists Detained", in Germany "Unjustly Jailed Man Gets €1.3 Million Compensation": Links for the day
Red Hat Quietly Going Extinct After Bluewashing in 2026: At this point it would be rather foolish to assume that IBM will let Red Hat just "do its own thing" or maintain its corporate culture, identity, projects etc.
The "Alicante Mafia" - Part XII - Kris De Neef and Roberta Romano-Götsch, Who Stepped in for the Cokehead, Have No Comment on His Cocaine Usage (and the EPO's Cover-up): Sh-t floats to the top.
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, January 25, 2026: IRC logs for Sunday, January 25, 2026
Gemini Links 26/01/2026: Cold Perception, Software Patches in NixOS, and Sunk Cost Fallacy: Links for the day

Eye on Microsoft: Emergency, Botnets, and No Remedy

Comments

Recent Techrights' Posts