Eye on Microsoft: Emergency, Botnets, and No Remedy

Dr. Roy Schestowitz

2009-07-26 08:50:30 UTC
Modified: 2009-07-26 08:50:30 UTC

Summary: Self-explanatory news about Microsoft and security

● Microsoft to issue emergency patches next week

Microsoft plans to issue two emergency patches next week that fix vulnerabilities in the Internet Explorer browser and Visual Studio developer suite that allow attackers to remotely execute malware.

● Software Crackdown

Cyber attacks seem to be getting more sophisticated by the hour. A few weeks ago malware known as Zero Day was found to have exploited a vulnerability in Microsoft's Windows operating system that could allow online criminals to take control of a computer from anywhere in the world without being detected. The operation involved what is known as "drive by" attacks, in which visitors to legitimate Web sites are redirected to a page that secretly downloads the malicious software.

● Microsoft admits it can't stop Office file format hacks

Microsoft's plan to "sandbox" Office documents in the next version of its application suite is an admission that the company can't keep hackers from exploiting file format bugs, a security analyst said today.

Comments

David Gerard

2009-07-26 19:01:17

Of course it's the formats! That's why every format vulnerability in MS Office is also found in OpenOffice.org ... oh wait, no they aren't. Gosh, it couldn't be crappy programming, or not validating untrusted input, or anything like that? I must be a zealot to think it.

Roy Schestowitz

2009-07-26 19:28:25

Yes, given more time I would have said something about the format issues.

Forget about malicious programs. When we have binary formats we also deal with malicious file formats and files that become malicious when merely interpreted, not executed.

David Gerard

2009-07-26 20:33:59

The real problem is that:

(a) in the '90s, Microsoft made a lot of their file formats dumps of C structs, for performance reasons;

(b) when this became incredibly hazardous with the Internet, and computers were powerful enough to check for malicious input ... they just kept on using the old code.

Then their master stroke of putting a complete programming language inside Office, thus inventing the macro virus.

Then their other master stroke of programs that execute any random instructions they happen to find in EMAIL MESSAGES.

INNOVATION!

Links 16/02/2026: Barack Obama Responds to Racist Cheeto and Benjamin Mako Hill Studies Online Communities: Links for the day
IBM Reduces the Thresholds for Acceptance (and the Salaries): Are chatbots good enough as IBM staff?
When It Comes to Rust, Keep All the Eyes on the Ball (Technical and Legal Perils, Sustainability Questions): It's not about security or politics
Social Control Media is Just a Digital Weapon: Social control media is not social and not media
Microsoft to Focus on Name-Dropping Buzzwords to Distract From Declining Business, IBM RAs (Layoffs) With Staff Stack-Ranked: Calling everything cloud or reclassifying as "AI"
Another EPO Strike One Week From Now, Local Staff Committee Munich to Discuss It This Week: Campinos MIA while Office staff goes on strike at least 4 times
Gemini Links 16/02/2026: Task Completed by Avoidance and "Playing Again With Akkoma": Links for the day
Happy Birthday (or Anniversary) to SoylentNews: "Happy Birthday SoylentNews"
Techrights' Architecture: Stability is the main goal
Linux Foundation Continues Falling Off a Cliff in Geminispace: Gemini Protocol will turn 7 this summer
Links 16/02/2026: cURL’s Daniel Stenberg Asserts That Slop is DDoSing Free Software, But Still Uses a Plagiarism and GPL-Violating Blender (Microsoft GitHub): Links for the day
The Techrights Community Never Needed Money, Only Goodwill: We accomplish things by a track record of suppressed facts
"AboutCode" is a Microsoft Proxy and Microsoft's Acquisition of the OSI Advances Via OSI Moles: presenting direct evidence anybody can verify
They Will Call Smart People "Luddites": Is society "seeing the light"?
Microsoft Amutable Already Reveals That Its Focus Is Not Linux, It'll Promote "Remote Attestation": This is basically an attack on Software Freedom, even if they toss around the brand "Linux"
More People in Chad Move to GNU/Linux: Last year we began to see GNU/Linux rising there - a trend which continues this year
Dr. Andy Farnell on How Universities and Culture of Education Got Crushed by "Technofascist Nightmare": Farnell says he "already soft-quit in [his] mind"
Debt of Broadcom Grew by More Than 50%, Broadcom is Deeper in Debt Than Google: Expect many more cuts
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, February 15, 2026: IRC logs for Sunday, February 15, 2026
Links 15/02/2026: Slop, Politics, and Gemini: Links for the day
Small is Beautiful (in Cascading Style Sheets/Inheritance Rules): If done correctly, pages can take a tenth of a second to fully load
Microsoft Has Fallen to New Lows in Hong Kong This Year: That Windows "market share" falls there is perhaps expected
Free Software Foundation (FSF) Raised About 1.5 Million Dollars This Winter, Almost 50% More Than in All of 2024 Combined: Verbal advocacy goes a long way
Spread the Word About EPO Strikes and Patent Injustices in Europe: Corruption in Europe is a real thing
The Register MS is Promoting Slop, Promotion Connected to Microsoft (Trying to Replace Judges With Microsoft): marketing spun as "science"
He Did Not Have Enough Souls: A lot of the subjects we cover here no other site dares touch
"Mix Vale" is a Slopfarm: 3 "articles" about "ubuntu"
Links 15/02/2026: Roy Medvedev Dead at 100, Rise of "YouTube Politicians": Links for the day
Links 15/02/2026: How Alexey Navalny Was Executed by Putin, Erdogan Helping Iran: Links for the day
IBM Fedora Keeps Promoting Slop, Red Hat Has Been Turned Into Chaff and Trash to Help IBM's Stock (With "AI" Storytelling): Red Hat's Fedora is an old brand (20+ years). It no longer stands for what it meant to people in the Fedora Core days (I was a Fedora user back then).
What IBM Said About 2026 Layoffs and What's Happening in Practice: t'll leave IBM at the very bottom, in due course (customers will notice something profound has changed)
Gemini Links 15/02/2026: "Already Midway February" and Loadbars Remembered: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, February 14, 2026: IRC logs for Saturday, February 14, 2026
Microsoft's Bing Down to 0.5% in Armenia: Microsoft does not want shareholders to see this
Libel by Bots: Unexplored Legal Area?: Liability can be traced back to the operator
Maybe Obvious, But Merits Repeating: A Lot of "Demand" for Slop is Faked, Manufactured, Fabricated by Dark Patterns, Bundling, Media PR (Deception/Hype) Campaigns: Over the past few years many products and services got rebranded as "AI"
xAI and X (Twitter) Live on Borrowed Time, It'll Get a Lot Worse Fast: Being associated with a child porn site formerly known as "Twitter" is odorous to say the least
Microsoft is Lobbying Brussels via Opensource.org and OSI: The new (GAFAM) management at OSI is not serving the OSI's original mission
Will Lockett's Newsletter: Microsoft became Microslop and Windows users are "flocking" to GNU/Linux "to escape the mess": "Users are fed up and jumping ship from Windows to Mac or Linux. In fact, it appears that Windows has lost 400 million users since 2022!"
Photographic Collections: There are going to be over 100,000 JPEG, PNG, and GIF files by the time we turn 20
Norway Curbs Social Control Media as It Harms Norway's Society: A decrease from 11% to just 1.87% is possible to reason about
Accomplishments of Our Community: Why I enjoy writing in Techrights
Microsoft Invented a Slop CEO ("AI CEO") Because Real Interest in Slop is Waning, So It's Just Faking Its Prominence: It's noise
Google Promoting Slop, Not Journalism: The truth of the matter is, Google is part of this problem and it doesn't seem to care
Another IBM Company (Spawned by IBM) is Hiding the Scale of Layoffs, Just Like Red Hat and Kyndryl: Why is the scale of the layoffs there shrouded in secrecy?
Links 14/02/2026: Financial Woes in Hong Kong and "Hong Kong Journalists Face ‘Precarious’ Future After Jimmy Lai Jailed": Links for the day
Gemini Links 14/02/2026: Fish Shell and Meta Slash-commands: Links for the day
Links 14/02/2026: "Bias and Toxicity in" Slop, Microsoft's Vista 11 System Update Breaks Systems Again: Links for the day
Links 14/02/2026: "Suppression of Free Speech" and "Climate Change Puts Winter Games on Thin Ice": Links for the day
EPO "Cocaine Communication Manager" - Part I - Getting the Word Out About What the 'Alicante Mafia' Did to Europe's Second-Largest Institution: Can't everyone in the European media agree that letting cokeheads run Europe's second-largest institution is a terrible idea?
Richard Stallman in the United States - Part I - Huge Audience (Offline and Online), 'Cancel Culture' Attempted and Failed: the comeback of Richard Stallman (RMS) in the United States
GitHub Cannot Survive for Much Longer: Microsoft is trying to just hide the debt
Ed Zitron: Microsoft Is A Decaying Empire That Bet The Future On Making In Excess Of $500 Billion In New Revenue Within The Next 4 To 6 Years From AI — And It Hasn’t Made A Dime In Profit Yet: Microsoft bets its future on a bunch of nothing
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, February 13, 2026: IRC logs for Friday, February 13, 2026
Gemini Links 14/02/2026: "Throwback VR Headset" and OFFLFIRSOCH 2026: Links for the day

Eye on Microsoft: Emergency, Botnets, and No Remedy

Comments

Recent Techrights' Posts