Eye on Microsoft: Emergency, Botnets, and No Remedy
- Dr. Roy Schestowitz
- 2009-07-26 08:50:30 UTC
- Modified: 2009-07-26 08:50:30 UTC
Summary: Self-explanatory news about Microsoft and security
●
Microsoft to issue emergency patches next week
Microsoft plans to issue two emergency patches next week that fix vulnerabilities in the Internet Explorer browser and Visual Studio developer suite that allow attackers to remotely execute malware.
●
Software Crackdown
Cyber attacks seem to be getting more sophisticated by the hour. A few weeks ago malware known as Zero Day was found to have exploited a vulnerability in Microsoft's Windows operating system that could allow online criminals to take control of a computer from anywhere in the world without being detected. The operation involved what is known as "drive by" attacks, in which visitors to legitimate Web sites are redirected to a page that secretly downloads the malicious software.
●
Microsoft admits it can't stop Office file format hacks
Microsoft's plan to "sandbox" Office documents in the next version of its application suite is an admission that the company can't keep hackers from exploiting file format bugs, a security analyst said today.
Recent Techrights' Posts
- FOSDEM is Called "FOSDEM" Because of Richard Stallman (RMS)
- The overlap there seems timely; yesterday RMS spoke in French-speaking (in part) Switzerland where questions in French were accepted
- January 20: Richard Stallman Talk in Europe
- evening time in Europe, around midday in the United States and Canada
- Slopwatch: Too Lazy to Write Real Articles, Offloading to Chatbots Instead (LLM Slop About "Linux")
- The Web was already full of garbage before the LLM frenzy. Now it's even worse.
- RMS 'Inauguration' in Montpellier (Government Administration) on January 20th
- Happy hacking
-
- Links 18/01/2025: Restoring the Great Wall of China and Economic Expansion in China
- Links for the day
- Guardian Digital (linuxsecurity.com) is Spamming the Web With Microsoft's Promotional LLM Slop About UEFI 'Secure' Boot (Which is Against Real Security)
- This is an attack on honest journalism
- Links 18/01/2025: TikTok's Endgame, "Car Freedom", and Spying in Cars 'Fines' GM (Settlement)
- Links for the day
- Links 18/01/2025: Apple Getting Out of Hey Hi (AI) Slop (Too Much Misinformation), Chaffbots/Chatbots Try to Settle Copyright Infringement Lawsuits
- Links for the day
- What Fake News Sites Are Doing to GNU/Linux
- The LLM slop about Linux serves two purposes
- Links 18/01/2025: Microsofters Upset at Microsoft's Ridiculous Rebrands (Excuse for Massive Price Hikes), Chaffbot Company ('Open'AI) Faces More Lawsuits
- Links for the day
- Gemini Links 18/01/2025: Surge in Illnesses, ctags, and Gemsync
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, January 17, 2025
- IRC logs for Friday, January 17, 2025
- Even Technical Articles and HowTos From UNIXMen Nowadays Seem to be LLM Slop
- We've just permanently removed the RSS feed of UNIXMen
- The FSF's 2024 End-of-Year Fundraiser Succeeds: Over $400k to Support Software Freedom
- That's worth bringing up again because the SFC is trying to 'crash' this achievement of the FSF
- [Meme] Fentanylware (TikTok) Banned in the United States, Next Up European Union (EU)
- And the United Kingdom (UK)
- President Biden is Right, "Free Press is Crumbling" and the United States Exports Its Media-Hostile Culture to Other Continents
- perhaps Biden should pay closer attention to how Donald Trump-inspired Americans take their battles to other continents
- Links 17/01/2025: TikTok Banned by the United Stated (SCOTUS Rejects Appeal)
- Links for the day
- Software Freedom Conservancy Inc (SFC) Makes It Obvious It's Just a Copycat Trying to Exploit or Leech Off the FSF's (and GNU's) Work
- They swim next to the rich people (who "match")
- Links 17/01/2025: Fentanylware (TikTok) Herds Its (Drug) Users Into Even More Harmful "Apps"
- Links for the day
- Guardian Digital, Inc (linuxsecurity.com) Uses Microsoft-Controlled Front Groups and LLM Slop in Order to Spread Microsoft-Directed Anti-Linux FUD
- Microsoft garbage likely produced by Microsoft LLMs, spewing out Microsoft FUD
- Likely Fake 'Article' About Linux Mint 22.1
- BetaNews fired up its plagiarism machine (LLM)
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, January 16, 2025
- IRC logs for Thursday, January 16, 2025
- Links 16/01/2025: Conflicts, Overpopulation, and Software Patents
- Links for the day
- [Meme] Lock-down With DRM Server/s (in a Nutshell)
- Companies like Microsoft and Apple have a 'God complex'
- Thank You, London! There Was No Way to Still Reliably Host Gemini From Home (on a Raspberry Pi 4) Due to Scale
- The only regret we've long had is that we hadn't made the move earlier
- The Summit of Future (Kerala, 2025): Dr. Richard Stallman (RMS) to Give Keynote Talk
- promotional video was uploaded
- Richard Stallman's Talk This Coming Monday (European 'Tour')
- bunch of talks in Europe
- Total Lock-down Ambitions - Part II - Down to the Very Core, Including the Hardware (CPU, GPU, Peripherals, and More)
- instead of distinguishing themselves and antagonising these broadly reviled "antifeatures", both Canonical and IBM decided to join Microsoft in advocating lockdown
- FSF, Guardian of the GNU Project, to Reach $400,000 in Winter Fundraiser Ahead of 40th Anniversary
- The GNU Project Turns 42 later this year
- Links 16/01/2025: "Meduza, IRL" and the Clock is Ticking on TikTok in the US
- Links for the day
- Gemini Links 16/01/2025: Yesterday's Gone, The Hour of the Dragon by Robert E Howard
- Links for the day
- Computer Users Aren't Zoo Animals
- Animals don't belong inside cages in zoos, either
- Links 16/01/2025: Scale and Scope of Microsoft Layoffs Revealed (Two Waves of Layoffs in 2025 Already)
- Links for the day
- Gemini Links 16/01/2025: Meta Has a Pixelfed Problem and Space Time Scoping
- Links for the day
- Anti-Linux 'Articles' in linuxsecurity.com (Guardian Digital, Inc) Are Composed by Bots, Probably Microsoft's
- linuxsecurity.com has become a mindless stream of LLM slop
- "New Year, New Career"
- published a few hours ago
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, January 15, 2025
- IRC logs for Wednesday, January 15, 2025
Comments
David Gerard
2009-07-26 19:01:17
Roy Schestowitz
2009-07-26 19:28:25
Forget about malicious programs. When we have binary formats we also deal with malicious file formats and files that become malicious when merely interpreted, not executed.
David Gerard
2009-07-26 20:33:59
(a) in the '90s, Microsoft made a lot of their file formats dumps of C structs, for performance reasons;
(b) when this became incredibly hazardous with the Internet, and computers were powerful enough to check for malicious input ... they just kept on using the old code.
Then their master stroke of putting a complete programming language inside Office, thus inventing the macro virus.
Then their other master stroke of programs that execute any random instructions they happen to find in EMAIL MESSAGES.
INNOVATION!