Bonum Certa Men Certa

Windows News is All About Security Problems and Leaks

Drainpipe



Summary: Windows grows increasingly rusty and the consequences are serious flaws that pose a danger to national security

IT is always interesting to see the coverage which accompanies Microsoft Windows. It has been an extremely slow news week for Windows. Looking at some recent news (the past 8 days), we have not found a single headline about "Vista". We found just about 10 clusters on "Windows 7" (including repetitions), which is exceptionally little.



“The main news about Windows this week is probably all the security holes.”Microsoft has relied on many fake "leaks" recently, but this one of SP1 for Vista 7 is not likely to serve a marketing purpose [1, 2, 3, 4, 5, 6, 7]. Microsoft would like people to think that access to an early version is something special, but it is already possible (legally) with GNU/Linux distributions. It's still possible this this Windows leak is deliberate, with the intention of creating anticipation and sending out the message that SP1 will come "real soon now".

The main news about Windows this week is probably all the security holes. It dominates the news, for sure. Microsoft claims that 25 vulnerabilities currently exist, but experience suggests that Microsoft is lying about the numbers. Microsoft claims that there are five "critical" security holes and 25 Windows vulnerabilities this time around [1, 2, 3, 4].

Microsoft is due fix a total of 25 bugs in its upcoming patch next week.


More on the "critical" ones [1, 2]:

MS preps 5 Windows critical fixes for busy Patch Tuesday



[...]

Microsoft has lined up 11 patches that collectively address 25 security vulnerabilities as part of its April Patch Tuesday security update.

Five of the scheduled patches fix critical flaws, all involving Windows vulnerabilities. All supported versions of Windows are addressed by this much heavier than usual update batch. "Important" patches for Microsoft Office and Microsoft Exchange are also being loaded up for delivery next week.


What about hidden fixes (not disclosed)? Either way, given that the high proportion of Windows installations are already hijacked, the following new report is not entirely shocking.

1-in-10 Windows PCs still vulnerable to Conficker worm



[...]

More than a year after doomsday reports hinted that the Conficker worm would bring down the Internet, one-in-10 Windows PCs still have not been patched to plug the hole the worm wriggles through, new data shows.

And 25 of every 1,000 systems are currently infected with the worm.


Cyber war remains a national threat and it depends on availability of zombie PCs running Windows. As a timely new reminder we observe:

In his new book, Cyber War, Richard Clarke says nations are building up their online armies and weapons largely far from public view, increasing the danger of a deliberate or accidental cyberwar, which in turn could trigger violent conflicts across the globe.


We already have examples from east Europe (nothing was put in place to prevent recurrence), but the problem is being denied by Howard Schmidt from Microsoft, who works for the US government now [1, 2].

Recent Techrights' Posts

Delayed Series About Dr. Richard Stallman
A lot of the attacks on him boil down to petty things
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting Several Webhosts (in Collaboration and Conjunction With Mentally-Ill Flunkies)
Every attempt to nuke the current hosting failed, but it's still worth noting
Google: We Don't Have Source Diversity, But We Have Chatbot Spew in Place of Sources (and It's Not Even Accurate)
Search engines and news search never looked this bad...
[Meme] Security is Not a Failure to Boot (or Illusion of Security Due to 'Unknown' System)
Red Hat is largely responsible for this mess
What is Secure Boot?
Security means the user feels safe and secure - i.e. confident that the machine would continue to work following a reboot or a system upgrade (or kernel upgrade)
Links 27/05/2024: Chatbots Generate Hateful Output, TPM Performance Scrutinised
Links for the day
David Heinemeier Hansson (DHH) Realises What He Should Have Decades Ago
seeing that DHH is moving away from Apple is kind of a big deal
 
Microsoft Windows Fell From 100% to Just 7.5% in Sierra Leone
Based on statCounter
In Benin, Microsoft's Windows Fell Below 10%, GNU/Linux Surged to 6% or Higher on Desktops/Laptops
That's nearly 7% - a lot higher than the average in Africa
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, May 27, 2024
IRC logs for Monday, May 27, 2024
[Meme] Elephant in the Asian Room
With ChromeOS included GNU/Linux is at 6% across Asia
GNU/Linux in Bangladesh Up From 0.5% to Over 4% (Windows Slid From 95% to 18%)
Bangladesh is one of the world's most densely-populated countries
Links 27/05/2024: One Month Left for ICQ, More Openwashing Highlighted
Links for the day
Gemini Links 27/05/2024: Back to GNU/Linux, Librem 5 Assessed
Links for the day
StatCounter (or statCounter) Has Mostly Recovered From a Day's Downtime (Malfunction)
Some of the material we've published based on the statCounter datasets truly annoys Microsofters
StatCounter (or statCounter) Has Been Broken for Nearly 24 Hours. Who Benefits? Microsoft.
StatCounter is broken right now and has been broken for nearly 24 hours already
Reinvigorating the Voice of GNU/Linux Users (Not Companies Whose Chiefs Don't Even Use GNU/Linux!)
Scott Ruecker has just announced his return
"Tech" in the Context of Even Bigger Issues
"Tech" (or technology) activism is important; but there's a bigger picture
A Decade of In-Depth Coverage of Corruption at the European Patent Office (EPO)
The world needs transparency and sunlight
Hopefully Not Sunset for StatCounter
We hope that StatCounter will be back soon.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 26, 2024
IRC logs for Sunday, May 26, 2024
Links 27/05/2024: Self-Publishing, Patent Monopolies, and Armed Conflicts
Links for the day
Gemini Links 27/05/2024: Tethering Connection and PFAs
Links for the day
Imagine Canada Enabling Rapists to Harass Their (Rape) Victims
This analogy is applicable because abusers are empowered against the abused
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting My Old "Tweets"
This was basically an act of vandalism no better and no worse than UEFI restricted boot
Links 26/05/2024: Google 'Search' Morphing Into Disinformation Factory, Discussion of Maze of the Prison Industrial Complex
Links for the day
In the Pacific (Mostly Islands Around Oceania) GNU/Linux Grew a Lot
Microsoft cannot compete fairly
A Toast to Tux Machines
Food ready for the party, no photos yet...
IBM/Red Hat Failing to Meet Its WARN Obligations in NC (STATE OF NORTH CAROLINA), or Perhaps It's Constantly Delaying the Layoffs
IBM isn't named even once
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 25, 2024
IRC logs for Saturday, May 25, 2024
GNU/Linux in Greenland
The sharp increases for GNU/Linux started last summer
The Sheer Absurdity of the EPO's Career System Explained by EPO Staff
"Staff representation has previously pointed this out to management, and the career system has been the reason for several industrial actions and litigation cases initiated by SUEPO."
[Meme] Productivity Champ Nellie Simon: It Takes Me 3+ Weeks to Write 6 Paragraphs
Congrats to Nellie Simon!
It Took EPO Management 3+ Weeks to Respond to a Letter About an Urgent Problem (Defunding of EPO Staff)
The funny thing about it is that Nellie Simon expects examiners to work day and night (which is illegal) while she herself takes 3+ weeks to write a 1-page letter
Staff Union of the EPO (SUEPO) in The Hague Taking Action to Rectify Cuts to Families of Workers
they "are active in challenging this measure via the legal system"