Bonum Certa Men Certa
US Supreme Court May Have Another Chance to Eliminate Software Patents, But It's Up to Microsoft | IRC Proceedings: July 27th, 2010

New Flaw in Windows Facilitates More DDOS Attacks

Stachledraht DDOS attack



Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.


No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.


More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.


We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”


It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used?
US Supreme Court May Have Another Chance to Eliminate Software Patents, But It's Up to Microsoft | IRC Proceedings: July 27th, 2010

Recent Techrights' Posts

Slop Has no ROI, an Economy Built on False Assumptions of Slop is Doomed
we're all going to suffer from this Ponzi scheme
The Cyber Show Has "Exciting Guests Coming" and a Gemini Capsule
"Site development is ongoing but now settling into a more stable form"
Banning Things Versus Teaching People the Reason/s to Shun/Boycott Those Things
Prohibition has its limits
 
GAFAM Bots Are Not "Good Bots"
There's nothing "Good" about Google
Links 08/06/2026: Criticism of Microsoft Trying to Criminalise Pointing Out Bug Doors, TikTok Now "Climate-Denying Social Media App"
Links for the day
GNU/Linux Measured at 10% in Liechtenstein This Month
it seems like statCounter wrongly classified some GNU/Linux clients as Mac clients and is now issuing a correction
Communicating With Freedom - Part III - Quibble Envisioned as a New and Easily Accessible Communications Platform Based on LibreJS
the FSF really needs to become more active if not proactive in promoting those sorts of things
Clownflare Says Majority of Web Traffic is Now Bots, But the Net is Another Story
Bots are to Clownflare what lawsuits are to lawyers
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 07, 2026
IRC logs for Sunday, June 07, 2026
The Strikes at the European Patent Office Planned to Carry on for the Entire Year, Maybe Future Years as Well
There's a cautionary tale somewhere
Number of Patent Grants Has Plunged 23% Amid Strikes at the European Patent Office, Today There Are More Strikes (Strike Participation at Over 3,000, More Than Doubled Since Winter)
There is a growing crisis at the European Patent Office
E.E.E. Still Ongoing, the War on Copyleft/GPL Enables That
It also imperils security.
Gemini Links 07/06/2026: Lynx in the 'Modern' Web and 'Overcooked' (Plagiarised by LLM) Code
Links for the day
Links 07/06/2026: Java Needs Seawall, Egypt Blasted for Arbitrary Detention of Activists
Links for the day
SLAPP Censorship - Part 100 Out of 200: Interlude and Outline of the First Half, 3+ Months That Got Us Death Threats Connected to Brett Wilson LLP (and Cyber Attacks That Are Difficult to Attribute)
This week we plan to have a good time
Links 07/06/2026: NASA's Mars Maven Declared Dead, Telegram Founder Pavel Durov Bemoans Russia's Crackdown
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 06, 2026
IRC logs for Saturday, June 06, 2026
Gemini Links 07/06/2026: How to Train Your Dragon (2010) and "Six Days of Play"
Links for the day
Links 06/06/2026: 'Epstein Problem' in Board of Directors of Microsoft, Surveillance Giant Google Under Legal Threats for Online Misuses
Links for the day
Software Freedom Takes a Lot More Than Coding
some of the roles in the Free software community that don't receive (m)any grateful words
Ubuntu is Losing to Other GNU/Linux Distros
"Linux Mint"
Old Articles Explaining That Patents - Especially Software Patents - Are Bad for Innovation
We've omitted more than 50% of the articles we had gathered as candidates for inclusion
European Patent Office (EPO) Crisis: Huge EPO Strikes, Profound Corruption, and Cocaine Use by Managers Tolerated
These strikes won't be ending any time soon
Why GNU and FSF Will Choose AV1 Over AV2 (It's More Widely Supported)
for the foreseeable future they'll stick with AV1
Mass Layoffs (RAs) and PIPs (Excuses to Sack) at IBM: Insiders Tell No Relation to Actual Performance
If many thousands are impacted by this, then certainly it is newsworthy
Links 06/06/2026: LinkedIn Infested With Spies, Ethernet WiFi Router On Pi Pico 2W
Links for the day
25 Years With PalmOS
That my Palm PDA still works in 2026 (not in mint condition but close to that) says a lot about the "build quality" of gadgets 20+ years ago
Why We Dumped Online Shopping (Groceries)
subsidies kept the "online" stuff artificially cheap
Microsoft Fell to All-Time Low in Monaco Last Month
So says statCounter anyway
Lawsuits That Don't Work
Not as expected anyway
SLAPP Censorship - Part 99 Out of 200: Graveley and Garrett Seem to Have Crashed Brett Wilson LLP (Worse Than Taking Russian Oligarchs as SLAPP Clients)
a state of disarray
Microsoft Has Spent Months Preparing Lists of People to Cull in Massive Wave of Layoffs (Allegedly Start of July)
There is some consensus that we're weeks away from mega-layoffs at Microsoft
Gemini Links 06/06/2026: "Competing" With LLMs and "Automation of Any Kind"
Links for the day
Links 06/06/2026: 'Linux' Foundation Openwashing Slop on Microsoft's Payroll, Ukraine Wants Permanent Ceasefire With Russia
Links for the day
50% of the 'Gains' Made by "Quantum" Hype Already Evaporated
"It was all hype about quantum nonsense. Heading back to reality now. Expect sub-$220 after earnings release next month."
Heap of Trash Online, Not Just the Fault of LLM Slop But Enabled by Slop
Google News has just promoted a pair of prolific slopfarms
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 05, 2026
IRC logs for Friday, June 05, 2026