Bonum Certa Men Certa

Microsoft Refuses to Fix Known Security Vulnerabilities for Years, Anti-Virus (AV) Software Turns Useless

Guard in Prague



Summary: Shocking new revelations about Microsoft's patronising attitude, which leaves customers vulnerable and unable to control their computers

Microsoft Spurned Researcher Collective is a new group of disgruntled experts whom Microsoft mistreated after they had helped Microsoft discover serious bugs in its software. According to this news item, Microsoft's attitude towards security vulnerabilities is absolutely appalling and Microsoft should be slammed for it.



In October 2006, security researcher H.D. Moore discovered a serious problem with the way applications running on Windows display rich text content.

He reported the vulnerability to Microsoft and nearly four years later it's still not fixed, despite the fact that it could be exploited to run malicious code on a PC and take control of it.

Unfortunately, this is not an isolated incident. According to the Zero Day Initiative, which serves as a broker between security researchers who find flaws and software companies who need to fix them, there are 122 outstanding vulnerabilities that have been reported to vendors and which have not been patched yet. The oldest on the list was reported to IBM in May 2007 and more than 30 of the outstanding vulnerabilities are older than a year.


So it only took like what...? Just years? There are other examples like this one -- several of which we covered here before. Such utter negligence [1, 2, 3] deserves scrutiny if not legal action, for reasons we explained before. By not fixing known problems Microsoft can carry on faking numbers to create a false perception of security. "Pressure mounts for a swifter response to vulnerabilities," says this new report from The H and a security news site now argues that "AV vendors detect on average 19% of malware attacks" (that's not much better than no AV software at all).

The data used for this study were collected and analyzed between April 20, 2010 and April 22, 2010, resulting in an overall total data set of approximately 1,708 confirmed malware files. The files were then run through the latest release of the top desktop AV solutions upon initial detection and again every six hours for one month to determine their detection and lag rates.


No wonder one in two Windows PCs is believed to be a Windows zombie PC.

Recent Techrights' Posts

[Meme] If Iraq Launches an Investigation Into How Microsoft Bought OpenAI Without Paying for It
fake "money" from Microsoft
Windows Has Fallen to 13% Market Share in Iraq (It was 100% Just 15 Years Ago), GNU/Linux Rose Sharply in Recent Years
In recent years Iraq was developing its own GNU/Linux distro
Springtime is Next, Here's What We Plan for March and April
This month and next month we expect to publish something unique about EPO abuses every day
Studying the Freedom of firefox-123.0.tar.bz2
The "F" in Firefox
Abraham Raji, Jens Schmalzing & debian-private cover-ups after deaths, accidents, suicides
Reprinted with permission from Daniel Pocock
Microsoft Bribes, Keeping Regulators at Bay
crime and corruption
[Meme] The Quotas Came From Above
EPO targets
EPO Talent Planning & Architecture is Another Attack on EPO Staff and the Central Staff Committee (CSC) Explains Why
ignore the flowery words
[Meme] Just Following Orders From "The Fu**ing President" António Campinos
Salary? OBEY!
Links 21/02/2024: China Working on West-less Tech Future, More Bounties on Patent Troll Leigh M. Rothschild (Which IBM et al Failed to Dismantle at the Root)
Links for the day
Links 21/02/2024: Encryption Backdoors Deemed Not Legal, Decentralised Web Under Attack
Links for the day
Games:Steam Audio as Free Software, Hazard Pay, ChipWits, and More
7 stories for today
Julian Assange, Wikileaks & Debian-private
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 20, 2024
IRC logs for Tuesday, February 20, 2024
Links 21/02/2024: Microsoft Sued for Monopolistic Policies, More Layoffs Planned for Next Month
Links for the day
Gemini Links 20/02/2024: Time Management System and Communications
Links for the day
Techrights' Statement on Julian Assange Verdict (February 20th, 2024) - Updated Throughout the Day
Techrights observes today's disturbing attempts to extradite a journalist for committing acts of journalism
Links 20/02/2024: More GAFAM Layoffs, Assange Missing From His Trial for Heath Reasons (the UK's Own 'Navalny Treatment')
Links for the day
[Meme] But the Boss Said...
"The illegal we do immediately. The unconstitutional takes a little longer."
An EPC-Violating Patent Granting Process: Unlawful Orders, According to the Central Staff Committee of the European Patent Office (EPO)
One can hope there's another strike (work stoppage) planned
In Cuba, Windows Dips to 'Market Share' of 16.8% and GNU/Linux Keeps Growing (Now ~6% of Desktops and Laptops)
it's harder for Microsoft to push Cubans around
[Meme] Code of Conduct (CoC): Too Much Power in the Wrong Hands
Might makes right?
[Video] For Software Freedom Avoid Free Bait
do not take any of this for granted
[Video] Trouble at Mozilla Means Trouble for Firefox and for the Web
The era of the open Web is ending
[Video] Microsoft Layoffs: It's Worse Than the Media Makes It Seem
Microsoft's fraudulent accounting
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, February 19, 2024
IRC logs for Monday, February 19, 2024
Gemini Links 20/02/2024: Kids Cannot Write, Misfin-Server, and More
Links for the day
[Meme] Not Only XBox is Failing at Microsoft (There's a Comprehensive Cover-up)
A lot of stuff at Microsoft has been a failure
[Video] Invalid European Patents and Invalid (Kangaroo) Courts: It All Comes Together, Enriching the Already-Rich Monopolists by Systemically Flawed Design, and Moreover in Defiance of Constitutions
If the EPO makes more money by granting more European monopolies (mostly to non-Europeans), does it mean politicians should celebrate it?
Why Microsoft is Promoting/Hyping Up XBox Vapourware (Hardware That Does Not Even Exist) and 'Store' (or Titles) Instead of Physical Products
most operations/units at Microsoft shrink or lose money
GNU/Linux in Egypt: From 0.1% to 6% in 15 Years
United Kingdom is about 4.1 times smaller than Egypt
Links 19/02/2024: Microsoft Reportedly Set to Cut Even More Jobs, Air Strikes in Yemen Continue
Links for the day
Sexually Harassing and Intimidating Women, Then Sending "Final Warning" to Silence Them by Further Intimidation
Attacking women, blackmailing hosts, and falsely presenting (or misrepresenting) laws
Claire M. Connelly, Melissa O'Neill & Debian relationship rumors
Reprinted with permission from Daniel Pocock
Links 19/02/2024: Terrorists in Twitter and Julian Assange Verdict Imminent
Links for the day
Gemini Links 19/02/2024: NNCP, Rust, and More
Links for the day
The Cyber|Show: Inscrutable (Proprietary) Systems - British Post Office - Part 2
modern day software complexity
WIPO UDRP Decision 2022-1524 explained
Reprinted with permission from Daniel Pocock
Perjury: Axel Beckert (ETH Zurich) & Debian lying and scapegoating
In the next snippets of Debian vendetta-by-lawyer, we are going to pick out the examples of perjury
[Meme] All Quiet On The Munich Front
On patent fodder
Freeloading Patent Monopolies in Europe (Typically Granted to Non-European Corporations) While the 'EPO Mafia' is "Frontloading"
lowering quality of examination
IRC Proceedings: Sunday, February 18, 2024
IRC logs for Sunday, February 18, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Almost 1,000 Microsoft Layoffs in California This Year, According to Official Pages Tied to Worker Adjustment and Retraining Notification (WARN) Act
a look at raw data