Bonum Certa Men Certa

Bizarre Story of the Day: United Arab Emirates (UAE) Turns to Microsoft to “Strengthen the Security of Information Systems and Networks”

Burj al Arab
What if Microsoft built their skyscrapers too?



Summary: Despite Microsoft's utter failures in security (examples given from this month), UAE turns to Microsoft to bolster security

THIS SEEMS LIKE another great example of black comedy. "Microsoft to strengthen cyber security in UAE," says this headline of an article which says that despite bad security record "Microsoft Inc. will work towards strengthening the security of information systems and networks in the United Arab Emirates (UAE)."



No sarcasm here.

Well, for those who know about Microsoft's relationship with UAE this would not be entirely shocking. But still, here we have a company that wilfully neglects to patch critical vulnerabilities until they are actively exploited (at which point it's too late to do something about it). Microsoft's nonchalance about security (and belated new patches) is a sign of its sheer arrogance. Here is Windows' very latest zero-day flaw:

Zero-day Windows bug problem worse than first thought, says expert



Today, Kolsek said that Acros has been digging into a new class of vulnerabilities for months. It has found more than 200 flawed applications harboring more than 500 separate bugs, he added, noting that the company had reported its findings to Microsoft more than four months ago.


This is an issue that we mentioned before and it's all over the news.

“Nobody knows the real number of flaws except Microsoft, which is often caught lying as long as it's more profitable than truth.”Microsoft is not being frank about its patches (it's shrouded in secrecy) and it admitted silent patching some months ago. It's the practice of fixing serious flaws without ever announcing it, even after these flaws get patched. Did this month bring Microsoft's biggest-ever patch? Well, not for sure. Nobody knows the real number of flaws except Microsoft, which is often caught lying as long as it's more profitable than truth.

There is a good deal of news right now (e.g. [1, 2]) about Microsoft trying to increase profit by providing "mission-critical" support. That does include "critical" flaws, right? Either way, the thing about mission-critical support is it's going to be needed and will be an alternative source of Microsoft revenue until customers find more reliable software stacks (Microsoft's VLSC is/was ironically still down, as we mentioned last week for the fourth time [1, 2, 3]). But it's another situation where Microsoft takes away business from so-called 'partners'. This was already done when Microsoft launched stores, hardware products like a phone, anti-virus software, and so and so forth. Microsoft pretends to support its broken products and offer security services for its insecure software. UAE, please pay attention to the facts.

Recent Techrights' Posts

Microsoft's GitHub is Losing Traffic, Based on an Extensive Web Survey, and Its Future is Uncertain
Remember that Microsoft keeps close to its chest the operations and finances of GitHub (because it's embarrassing!)
[Meme] Shoestring Budget With Record Profits (Because Hundreds of Thousands of Fake European Patents Get Granted)
Record profits? EPO staff does not benefit!
 
Links 14/10/2024: One Year Since Activision Blizzard Demolition 'Officially' Began and Amazon Corporate Layoffs Accelerate
Links for the day
Gemini Links 14/10/2024: Dabbling in GemText, Unit Testing
Links for the day
Links 14/10/2024: Keeping Multiple Blogs, Wrestling With Misinformation
Links for the day
[Meme] Class of Microsoft
"Everything started with Microsoft DOS!"
History Education and Rejecting Creation Myths
The creator of Linux isn't the creator of GNU/Linux
How to Follow Our Updates About EPO (or Everything Else for That Matter)
follow us via RSS feeds
EPO Administration: Wait Several Months or Until Next Year for Clarifications
"After the intranet announcements of 18 September and 27 September and recent emails from CIGNA concerning opting into the VECOZO network, colleagues have been contacting us with queries and requests for guidance."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 13, 2024
IRC logs for Sunday, October 13, 2024
Unrest at the European Patent Office as School Costs Eat Away the Income
"Letter to the administration on the Education Allowance - DISDH - German School"
Gemini Links 13/10/2024: ArcMenu, Emacs decide-mode, Midnight Pub Mass-Deletion Option
Links for the day
Links 13/10/2024: Science, Politics, and Some Gemini
Links for the day
Links 13/10/2024: Writing, Remembering John Wheeler, Voice Cloning
Links for the day
Certificate Authority Let's Encrypt Falls to 0.7% in Geminispace (It Was Around 12% Just 2 Years Ago and 7.5% This Past February)
Let's Encrypt is down again
Gemini Links 13/10/2024: Self-hosting Snac2 and Invasion of e-ink
Links for the day
SDxCentral, which the Linux Foundation Paid to Produce Marketing SPAM, Has Now Become Slop (LLM Spew) Disguised as 'Articles'
Google should delist it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 12, 2024
IRC logs for Saturday, October 12, 2024
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024