Bonum Certa Men Certa

Microsoft Back Door in Windows (All Versions) Intentionally Left Open For Over a Year, Existed for 15 Years

Summary: It has become more obvious that Windows back doors are there by design (or knowingly left there by intention) even after Snowden's NSA leaks

THERE ARE SOME corporate media reports about Microsoft patches, but few realise the significance of it. Microsoft tells the NSA about unpatched holes in Windows and other Microsoft software, which is the equivalent of giving the NSA back door access.



As we noted some weeks ago, evidence shows that Microsoft doesn't care about security and it is evidently the same with Apple. They both sat on known flaws that were critical for longer than 3 months, refusing to patch them. Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known).

"Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known)."Dan Goodin, who typically spends his 'journalism' career bashing Free software over security, has finally decided to shift some focus and write about a massive Windows flaw. It's a major one, no doubt; But no name, no "branding"...

In Goodin's own words:

Microsoft just patched a 15-year-old bug that in some cases allows attackers to take complete control of PCs running all supported versions of Windows. The critical vulnerability will remain unpatched in Windows Server 2003, leaving that version wide open for the remaining five months Microsoft pledged to continue supporting it.

The flaw, which took Microsoft more than 12 months to fix, affects all users who connect to business, corporate, or government networks using the Active Directory service. The database is built into Windows and acts as a combination traffic cop and security guard, granting specific privileges to authorized users and mapping where on a local network various resources are available. The bug—which Microsoft classifies as MS15-011 and the researcher who first reported it calls Jasbug—allows attackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a man-in-the-middle exploit that executes malicious code on vulnerable machines.


The significant part is in the second paragraph above ("took Microsoft more than 12 months to fix"). We can interpret that as saying that the hole, which NSA used for over a year for back door access (because Mirosoft told the NSA about it), is finally being acknowledged to the public. Therein lies the 'magic' of proprietary software. Is the NSA now 'done' cracking all the world's networks that have Windows in them? Is it now 'safe' to finally close this back door?

Microsoft Windows is an utter joke when it comes to security, as Microsoft's own actions serve to show. Back doors surely look like the goal, not an error. Windows was recently used to crack Sony years after the NSA had cracked North Korea's network. Those who knowingly used an operating system with back doors can't blame anyone other than themselves and perhaps Microsoft/NSA. Misplaced blame these days typically names China, Russia, or North Korea.

Remember that Microsoft leaves security holes open/in fact anyway, no matter if versions of Windows are supported or not (upgrades are neither simple nor free). As Goodin's former employer puts it:

What happens six months from now, on 14 July? That's the date Microsoft issues its last security fix ever for Window Server 2003 – the end of extended support from the server operating system's maker.


The article states that many servers will basically be left with permanent back doors. Many of them contain customers' (or patients') data.

As Robert Pogson put it, "Server 2003, which is due to go without support this summer won’t be fixed for a recent Patch Tuesday revelation of a vulnerability built-in by design a decade ago and impossible to fix without breaking everything…"

He concludes correctly: "Maybe it’s time people switched to GNU/Linux, an operating system not designed by salesmen. It’s not perfect but at least the bugs are fixable."

Yes, even bugs with special names, logos, and "branding" -- those that the corporate media loves to hype up.

Recent Techrights' Posts

Later on Elon Musk Wonders Why Large Nations Block His Pet 'Social Control Media' (Incitement/Radicalisation) Platform...
This isn't a question of "censorship" because there's a call to kill
Science and Academia Under Attack, Imposters Inheriting or Aggressively Seizing the Top Roles
Academia has turned into a bad place
 
'Open'AI Looks Like a Company Headed Towards Bankruptcy, Not IPO, Losses Grew Almost Tenfold in a Year (Yes, it's Just a Bubble Facilitated by Artificial Hype)
This isn't going to end well, especially not for Microsoft
Apple is Canceling Products, Services, Even Lays Off Staff in Large Numbers Every Few Months
Apple cancelling some more things
Microsoft: Layoffs Are Growth
Orwell would have loved this newspeak
Links 16/09/2024: Verizon Layoffs, 'Tram Driver Olympics', and Anniversary of Mahsa Amini's Death
Links for the day
Gemini Links 16/09/2024: ROOPHLOCH and MyGemini.Space
Links for the day
Invidious Instances Explain What Google/YouTube (Alphabet/Pentagon) Did To Them This Past Week
They're unambiguous about this
Dr. Richard M. Stallman (RMS) on How to Make People Care About Free Software and Why Prohibiting Proprietary Software Would Not Work
"maybe a similar general approach could work with non-Free software as a way of discouraging it from being a successful business."
Please Quit Uploading Event Talks (Especially of Free Software) to YouTube
This is enshittification
Links 16/09/2024: Shrinking Economy, Climate Issues, Soaring Energy Costs
Links for the day
'Former' Microsofter Jason Perlow Left Linux Foundation
The "communication" people from the Linux Foundation are basically scammers
MyGem Launched to Make Adoption of Gemini Protocol (With Gemini Hosting) a Lot Easier
a new week and also a new capsule
Disregard for History is Disregard for (Computer) Science
They're killing the real entrepreneurs and innovators
Dr. Richard M. Stallman (RMS) on His Hobbies and Health
Answering a question from the audience in Germany
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 15, 2024
IRC logs for Sunday, September 15, 2024
Gemini Links 16/09/2024: billsmugs.com Becomes rainywhile.net, Zaurus on Internet
Links for the day
[Meme] Wrong Priorities at Universities
Because what matters isn't expertise
Microsoft and the Sunk Cost Fallacy
"Microsoft aims for the sunk cost fallacy"
Turning Away Unwanted and/or Predatory Bots
If no human will ever read it, what's the point serving?
Links 15/09/2024: Complicated Music Licensing Schemes and Dangers of Sleep Deprivation
Links for the day
Links 15/09/2024: Sci-fi London 2024 and Outsourcing to Proton Mail
Links for the day
Links 15/09/2024: French Teachers Quit in Droves, Why 'eSports' are Not Sports
Links for the day
[Meme] Red Hat Staff Must Learn IBM's Dark History (IBM Still Boosts Donald Trump, So No Lessons Learned)
This isn't a subject for humour
Don't Fall for Reputation Laundering and Whitewashing
Remember history, don't pay attention to PR and charm offensives
[Meme] Microsoft as a Joke That Writes Itself
"Microsoft confesses its recent security updates…broke Windows 10 security patches"
GNU Turns 41 in Just 12 Days
Can truth and science be resuscitated, please?
[Meme] Large Language Models (LLMs) Destroy the Web With an Ocean of Disinformation and Misinformation, Falsely Promoted as "Intelligence" by Microsoft et al
"Microsoft bribes the media to say 'Microsoft loves Linux'"
Dr. Richard M. Stallman (RMS) Asks People to Stop Calling Large Language Models (LLMs) "Artificial Intelligence" (AI)
"I think that the first step is stop calling them AI"
Even Microsoft Boosters Think XBox is Doomed
"Reports Say Morale At Xbox Is “Very Low”"... a Microsoft booster cited by them
Dr. Richard M. Stallman (RMS): "There are still people who make it their business to try to stop me from getting invited to speak, and it's a slow process working back from that"
From the talk he gave last month
Very Few Invidious Instances Still Work (for Video Playback)
Google has sabotaged Invidious
Sites Writing Fake News About Linux Using LLMs (Microsoft Hype That Promotes Misinformation)
RMS recently called these "bullshit machines"
Gemini Links 15/09/2024: MINIbase and Pocket Reform Experience
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 14, 2024
IRC logs for Saturday, September 14, 2024
[Meme] The Prosecutor and Prosecuted, the Community and Businessmen (Red Hat)
"Social justice is not a corporate slogan or identity politics"
Pushing Nonsense Using the Brand "Linux"
the trademark "Linux" might already lack potency
In China, statCounter Seeing Windows Vista 11 as Falling 2.5% This Month Relative to Other Versions of Windows (Vista 7 Grows Its Gap Over "11")
Vista 7 is bigger!
Dr. Richard M. Stallman (RMS) Explains Why So-called 'Cryptocurrencies' Suck and Why GNU Taler is Better
"I've never used cryptocurrency. There were things I found disappointing and worrisome..."
Links 14/09/2024: Verizon's 5,000 Layoffs and China's 'Runaway' Pension Age
Links for the day
Gemini Links 14/09/2024: Comparing Costs and Being "Tamed"
Links for the day
Wine Took the Bait (Mono), Soon Starts the Microsoft Circus With the Banhammer
large companies are exercising more control over the thing/s they claim to "donate" to
Links 14/09/2024: Science, War, and Politics
Links for the day
Transcript (and Correction) of Dirk Hohndel's Interview With Linus Torvalds in 2014
A lot of things have deteriorated since then
Microsoft Asia President Ahmed Mazhari Leaves the Company
Even everything they say about Mazhari is just "prepared" quotes from Microsoft itself
This is Not a Sustainable Way to Run Microsoft
This is a downward spiral
Contrary to What Microsoft Claims, Teams Were Cut Yesterday, XBox Sales Have Collapsed, Layoffs Announced at 3AM (in the Morning)
There is actually a lot of media coverage about this, unlike prior waves of layoffs at Microsoft
Last Month Dr. Richard M. Stallman (RMS) Explained Why You Should Delete GitHub
RMS explained why
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 13, 2024
IRC logs for Friday, September 13, 2024
Gemini Links 14/09/2024: LoRa, ROOPHLOCH, and Crafting a Programming Language
Links for the day