LAST month we published our hospital series. It was about hospital managers and media, in cohesion, blaming or punishing Microsoft's competition for Microsoft's own failings. Hospitals are being taken out of service because of Microsoft and somehow, perhaps miraculously, everything gets blamed except Microsoft. It's part of a media cover-up and hospital blame-shifting pattern.

"It's almost as though someone is in deep denial about the nature of the real culprit, instead blaming people who exploit the holes (as they can)."It's barely surprising to hear -- as I did earlier this week -- that: "An analysis of the ongoing massive cyber attack on Australia finds mostly Microsoft vulnerabilities exploits."

The official page speaks of "tools copied almost identically from open source."

They focus on how the exploits were put together, not the holes that they exploit. But this part is telling: "During investigations, a common issue that reduced the effectiveness and speed of investigative efforts was the lack of comprehensive and historical logging information across a number of areas including web server request logs, Windows event logs and internet proxy logs. The ACSC strongly recommends reviewing and implementing the ACSC guidance on Windows Event Logging and Forwarding and System Monitoring."

This part is pretty clear about Windows being the issue. "Stop public spending on Microsoft," the person who highlighted to to me said. "Public Money, Public Code. Media blames China." The above page also link to this page: "The actor has been identified leveraging a number of initial access vectors, with the most prevalent being the exploitation of public-facing infrastructure — primarily through the use of remote code execution vulnerabilities in unpatched versions of Telerik UI. Other vulnerabilities in public-facing infrastructure leveraged by the actor include exploitation of a deserialisation vulnerability in Microsoft Internet Information Services (IIS), a 2019 SharePoint vulnerability and the 2019 Citrix vulnerability."

IIS, SharePoint, Citrix...

It's almost as though someone is in deep denial about the nature of the real culprit, instead blaming people who exploit the holes (as they can). Not the people are blamed but the tools. Or sometimes the people, especially if they "foreigners"...

Another person highlighted to us this new piece which he says demonstrates "Windows TCO," albeit it is "Microsoft marketeering spam" because it sort of rewrites the history of Maersk incidents, which years ago the media said had a major catastrophe due to Windows. This page entitled "Maersk, me & notPetya" says: "Within a couple of hours, it was clear this had impacted every single domain-joined Windows laptop, desktop, virtual machine and physical server around the planet."

So Windows, with its notorious NSA back doors (for which there are remote access tools -- tools which leaked online), is the actual culprit. Maybe stop using something which you know to be flawed (and often by design)? ⬆