Eye on Microsoft: Windows (In)Security in the News
- Dr. Roy Schestowitz
- 2009-04-24 10:24:19 UTC
- Modified: 2009-04-24 10:24:19 UTC
●
Windows Trojan That Infected Over 3.6 Million PCs Evolves with Worm Behavior
One of the top families of malicious code targeting the Windows platform has evolved with the addition of worm behavior, Microsoft warns. According to data made public via the Microsoft Security Intelligence Report, the Win32/Vundo Trojan infected over 3.6 million computers in the second half of 2008, and occupies the third position in a malware ranking behind Renos and Zlob. Vundo is a family of malware with various components that are designed to serve victims 'out of context' pop-up advertisements following infection. Microsoft warns that the Vundo family of malicious software can also
be used to download and execute arbitrary files.
●
One bot-infected PC = 600,000 spam messages a day
TRACElabs concluded that Rustock and Xarvester, the latter perhaps linked to the down-and-out Srizbi botnet, are the most efficient spam spewers of the nine bots. Each is capable of sending up to 25,000 messages per hour, or 600,000 per day, and 4.2 million per week.
●
Updated research of the largest base of real-world vulnerability data
4. Exploitation - Eighty percent of vulnerability exploits are now available within single digit days after the vulnerability’s public release. In 2008, Qualys Labs logged 56 vulnerabilities with zero-day exploits, including the RPC vulnerability that produced Conficker. In 2009, the first vulnerability released by Microsoft, MS09-001 had an exploit available within seven days. Microsoft’s April Patch Tuesday included known exploits for over 47 percent of the published vulnerabilities. This law had the most drastic change from the Laws 1.0 in 2004, which provided a comfortable 60 days as guidance.
Recent Techrights' Posts
- Free Software Community/Volunteers Aren't Circus Animals of GAFAM, IBM, Canonical and So On...
- Playing with people's lives for capital gain or "entertainment" isn't acceptable
- [Meme] The Cancer Culture
- Mission accomplished?
-
- [Meme] People Who Don't Write Code Demanding the Removal of Those Who Do
- She has blue hair and she sleeps with the Debian Project Leader
- Jaminy Prabaharan & Debian: the GSoC admin who failed GSoC
- Reprinted with permission from disguised.work
- Jonathan Carter, Matthew Miller & Debian, Fedora: Community, Cult, Fraud
- Reprinted with permission from disguised.work
- Techrights This May
- We strive to keep it lean and fast
- Links 04/05/2024: Attacks on Workers and the Press
- Links for the day
- Gemini Links 04/05/2024: Abstractions in Development Considered Harmful
- Links for the day
- Links 04/05/2024: Tesla a "Tech-Bubble", YouTube Ads When Pausing
- Links for the day
- Germany Transitioning to GNU/Linux
- Why aren't more German federal states following the footsteps of Schleswig-Holstein?
- IRC Proceedings: Friday, May 03, 2024
- IRC logs for Friday, May 03, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- Alexander Wirt, Bucha executions & Debian political prisoners
- Reprinted with permission from disguised.work
- Links 03/05/2024: Clownflare Collapses and China Deploys Homegrown Aircraft Carrier
- Links for the day
- IBM's Decision to Acquire HashiCorp is Bad News for Red Hat
- IBM acquired functionality that it had already acquired before
- Apparently Mass Layoffs at Microsoft Again (Late Friday), Meaning Mass Layoffs Every Month This Year Including May
- not familiar with the source site though
- Gemini Links 03/05/2024: Diaspora Still Alive and Fight Against Fake News
- Links for the day
- [Meme] Reserving Scorn for Those Who Expose the Misconduct
- they like to frame truth-tellers as 'harassers'
- Why the Articles From Daniel Pocock (FSFE, Fedora, Debian Etc. Insider) Still Matter a Lot
- Revisionism will try to suggest that "it's not true" or "not true anymore" or "it's old anyway"...
- Links 03/05/2024: Canada Euthanising Its Poor and Disabled, Call for Julian Assange's Freedom
- Links for the day
- Dashamir Hoxha & Debian harassment
- Reprinted with permission from disguised.work
- Maria Glukhova, Dmitry Bogatov & Debian Russia, Google, debian-private leaks
- Reprinted with permission from disguised.work
- Who really owns Debian: Ubuntu or Google?
- Reprinted with permission from disguised.work
- Keeping Computers at the Hands of Their Owners
- There's a reason why this site's name (or introduction) does not obsess over trademarks and such
- In May 2024 (So Far) statCounter's Measure of Linux 'Market Share' is Back at 7% (ChromeOS Included)
- for several months in a row ChromeOS (that would be Chromebooks) is growing
- Links 03/05/2024: Microsoft Shutting Down Xbox 360 Store and the 360 Marketplace
- Links for the day
- Evidence: Ireland, European Parliament 2024 election interference, fake news, Wikipedia, Google, WIPO, FSFE & Debian
- Reprinted with permission from Daniel Pocock
- Enforcing the Debian Social Contract with Uncensored.Deb.Ian.Community
- Reprinted with permission from Daniel Pocock
- Gemini Links 03/05/2024: Antenna Needs Your Gemlog, a Look at Gemini Get
- Links for the day
- IRC Proceedings: Thursday, May 02, 2024
- IRC logs for Thursday, May 02, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- Jonathan Carter & Debian: fascism hiding in broad daylight
- Reprinted with permission from disguised.work
- Gunnar Wolf & Debian: fascism, anti-semitism and crucifixion
- Reprinted with permission from disguised.work
- Links 01/05/2024: Take-Two Interactive Layoffs and Post Office (Horizon System, Proprietary) Scandal Not Over
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, May 01, 2024
- IRC logs for Wednesday, May 01, 2024
- Embrace, Extend, Replace the Original (Or Just Hijack the Word 'Sudo')
- First comment? A Microsoft employee
- Gemini Links 02/05/2024: Firewall Rules Etiquette and Self Host All The Things
- Links for the day