Eye on Microsoft: Emergency, Botnets, and No Remedy
- Dr. Roy Schestowitz
- 2009-07-26 08:50:30 UTC
- Modified: 2009-07-26 08:50:30 UTC
Summary: Self-explanatory news about Microsoft and security
●
Microsoft to issue emergency patches next week
Microsoft plans to issue two emergency patches next week that fix vulnerabilities in the Internet Explorer browser and Visual Studio developer suite that allow attackers to remotely execute malware.
●
Software Crackdown
Cyber attacks seem to be getting more sophisticated by the hour. A few weeks ago malware known as Zero Day was found to have exploited a vulnerability in Microsoft's Windows operating system that could allow online criminals to take control of a computer from anywhere in the world without being detected. The operation involved what is known as "drive by" attacks, in which visitors to legitimate Web sites are redirected to a page that secretly downloads the malicious software.
●
Microsoft admits it can't stop Office file format hacks
Microsoft's plan to "sandbox" Office documents in the next version of its application suite is an admission that the company can't keep hackers from exploiting file format bugs, a security analyst said today.
Recent Techrights' Posts
- Free Software Community/Volunteers Aren't Circus Animals of GAFAM, IBM, Canonical and So On...
- Playing with people's lives for capital gain or "entertainment" isn't acceptable
- [Meme] The Cancer Culture
- Mission accomplished?
- Why the Articles From Daniel Pocock (FSFE, Fedora, Debian Etc. Insider) Still Matter a Lot
- Revisionism will try to suggest that "it's not true" or "not true anymore" or "it's old anyway"...
-
- Links 04/05/2024: Tesla a "Tech-Bubble", YouTube Ads When Pausing
- Links for the day
- Germany Transitioning to GNU/Linux
- Why aren't more German federal states following the footsteps of Schleswig-Holstein?
- IRC Proceedings: Friday, May 03, 2024
- IRC logs for Friday, May 03, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- Alexander Wirt, Bucha executions & Debian political prisoners
- Reprinted with permission from disguised.work
- Links 03/05/2024: Clownflare Collapses and China Deploys Homegrown Aircraft Carrier
- Links for the day
- IBM's Decision to Acquire HashiCorp is Bad News for Red Hat
- IBM acquired functionality that it had already acquired before
- Apparently Mass Layoffs at Microsoft Again (Late Friday), Meaning Mass Layoffs Every Month This Year Including May
- not familiar with the source site though
- Gemini Links 03/05/2024: Diaspora Still Alive and Fight Against Fake News
- Links for the day
- [Meme] Reserving Scorn for Those Who Expose the Misconduct
- they like to frame truth-tellers as 'harassers'
- Links 03/05/2024: Canada Euthanising Its Poor and Disabled, Call for Julian Assange's Freedom
- Links for the day
- Dashamir Hoxha & Debian harassment
- Reprinted with permission from disguised.work
- Maria Glukhova, Dmitry Bogatov & Debian Russia, Google, debian-private leaks
- Reprinted with permission from disguised.work
- Who really owns Debian: Ubuntu or Google?
- Reprinted with permission from disguised.work
- Keeping Computers at the Hands of Their Owners
- There's a reason why this site's name (or introduction) does not obsess over trademarks and such
- In May 2024 (So Far) statCounter's Measure of Linux 'Market Share' is Back at 7% (ChromeOS Included)
- for several months in a row ChromeOS (that would be Chromebooks) is growing
- Links 03/05/2024: Microsoft Shutting Down Xbox 360 Store and the 360 Marketplace
- Links for the day
- Evidence: Ireland, European Parliament 2024 election interference, fake news, Wikipedia, Google, WIPO, FSFE & Debian
- Reprinted with permission from Daniel Pocock
- Enforcing the Debian Social Contract with Uncensored.Deb.Ian.Community
- Reprinted with permission from Daniel Pocock
- Gemini Links 03/05/2024: Antenna Needs Your Gemlog, a Look at Gemini Get
- Links for the day
- IRC Proceedings: Thursday, May 02, 2024
- IRC logs for Thursday, May 02, 2024
- Over at Tux Machines...
- GNU/Linux news for the past day
- Jonathan Carter & Debian: fascism hiding in broad daylight
- Reprinted with permission from disguised.work
- Gunnar Wolf & Debian: fascism, anti-semitism and crucifixion
- Reprinted with permission from disguised.work
- Links 01/05/2024: Take-Two Interactive Layoffs and Post Office (Horizon System, Proprietary) Scandal Not Over
- Links for the day
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, May 01, 2024
- IRC logs for Wednesday, May 01, 2024
- Embrace, Extend, Replace the Original (Or Just Hijack the Word 'Sudo')
- First comment? A Microsoft employee
- Gemini Links 02/05/2024: Firewall Rules Etiquette and Self Host All The Things
- Links for the day
Comments
David Gerard
2009-07-26 19:01:17
Roy Schestowitz
2009-07-26 19:28:25
Forget about malicious programs. When we have binary formats we also deal with malicious file formats and files that become malicious when merely interpreted, not executed.
David Gerard
2009-07-26 20:33:59
(a) in the '90s, Microsoft made a lot of their file formats dumps of C structs, for performance reasons;
(b) when this became incredibly hazardous with the Internet, and computers were powerful enough to check for malicious input ... they just kept on using the old code.
Then their master stroke of putting a complete programming language inside Office, thus inventing the macro virus.
Then their other master stroke of programs that execute any random instructions they happen to find in EMAIL MESSAGES.
INNOVATION!