Microsoft - Again!!

Nigerian scams, chain letters, pyramid schemes and anything not auction related.
User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Bigfoot Is Alive & Well.................

Post by Foggyone » Mon Jun 10, 2013 6:50 pm

............and it's called Microsoft.

Microsoft borks botnet takedown in Citadel snafu

Stupid Redmond kicked over our honeypots, wail white hats
Security researchers are complaining about collateral damage from the latest botnet take-down efforts by Microsoft and its partners.

The Windows 8 giant worked with financial service organisations, other technology firms and the Federal Bureau of Investigation to disrupt more than a thousand botnets.
However, this time round Redmond appears to have stepped on the toes of security researchers, killing off honeypot systems monitoring the activities of cybercrooks as well as decapitating systems linked to ongoing fraud.

Microsoft seized more than 4,000 domain names and pointed them to a server operated by them, a technique known as “sinkholing”. The technique isn't new and has been previously applied in attempts to seize control of the infamous Conficker botnet, for example.

Redmond and its partners allegedly erred by seizing more than 300 Citadel domains that were sinkholed by abuse.ch (home of the Swiss Security Blog), as well as many hundreds of similar domains controlled by other security researchers, critics complain.
Something similar happened with a ZeuS takedown operation by Microsoft last year, when thousands of ZeuS botnet domains were seized, including several hundred domain names that were already sinkholed by abuse.ch. Previously Redmond had the reasonable excuse that there was no easy way to distinguish between domains run by crooks and domains run by security researchers.

However, the latest action comes after abuse.ch set up a (non-public) Sinkhole Registry for law enforcement and security organisations to avoid similar mixups.

"I had hoped that Microsoft had learned their lesson, but apparently nothing has changed and my efforts didn’t change anything," the unnamed researcher at abuse.ch laments.
When you're an 800 pound gorilla you do what you want, and bugger anyone who gets in your way!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

MS Buggers Up WMV

Post by Foggyone » Mon Jul 15, 2013 8:08 pm

In the latest patch Tuesday one of the security patches is causing problems with some installations on Windows Media Viewer.

Another botched Windows patch: MS13-057/KB 2803821/KB 2834904
"The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allow remote attackers to execute arbitrary code via a crafted media file, aka WMV Video Decoder Remote Code Execution Vulnerability."

The patch targets just about every modern version of Windows: Windows XP SP3, Windows Server 2003, Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2008 R2 SP1, Windows 7 SP1, Windows Server 2012, Windows 8, and Windows RT.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

BALLMER TO RETIRE FROM MICROSOFT

Post by Foggyone » Fri Aug 23, 2013 6:18 pm

There will be lots of people glad to see him go, after the fiascos of Vista and 8, both of which occurred on his watch.

Steve Ballmer is leaving identity crisis-hit Microsoft.
The software maker's chief announced his intention to retire from MS within the next year.

He said: "There is never a perfect time for this type of transition, but now is the right time."

Whomever the new boss of Microsoft will be, he or she has a big job ahead of them in forcing the company to swallow a business strategy that wraps itself around devices and services - something Redmond has failed to achieve to date
I'm sure he can cock something else up in the next 12 months.

Five reasons why Ballmer needed to go

Poor old sweaty Steve.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Germans Dis Windows 8

Post by Foggyone » Fri Aug 23, 2013 6:21 pm

Germany warns: You just CAN'T TRUST some Windows 8 PCs
Microsoft's new touchy Windows 8 operating system is so vulnerable to prying hackers that Germany's businesses and government should not use it, the country's authorities have warned in a series of leaked documents.

According to files published in German weekly Die Zeit, the Euro nation's officials fear Germans' data is not secure thanks to the OS's Trusted Computing technology – a set of specifications and protocols that relies on every computer having a unique cryptographic key built into the hardware that's used to dictate what software can be run.

Authorities at Germany's Federal Office for Information Security (BSI) later clarified that it was the Trusted Computing specs in Windows 8 in conjunction with the Trusted Platform Module (TPM) chip embedded in the hardware that creates the alleged security issue. BSI released a statement that backtracked slightly, insisting that using Windows 8 in combination with a TPM may make a system safer, but noting that it is investigating "some critical aspects related to specific scenarios in which Windows 8 is operated in combination with a hardware that has a TPM 2.0
The OS's Trusted Computing technology is not trustworthy.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Worlds Dumbest Move?

Post by Foggyone » Fri Sep 13, 2013 7:00 pm

Sick of your iPad and want to swap it for something that's far less desirable? Microsoft wants to help you out.

Redmond has launched a scheme offering a $200 gift card in exchange for a "gently used" iPad 2, 3 or 4. You'll need to give them your charger cable as well and make sure your fondleslab is wiped clean - both on the surface and inside its memory.
Microsoft announces iPad amnesty for fanbois

Now that sweaty Steve has announced his departure from Redmond can we expect more of these dopey moves?
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Microsoft - Again!!

Post by digidog » Tue Oct 01, 2013 10:29 pm

Are you still using Internet Explorer? Seriously?

Hackers just POURING through unpatched Internet Explorer zero-day hole

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Microsoft - Again!!

Post by digidog » Wed Nov 06, 2013 12:44 am

Microsoft has released an emergency software fix after it learned hackers had exploited a previously undiscovered security flaw in its widely used Office software to infect the PCs of its customers with tainted Word documents.

The vulnerability affects customers using Office 2003 and Office 2007 as well as those running Office 2010 on Windows XP and Server 2003.

http://www.stuff.co.nz/technology/digit ... e-security" onclick="window.open(this.href);return false;
The temporary MS fix is here:
https://support.microsoft.com/kb/2896666" onclick="window.open(this.href);return false;

User avatar
Googlybear
Members
Posts: 2108
Joined: Mon Feb 19, 2007 10:51 am
Location: Auckland

Re: Microsoft - Again!!

Post by Googlybear » Wed Nov 06, 2013 10:32 pm

MS has resorted to scare tactics to `encourage` users to upgrade:

Microsoft warns Windows XP holdouts on security risks
http://www.geekzone.co.nz/content.asp?contentId=15509" onclick="window.open(this.href);return false;
Edwards says companies and users who don’t upgrade will place their systems at risk
What drivel. What do they mean will be `at risk`. ?
a Better term would be `at more risk` than using our other security flawed Operating systems

Here`s an idea to reduce the vulnerability when using XP...
Pass Legislation that forces Microsoft to patch their buggy crappy software forever.
better still hold them legally responsible for harm caused by flaws in their software due their incompetence.

But no, of course MS will trot out the usual tired propaganda "our software is only attacked due to it`s popularity" and the kiddie reporters that run the media lap it up.

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Re: Microsoft - Again!!

Post by Foggyone » Thu Nov 07, 2013 9:26 pm

Once Microsoft withdraw support for XP (which is in line with their usual length of support policies, and has been known since the launch of this OS) then bugs will no longer be patched in the normal monthly patch Tuesday IN ANY MICROSOFT SOFTWARE ON AN XP BOX.

That means if a user is running a more modern browser (IE8 is the most modern that will run on XP) this will not be patched.

This also means that any holes found in more modern OS's will be reverse engineered and the now unpatched holes exploited in XP (if they exist).

One of the reasons I dumped M$ in favour of Linux several years ago was the continual attacks on their software that has more holes than a collander. Another is the 100,000 new malwares for the Windows family every day (and the excessive drag on computer resources of a malware solution). Linux currently has NO MALWARE live in the wild. There are virus solutions available for Linux, their sole function is to squash Windows Malware which CAN'T infect a Linux box.

My suggestion to anyone running legacy code under XP would be to try and run the code under Linux with wine (free) or Codeweavers Crossover (paid). Tests have repeatedly shown that any virus attacking this setup is unable to infect the whole system, and has a very difficult time doing anything.

The only thing with wine (I've used it) is that some proprietary M$ technologies such as active-x don't work. Can't say if this is also the case with crossover.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Lets Not Talk About Azure Meltdown

Post by Foggyone » Sat Nov 09, 2013 7:48 pm

The recently discovered zero day graphics fault is much more likely to bite you on the bum (your own fault for using a sub standard OS).

Spies and crooks BOTH ravaging Microsoft's unpatched 0-day hole
Both cybercrooks and cyberspies have seized on a recently discovered and as-yet-unpatched Microsoft vulnerability to run attacks.

Hackers have seized on the zero-day vulnerability, starring a buggy Microsoft graphics component, to run attacks featuring malicious Word documents.
Business as usual for the crooks, spies anMicrosoft. Ho hum!!

When will it be patched?
Microsoft is lining up eight bulletins for the November edition of patch Tuesday (12 November), including three critical fixes, but there's no relief in sight for a zero-day vulnerability in how Office handles .TIFF graphics files.
Now, if you, dear reader, had read my previous post in this thread, you would immediately realise how a fault of this nature will make Widows XP [sic] deadly dangerous after 8/4/2014.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Now - Something Completely Different

Post by Foggyone » Wed Feb 12, 2014 6:25 pm

Is Microsoft sucking up to the Chinese Government?

A serious question. We already know that Microsoft is in bed with the US Government via NSA.

Microsoft denies reports of scrubbing Chinese-language Bing searches
Microsoft's Bing search engine is returning suspiciously pro-state results for Chinese-language searches even when those searches come from outside of China, activists claim.

The Guardian noted that a number of Chinese-language activist blogs are reporting that the results they have been seeing on Bing searches from within the US are very different than those returned from English-language search queries.

According to the reports, users who search in Chinese for terms controversial in mainland China will often get pages which are state-sponsored or authored by groups and organizations allied with the Chinese government.

Among the queries returning the specific results were The Dalai Lama, Falun Gong and the June 4 (Tienanmen Square) protests.

Meanwhile, searching the same terms in English, say the activists, returns a different set of sites with much less of a pro-China tone.
They would deny it, of course they would!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Microsoft - Again!!

Post by digidog » Tue Feb 25, 2014 10:29 pm

Foggyone wrote:Once Microsoft withdraw support for XP (which is in line with their usual length of support policies, and has been known since the launch of this OS) then bugs will no longer be patched in the normal monthly patch Tuesday IN ANY MICROSOFT SOFTWARE ON AN XP BOX.
Unless the user is in China where XP is still running on 50% of PCs. A group of web companies including search engine Sogou and software company Kingsoft will offer technical support for XP including system upgrades and security services.

Last month Microsoft bowed to user pressure and agreed to continue providing anti-malware updates for XP until 14 July 2015.

http://www.theregister.co.uk/2014/02/25 ... ent_china/" onclick="window.open(this.href);return false;

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Microsoft - Again!!

Post by digidog » Sun Mar 09, 2014 10:28 pm

Support for Windows XP will stop on April 8th. Microsoft estimates there are 165,000 home computers and another 135,000 business computers in New Zealand that still run XP. All of those machines are going to become major targets for hackers. However NZ banks have decided that people who access internet banking on XP computers will continue to be covered if their accounts are hacked, "as long as they have complied with their internet banking terms and conditions."

More of a worry is the large number of ATMs still running on XP. The Bankers Association is unable to confirm how many ATM machines will be affected.

http://www.stuff.co.nz/business/money/9 ... et-banking" onclick="window.open(this.href);return false;

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Microsoft - Again!!

Post by digidog » Tue Apr 08, 2014 3:29 am

Hey... today is D-day for anyone still running Microsoft Windows XP. No more updates for you!

The Dutch government has just signed a ‘multi-million euro’ deal with Microsoft to support their "34,000 and 40,000" government computers this running XP. And the Brits have also handed over €7m to Microsoft in return for support and security updates across the UK public sector for 12 months.

There's money to be made supporting outdated MS operating systems!

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Re: Microsoft - Again!!

Post by Foggyone » Tue Apr 08, 2014 7:07 pm

I tutor at SeniorNet and have been running workshops on this. Around 10% of our members have attended and there will be others who have not.

There are a number of people who would struggle to buy a new computer, and for these folk not wishing to take the risks of continuing with XP I'm recommending SolydK (KDE desktop) or SolydX (Xfce desktop, a lighter weight desktop). Both of these are designed as a rolling release, that is, install once and they just continue to update indefinitely. See the website here. Based outside USA so the NSA nonsense should be absent. Dialup can be a problem for Linux!

memory/disk usage for SolydK

64-bit mem: 400MB
64-bit disk: 6.0G
32-bit mem: 250MB
32-bit disk: 6.0G

memory/disk usage for SolydX

64-bit mem: 225MB
64-bit disk: 3.8G
32-bit mem: 160MB
32-bit disk: 3.5G

Both versions are too large to fit onto a CD, so installation is typically via DVD. However, there are techniques to install using CD/USB or direct from USB if supported be the computer's bios.

I have several oldies looking to jump from M$ to Linux.
Google, the answer to so many questions!
-----------------------------------------------------

Post Reply

Who is online

Users browsing this forum: No registered users and 4 guests