Reasons to Avoid Microsoft
These pages are a compilation of links and quotes to news articles and
others sources that might help convince you to switch to Linux.
Last 10 Articles
- French army sides with Mozilla in Microsoft email war
A new email client unveiled by Mozilla this week contains code from an
unusual source -- the French military, which decided the open source
product was more secure than Microsoft's rival Outlook. ... France's
military chose open source software after an internal government debate
[...] culminated in a [...] directive requiring state agencies 'Seek
maximum technological and commercial independence.' ... The French
government is beginning to move to other open source software, including
Linux instead of Windows and OpenOffice instead of Microsoft Office.
Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38
- Was HP.s traceable 'PattyMail' spyware? You decide
If you've been following the HP privacy scandal at all, then you'd know
that HP resorted to (or considered resorting to) several techniques
in hopes of smoking out whoever it was that was leaking information
from its boardroom to the press... [including] sending traceable
email ... I also showed how the versions of Microsoft's Outlook that
are currently in circulation ... make it impossible to successfully
forward an HTML-based e-mail without re-activating its traceability.
- Critical Windows Patch Fights Takeover Attacks
Three image-rendering flaws in the Windows operating system could put
millions of Internet-connected users at risk of PC takeover attacks,
Microsoft Corp. warned on Tuesday. The flaws could be exploited via
any software that displays images, including the widely used Microsoft
Outlook, Microsoft Word and Internet Explorer programs.
- MyDoom.O Harvesting Email Addresses from Search Engines and
Causing Denial of Service Attacks
MyDoom.O searches user files (DOC TXT HTM and HTML)
for domain names, then uses search engines (Lycos, AltaVista, Yahoo
and Google) to search for 'e-mail' and the harvested domain in order
to gain access to other email addresses. There is a strong likelihood
that web-based lists such as phone books, memberships, discussion
boards and general user home pages will be harvested by the machine
and in turn infect others.
- Microsoft Discloses Huge Number Of Windows Vulnerabilties
The total number of vulnerabilities in the four security bulletins tallied
an astounding 20 separate flaws in Windows and Outlook Express. ...
Sixteen of the 20 vulnerabilities can be exploited remotely, the most
dangerous type of bug because hackers can conduct an attack over the
Internet. ... The most severe of the dozen-plus-two vulnerabilities -- six of
the bugs are rated 'Critical' -- could allow an attacker to take complete
control of an system, including installing programs, deleting data, or
creating new user accounts that have full access privileges.
- The Bagle Virus' Nasty Turn
(The Motley Fool,
Even the most casual of home PC users now understand that it's dangerous
to open strange attachments they're not expecting, especially from strangers
or, sometimes, even from friends who have unknowingly sent a virus. This
new version of Bagle only requires a recipient to open the email or view it
within the Outlook preview frame, where some invisible HTML code downloads
and infects a PC through a known flaw in the Internet Explorer browser. ...
[It] could signal a new trend in viruses -- executing without attachments is
a smarter contagion indeed.
- A Virus
(Personal web log,
[The] file appears to be an exploit directed at IE 5 (and possibly 6) and
Outlook Express (which uses an integrated IE component for displaying e-mail).
This exploit appears to allow the exploiter to execute arbitrary code ...
on the exploited machine.
- Virus Leaks Files From University Hall
(The Harvard Crimson,
[Administrators'] personal correspondence -- including a memo concerning
a case before the Administrative Board -- found its way to mere
acquaintances. The administrative glasnost was not intentional, however,
caused instead by a computer virus that swept across the Internet in early
June and infected a number of University Hall machines. ...
Harvard students reported receiving a variety of seemingly misaddressed,
unusual messages... at least one message, sent from an infected machine on
the second floor of University Hall and received by at least three Harvard
undergraduates, contained a confidential memo [between the Secretary and
Dean of the Faculty].
- New BugBear worm still spreading
Malicious program specifically targets financial institutions...
The new worm spread to 115 countries just hours after its release...
'[It] is likely to be more damaging than any virus seen so far this year...'
[It] uses a particularly nasty flaw in Microsoft's Internet Explorer program
and its implementation by Microsoft's Outlook e-mail reader that allows the
virus to infect machines whenever a victim simply previews an e-mail message
loaded with the program.
- Restricted Zone: the OUTLOOK EXPRESS
(LUGOD Mailing Lists,
Silent delivery and installation of an executable on a target
computer. No client input other than opening an email or newsgroup post.
This can be achieved with the default setting of Outlook Express:
- First Worm with a [End User License Agreement]?
There is a new virtual postcard... that prompts you to install their software
to view the card. You are then presented with a EULA granting them permission
to e-mail all the Contacts in your Outlook Address Book. Those people are
presented with an e-mail from you telling them they have a greeting card to
pick up. So, this thing spreads like a worm, but includes a EULA that 95% of
users won't take the time to read. ... it also installs spyware designed to
deliver ads to your computer. You also give them permission to install further
software any time they want.
When W32/Klez first appeared, it seemed like just another mass mailer
of little note, but its later variants have spread so widely and rapidly
that the Klez family has generated more interest. At the time of writing,
there are 12 known variants of Klez. Despite the speed with which anti-virus
developers released detection updates, despite the fact that some anti-virus
products detected the later variants even before they were released, and
despite its destructive payload, Klez remains a problem that shows no sign
of being resolved in the near future.
- Chernobyl virus rides Klez's coattails
[The four-year old 'Chernobyl' virus] has been detected in recent infections
of the Klez worm. ... the viral bonus wasn't intentional but rather a
by-product of Chernobyl-infected PCs also propagating the Klez worm.
'As far as (Chernobyl) is concerned, the Klez worm is just another file
to infect'... [Klez has been ranked] as No. 3 on [a] list of
all-time most active computer pests.
- Klez: Don't Believe 'From' Line
Some Internet users have recently received an e-mail message from a dead
friend. Others have been subscribed to obscure mailing lists. Some have
lost their Internet access after being accused of spamming, and still
others have received e-mailed pornography from a priest. ... The virus
can launch automatically when users click to preview or read e-mails
bearing Klez on systems that have not been patched for a year-old
vulnerability in Internet Explorer, Outlook and Outlook Express.
Klez only affects PCs running Microsoft's Windows operating system.
- Klez Worm, Not Sender, Hates You
Many computer users say that friends, co-workers and business associates
are angrily -- or patronizingly -- accusing them of sending out viruses.
Some victims say they fear their professional reputations have been harmed.
... [Some people are] worried the Klez e-mails that appear to come from
[them] will negatively impact [their] small business[es].
W32.Gibe@mm is a worm that uses Microsoft Outlook ... to spread.
This worm arrives in an email message--which is disguised as a Microsoft
Internet Security Update...
The worm sends email to all contacts in your Windows address book, and to
email addresses that if finds in the Outlook Express Inboxes and folders.
... On NT/2000/XP systems, the worm drops a backdoor Trojan that allows a
hacker to control your system. NAV will detect this as Backdoor.Myparty.
- Welyah Virus
...it does not depend on Outlook for e-mail sending. ... Outlook [executes]
the attachment automatically. ... the worm will be started when Windows
- 'Goner' Virus Infects Businesses
Anti-virus companies scrambled to protect their customers against a new
viruslike e-mail attack Tuesday that purports to be a computer screen saver
program. ... In addition to ICQ, Goner affects only Microsoft's Outlook and
Outlook Express e-mail programs on computers running Windows.
- W32.Klez.A@mm [e-mail worm]
W32.Klez.A@mm is a mass-mailing email worm. It attempts to copy itself
into folders on both local and network drives. The worm exploits a
vulnerability in Microsoft Outlook and Outlook Express in an attempt to
execute itself when you open or even preview the message. [...] Finally,
the worm executes its payload on the 13th of every other month. The payload
causes files on local and mapped drives to become zero bytes in size.
- MSN Forces Outlook POP
Microsoft's Anti-Spam initiative forces POP users to use the primary
sender of mail worms.
- Global Routing Instabilities during Code Red II and Nimda Worm Propagation
[We] have documented a compelling connection between global routing
instability and the propagation phase of Microsoft worms such as Code Red
and Nimda. Contrary to conventional wisdom, what were thought to be purely
traffic-based denials of service in fact are seen to generate widespread
end-to-end routing instability originating at the Internet's edge. ...
The steep exponentially growth of the September 18 [Border Gateway
Patrol] storm is aligned with the exponential spread of Nimda, the
most virulent Microsoft worm seen to date. The Nimda worm exhibits
extremely high scan rates, multiple attack modes generating very heavy
traffic, and has been much more damaging that the July Code Red worm.
- Nimda Worm Shows You Can't Always Patch Fast Enough
Gartner recommends that enterprises hit by both Code Red and Nimda
immediately investigate alternatives to IIS, including moving Web
applications to Web server software from other vendors, such as
iPlanet and Apache. ... they have much better security records than IIS ...
[We remain] concerned that viruses and worms will continue to attack IIS
until Microsoft has released a completely rewritten, thoroughly and
publicly tested, new release of IIS. Sufficient operational testing should
follow to ensure that the initial wave of security vulnerabilities every
software product experiences has been uncovered and fixed. This move should
include any Microsoft .NET Web services, which requires the use of IIS.
[We belive] that this rewriting will not occur before year-end 2002.
The worm uses MAPI calls to read email in your email program's inbox to
find new email addresses. These MAPI functions are supported by Microsoft
Outlook and Outlook Express. ... The worm attempts to exploit unpatched
Collection originally created by, donated to LUGOD by,
and maintained by
Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are
trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.