l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
April 21: Google Glass
Next Installfest:
TBD
Latest News:
Mar. 18: Google Glass at LUGOD's April meeting
Page last updated:
2012 May 28 09:01

Reasons to Avoid Microsoft


[Bug] [Education] [Government] [Fear, Uncertainty, Doubt] [Security Hole] [MSN Hotmail] [MS Internet Explorer] [MS IIS Webserver] [MSN Instant Messenger] [License] [Linux/Open Source] [Monopoly] [MS Outlook] [Piracy] [Privacy] [Virus/Worm] [MS XBox] [MS Windows XP] [WOW!]
Show All

[Security Hole]

Security Hole


These pages are a compilation of links and quotes to news articles and others sources that might help convince you to switch to Linux.


    Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38
  • With Exploits Out, MS Braces for Worm Attack (eWeek, 2006.08.10)
    [Security Hole] [MS Windows XP] [WOW!] A network worm attack exploiting a critical Microsoft Windows vulnerability appears inevitable... An exploit module [exists] that could launch attacks against all unpatched Windows 2000 systems and some versions of Windows XP. ... "The nature of the vulnerability itself is something that should be taken very seriously. The fact that exploits were out even before Patch Day and now that public code is available for anyone to download and use, that's enough to treat this as a high-priority issue..."

  • Flaw finders lay siege to Microsoft Office (The Register, 2006.07.22)
    [Security Hole] [WOW!] So far this year, the software giant has detailed at least 24 Office flaws found by outside researchers in its monthly bulletins, six times the number of Office flaws found in all of 2005. The count also surpasses the 20 flaws that Microsoft has fixed so far this year in Internet Explorer, a perennial favorite among vulnerability researchers. ... While a vulnerability in a remote network service could be exploited to create a worm and tends to worry system administrators more, the rash of attacks leveraging the Office vulnerabilities to compromise specific companies underscores the seriousness of the current threat. ... While Office files require some user interaction to compromise a victim's system, most workers are now accustomed to receiving such files, especially if attached to an e-mail that appears to be genuine...

  • Hacked Ad Seen on MySpace Served Spyware to a Million (Washington Post, 2006.07.20)
    [MS Internet Explorer] [Security Hole] [WOW!] An online banner advertisement that ran on MySpace.com and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows... online criminal groups have been using the flaw to install adware, keystroke loggers and all manner of invasive software for the past seven months. This stuff bombards the user with pop-up ads and tracks their Web usage. Only a little more than half of the anti-virus programs [tested] flagged the various programs that the Trojan tried to download as malicious or suspicious.

  • Symantec sees an Achilles' heel in Vista (Symantec, 2006.07.18)
    [Security Hole] Some of Microsoft's efforts to make Windows Vista its most stable and secure operating system ever could cause instability and new security flaws, according to a Symantec report. ... Aside from security flaws, features supported by Vista's new networking technology could expose a PC running the operating system, according to Symantec's report.

  • Yamanner - JavaScript worm that targets Yahoo! Mail (F-Secure, 2006.06.13)
    [MS Internet Explorer] [Security Hole] The Yamanner worm does not send itself as an attachment, it resides inside the e-mail body. The worm activates automatically by just opening an infected e-mail message with Internet Explorer.

  • Internet Explorer Window Loading Race Condition Address Bar Spoofing (Secunia, 2006.04.04)
    [MS Internet Explorer] [Security Hole] [WOW!] [A] vulnerability in Internet Explorer [has been discovered] which can be exploited by malicious people to conduct phishing attack.

  • Microsoft Confirms IE Under Attack (Microsoft Watch, 2006.03.25)
    [MS Internet Explorer] [Security Hole] [An] unpatched flaw in Internet Explorer [discovered last week is] already being exploited by hackers who are using hijacked Web servers and compromised Web sites to launch a wave of attacks against Microsoft browser users.

  • Invasion of the Computer Snatchers (Washingtonpost.com, 2006.02.19)
    [Security Hole] [Privacy] [WOW!] Hackers are hijacking thousands of PCs to spy on users, shake down online businesses, steal identities and send millions of pieces of spam. If you think your computer is safe, think again. ... At the moment, [the hacker interviewed] controls more than 13,000 computers in more than 20 countries. This morning he installs spyware on just a few hundred of the 2,000 PCs that he has commandeered in the last few hours

  • Microsoft warns of file-trashing worm (Network World, 2006.01.31)
    [Security Hole] Microsoft has published a security advisory warning Windows users of a file-trashing worm that has been circulating via e-mail for several weeks. The worm, which is programmed to destroy a wide variety of files on the third day of every month, has been circulating since mid-January, and is estimated to have infected between 250,000 and 300,000 systems worldwide.

  • Two New Windows Metafile Bugs Found (PC World, 2006.01.09)
    [Security Hole] Just days after Microsoft patched a critical vulnerability in the way the Windows operating system renders certain types of graphics files, a hacker has published details of two new flaws that affect the same part of the operating system.

  • Critical Windows Patch Fights Takeover Attacks (eWeek, 2005.11.08)
    [Security Hole] [MS Internet Explorer] [MS Outlook] Three image-rendering flaws in the Windows operating system could put millions of Internet-connected users at risk of PC takeover attacks, Microsoft Corp. warned on Tuesday. The flaws could be exploited via any software that displays images, including the widely used Microsoft Outlook, Microsoft Word and Internet Explorer programs.

  • Microsoft probes report of IE flaw (CNet News, 2005.09.28)
    [Security Hole] [MS Internet Explorer] [WOW!] A new flaw in Internet Explorer could be exploited to launch spoof-based attacks, or access and change data on vulnerable PCs, security experts have warned. ... An attacker could spoof a legitimate Web site, access data from the Web browser's cache or stage a so-called man-in-the-middle attack, which taps into traffic between a user and another Web site... Fully-patched computers running Windows XP with Service Pack 2 and Internet Explorer 6.0 are vulnerable to this issue...

  • IE flaw puts Windows XP SP2 at risk (CNet News, 2005.09.16)
    [Security Hole] [MS Internet Explorer] A flaw has been discovered in Internet Explorer that could enable a remote attack on systems running Windows XP with Service Pack 2...

  • Microsoft Investigates New XP SP2 Flaw (eWeek, 2005.07.15)
    [Security Hole] Microsoft has acknowledged that it is working on a patch for a potentially serious security hole in fully patched versions of Windows XP Service Pack 2. ... The flaw warnings come just days after Microsoft released three bulletins to fix "critical" security holes affecting users of its widely used Microsoft Word and Internet Explorer products.

  • The 12-minute Windows Heist (Slashdot.org, 2005.06.30)
    [Security Hole] [WOW!] [There's] a 50 percent chance unprotected Windows PCs will be compromised within 12 minutes of going online. ... almost 8,000 new viruses [were released] in the first half of 2005 ... up 59 percent on the same period last year.

  • Computers' Insecure Security (BusinessWeek, 2005.06.17)
    [Security Hole] [Windows users] may not be as secure as [they] think. Hackers are increasingly finding flaws in the very programs designed to prevent attacks -- computer-security software.

  • RSA: Microsoft on 'rootkits': Be afraid, be very afraid (ComputerWorld, 2005.02.17)
    [Security Hole] [WOW!] Microsoft Corp. security researchers are warning about a new generation of powerful system-monitoring programs, or 'rootkits,' that are almost impossible to detect using current security products and could pose a serious risk to corporations and individuals. ... Some newer rootkits are able to intercept queries or 'system calls' that are passed to the kernel and filter out queries generated by the rootkit software. The result is that typical signs that a program is running, such as an executable file name, a named process that uses some of the computer's memory, or configuration settings in the operating system's registry, are invisible to administrators and to detection tools...

  • Hackers Tune In to Windows Media Player (eWeek, 2005.01.10)
    [Security Hole] [WOW!] Hackers are using the newest [Digital Rights Management] technology in Microsoft's Windows Media Player to install spyware, adware, dialers and computer viruses on unsuspecting PC users. Security researchers have detected the appearance of two new Trojans ... in video files circulating on P2P (peer-to-peer) networks. ... 'In this case, they're using technology meant to secure content.' ... [These] files can [also] be distributed via e-mail, FTP or other Internet download avenues. 'All told, the infection added 58 folders, 786 files and an incredible 11,915 registry entries to my test computer. Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer...'

  • IE Plagued by 'Extremely Critical' Flaws (TechNewsWorld, 2005.01.10)
    [MS Internet Explorer] [Security Hole] [WOW!] Secunia recommends users drop IE and use an alternative browser. ... Millions of Internet Explorer 6 users are at risk from three 'extremely critical' security holes that give hackers open access to PCs running the browser -- even if Windows XP Service Pack Two has been installed. ... '[A] very critical vulnerability has been developed that can compromise a user's system without the need for user interaction besides visiting the malicious page.'

  • Microsoft Internet Explorer Multiple Vulnerabilities (Secunia, 2005.01.07)
    [MS Windows XP] [MS Internet Explorer] [Security Hole] [WOW!] Some vulnerabilities have been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system, conduct cross-site/zone scripting and bypass a security feature in Microsoft Windows XP SP2. ... Vulnerability 1 and 2, or 3 alone, in combination with an inappropriate behaviour where the ActiveX Data Object (ADO) model can write arbitrary files can be exploited to compromise a user's system. This has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Solution: Use another product.

  • Symantec: Phel Trojan horse attacks on Windows XP (Computer World, 2004.12.30)
    [MS Windows XP] [MS Internet Explorer] [Security Hole] The Trojan is capable of remotely controlling a user's system even if the latest Windows XP Service Pack, SP2, has been installed.

  • Three new Windows security holes come at a bad time (USA Today, 2004.12.24)
    [MS Windows XP] [Security Hole] Three new vulnerabilities have been discovered in Microsoft's Windows operating system, leaving computers running that OS open to possible hacker attacks -- including PCs running the recently released XP SP2 (Service Pack 2).

  • Who Profits from Security Holes? (Benjamin Edelman's website, 2004.11.18)
    [MS Windows XP] [MS Internet Explorer] [Security Hole] [WOW!] How bad is this problem? How much junk can get installed on a user's PC by merely visiting a single site? I set out to see for myself -- by visiting a single web page taking advantage of a security hole (in an ordinary fresh copy of Windows XP), and by recording what programs that site caused to be installed on my PC. In the course of my testing, my test PC was brought to a virtual stand-still -- with at least 16 distinct programs installed. I was not shown licenses or other installation prompts for any of these programs, and I certainly didn't consent to their installation on my PC.

  • Security company warning of vulnerabilities in Windows XP SP2 (PC Pro, 2004.11.12)
    [MS Windows XP] [Security Hole] A US security company is warning that it has found ten 'serious' vulnerabilities in Windows XP systems with SP2 installed. ... [a] successful attacker could 'silently' gain remote control of an SP2 machine when the target system is used to browse the Internet. ... 'A security patch of Windows operating system without changing the rules of the game will not be enough to fight the recent complex malicious code attacks such as Scob, Mydoom, and others.'

  • Bofra worm sets trap for unwary (The Register, 2004.11.10)
    [MS Internet Explorer] [Security Hole] Bofra-A poses as photos from an adult webcam in an attempt to fool users into clicking on a link. Clicking on the link causes the targeted PC to run malicious script hosted on a previously infected computer. ... Once a new system is infected, the worm sets up an embedded web server... Infected PCs establish an IRC session... allowing hackers to control compromised machines. The worm also harvests to further its propagation. Unlike standard bulk-mailing worms, Bofra does not send copies of itself within infected email but a HTTP link that points to the host that sent the infected email.

Next 25 Articles

Collection originally created by, donated to LUGOD by, and maintained by Bill Kendrick.

Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.