Tag: Microsoft

  • The crowd strikes back, and other cool stories

    The crowd strikes back, and other cool stories

    I thought I’d give you some vague thoughts on this past Friday’s Crowdstrike (CS) debacle and the topic of security products in general. To say that CS screwed up this past week is putting it mildly. An estimated 9M endpoints were affected by CS’ borked update that was delivered to its Falcon product early Friday…

  • MS Windows critical font vuln

    Microsoft release an out-of-order patch yesterday for a critical vulnerability relating to custom fonts resulting in remote execution of code on a machine. More details here: http://gizmodo.com/go-update-windows-right-now-1719187152 Note that because Windows Server 2003 has just gone end-of-life, there is no update for it.

  • Moonlight kicked into touch

    Wow, now this is a turn-around for the books – Microsoft bed-partner Miguel de Icaza saying that Moonlight development is being stopped specifically because a. Microsoft is concentrating on HTML5 and b. because Microsoft has imposed certain restrictions on Silverlight. Never thought I’d see the day … Hooray for the death of non-standard protocols and…

  • Internet Explorer the safest browser – yeah right!

    Microsoft has always bigged up their products using whatever mechanisms they can, including paid-for campaigns/ads and sometimes outright lying. The latest statement that IE is the most secure browser ( according to their yourbrowsermatters website ) fits into this latter category. One has to wonder how Microsoft comes about the scores provided on the site.…

  • Windows 8 a KDE clone?

    Windows 8 a KDE clone?

    Microsoft has always been accused of following the pack rather than innovating. So it’s no surprise that early screenshots of the Windows 8 copy dialogue seem to be a direct rip-off of the KDE 4 copy dialogue, from the ‘multiple copy operations in single dialogue’ visual aspect:   to the bandwidth usage graphs:   The…

  • Microsoft: Cloud Services fail

    Well if there’s ever been an advertisement against cloud services, Microsoft is it. The recent spate of outages on Microsoft’s BPOS system continued this weekend past with a 7 hour outage at their Dublin data centre after an ‘act of God’ took out their power grid and backup generators. Microsoft said it would “proactively provide…

  • BPOS down – again

    Considering last month’s outage, one would have thought the okes at Microsoft would have beefed up the BPOS service offering but it’s not to be. There were problems logging into Exchange and SharePoint Online yesterday morning for about 3 hours. This outage, apparently caused by network hardware issues, mostly affected North America and British customers.…

  • Windows 7 SP1 breaking machines

    Since the release of SP1 for Win 7 and Server 2008 R2, there have quite a lot of issues relating to the installation of the service pack. Apparently many are seeing boot failures after the installation of the service pack, specifically with C00000034 fatal errors. Of course, those with WSUS will be getting automatic upgrades…

  • IE9 just released, still has old unpatched bug

    The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities. Even Google has released a statement regarding targeted attacks on IE users. Apparently this MHTML vulnerability has been around for 7 years.…

  • Win 7 SP1 out soon

    Windows 7 Service Pack 1 should be available soon and won’t have much new functionality, but will have the usual hot fixes and patches. 3 items that will make an appearance are: Advanced Vector Extensions ( AVX ) which will be available in forthcoming processors RemoteFX – an extension to RDP Dynamic Memory – intelligent…

  • AV vendors offer ‘free’ LNK protection

    Aw, aren’t we lucky ( well Windows users at least ) – G-Data and Sophos have stepped forward with free protection for the .lnk vulnerability. G-Data’s solution LNK-Checker displays no-entry signs for iconss associated with exploits while other icons function as normal.However, users can still click on malicious LNK files and start the malware manually,…

  • Windows LNK vulnerability attracts more attacks

    The unpatched LNK vulnerability in all versions of Windows ( from XP onwards ) is attracting a lot more attention from malicious code authors. A further 2 exploits have been detected in the wild. The 1st .lnk trojan Stuxnet, was very specific about it’s payload, attacking Siemens SCADA software specifically. But the effectiveness of .lnk…

  • New Microsoft Windows exploit the most dangerous of all

    A new malicious attack has been spreading through the internet in the last few weeks, initially using USB memory sticks to propagate. Called, the LNK vulnerability, the attack uses specially crafted shortcut (.lnk) files, which trick Windows into running code of an attacker’s choosing. Any Windows application that tries to display the shortcut’s icon—including Explorer—will…

  • Microsoft and anti-virus software

    I’m subscribed to a Microsoft UK email newsletter that I get once a month. The latest one started as follows: As someone who is fully aware of the potential dangers that the internet poses to those who use it for banking, shopping and social networking, you must get a lot of people asking for your…

  • Microsoft installs software without permission

    It seems that Microsoft just can’t help itself. As part of its regular Patch Tuesday, Microsoft released an update for its various toolbars, and this update came with more than just documented fixes. The update also installs an add-on for Internet Explorer and an extension for Mozilla Firefox, both without the user’s permission. The update…