This page permanently redirects to gemini://gemini.techrights.org/2008/12/25/ms-nightmare-before-christmas/.
Posted in Microsoft, Security, Servers, Windows at 11:28 am by Dr. Roy Schestowitz
No, not the film
THIS TYPE OF THING happens almost every year. It’s another familiar ‘emergency Christmas’ that may lead to higher blood pressure.
Just before the holiday, Microsoft decided to give people fewer reasons to rest well, having recently patched half a dozen critical flaws.
=> ↺ fewer reasons to rest well | patched half a dozen critical flaws
Desktop users running the Microsoft SQL Server 2000 Desktop Engine or SQL Server 2005 Express could be at risk in some circumstances, Microsoft said.
They have been negligent enough not to fix this in 8 months. Microsoft keeps known flaws to itself until it's too late and damage is being done.
=> ↺ not to fix this in 8 months | until it's too late
Microsoft Corp. today confirmed that it has been working on a critical vulnerability in SQL Server for more than eight months, but declined to say whether it has had a patch ready since September, as an Austrian security researcher has alleged.
Another emergency patch (almost the third in a month [1, 2, 3]) is likely on its way. Microsoft Fanalysts [sic] are explaining the severity of this as well.
=> 1 | 2 | 3 | ↺ explaining the severity of this
News Analysis. Microsoft has warned of a zero-day vulnerability affecting SQL Server. Do take Microsoft’s security advisory seriously.
Remember SQL Server slammer, which struck nearly six years ago? IT administrators were lucky the worm spread a month after Christmas. The new SQL Server vulnerability could bring coal to your Christmas stocking, if left untended.
There are other new attacks that piggyback on Microsoft.com.
=> ↺ piggyback on Microsoft.com
Miscreants are exploiting weaknesses in more than one million webpages operated by the federal government, media companies, and even Microsoft to trick unwitting visitors into installing harmful software that takes over their computers.
More here:
=> ↺ here
Fake Antivirus Peddlers Helped by Microsoft, IRS
Just weeks after the U.S. Federal Trade Commission shut down two companies accused of selling fake antivirus software, a new player has moved into the market, aided by glitches in the Microsoft and U.S. Internal Revenue Service Web sites.
As always, there are fake greeting cards too, whose harm is only Windows compatible (where “clicking” translates to “executing”, frequently with full system privileges).
=> ↺ are fake greeting cards too
A new worm has emerged that could be much worse than the notorious Storm worm, which ruled the botnet world for nearly two years.
We wrote extensively about the threat of zombie PCs. Botnets seem to have recruited almost one in two Windows PCs although most nodes in this network remain unused, so the seriousness remains mostly uncovered — for now. 98% of the Windows PCs out there are potentially ripe for hijacking, according to Secunia, so it’s down to the mercy — or wrath — of botmasters.
This has serious ramifications when it comes to security and the United States too can be crushed by botnets, according to this new simulated attack.
=> ↺ this new simulated attack
US cybersecurity defences fail to thwart mock cyberattack
The basic scenario involved exercises in electronic disruption accompanying a national emergency, a sequence of events played out in Estonia last year and more recently in Georgia. Defenders drew on established defence procedures but these turned out to be inadequate, for reasons not explained in any detail by participants.
Speaking of security, problems may also be introduced by Microsoft’s so-called ‘cloud’ (Azure), which we remarked on in [1, 2, 3, 4].
=> ↺ Microsoft’s so-called ‘cloud’ (Azure) | 1 | 2 | 3 | 4
Amitabh: Microsoft provides a computing infrastructure on which developers can build applications. It is the responsibility of the developer to ensure that their applications, content and services comply with applicable laws and do not engage in malicious conduct. For more information refer to http://www.microsoft.com/azure/termswindowsazure.mspx
Looking at that URL:
=> ↺ that URL
Indemnification.
[...]
You agree to indemnify, pay the defense costs of, and hold Microsoft and its successors, officers, directors and employees harmless from and against any and all claims, demands, costs, liabilities, judgments, losses, expenses and damages (including attorneys’ fees)
[...]
Modifying the Terms.
[...]
Microsoft may at its sole discretion modify this agreement at any time. You can access the most current version of the agreement via the link
That’s not so reassuring. For similar reasons, we constantly warn about Microsoft's so-called "open source" licences. Microsoft totally controls the way they evolve. █
=> constantly warn about Microsoft's so-called "open source" licences
Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
Permalink Send this to a friend
=> Permalink | ↺ Send this to a friend
=> Techrights
➮ Sharing is caring. Content is available under CC-BY-SA.
text/gemini;lang=en-GBThis content has been proxied by September (ba2dc).