|
[an error occurred while processing this directive]
| | The Evil Empire - June 2003 Archive
|
Thursday, June 26, 2003
|
The software giant warns of security risks in Windows 2000 Server's Media Services and Windows Media Player 9. [CNET News.com]
|
|
A list of unpatched security holes in Microsoft Internet Explorer. At the moment, there's 19 of them. [via Heise.de]
|
|
|
Sobig-E differs from its predecessors, the Sobig-B (aka 'support@microsoft.com') and Sobig-C (aka 'bill@microsoft.com') worms, by spreading itself in the form of a ZIP file. This time around infectious emails sent out by Sobig-E pretend to come from support@yahoo.com or another spoofed email address.
As usual, the worm affects only Windows PCs. Linux and Mac users are immune. [The Register]
|
|
A federal appeals court deals a legal blow to Sun Microsystems, tossing out most of a preliminary injunction requiring Microsoft to carry its rival's version of an interpreter for the Java programming language. [CNET News.com]
|
|
An ActiveX control included with Windows Media Player 9 Series allows Web page authors to create Web pages that can play media and provide a user interface by which the user can control playback. When a user visits a Web page with embedded media, the ActiveX control provides a user interface that allows the user to take such actions as pausing or rewinding the media.
A flaw exists in the way in which the ActiveX control provides access to information on the user[base ']s computer. A vulnerability exists because an attacker could invoke the ActiveX control from script code, which would allow the attacker to view and manipulate metadata contained in the media library on the user[base ']s computer. [via Heli's Heaven and Hell Radio]
|
|
|
Wednesday, June 25, 2003
|
Microsoft's path to expand the Windows empire with a new search program called MSNBot is leading directly to search king Google. [CNET News.com]
|
|
|
Saturday, June 21, 2003
|
The Fortnight worm exploits three-year-old Microsoft hole to take you to some 'naughty nurses'. Malicious code can be executed just by reading a message in an HTML-aware email client, meaning the user does not need to open an attachment to activate the virus. Those infected find their Explorer browser redirected to a 'naughty nurses' site and bookmarks and homepage reset to other porn sites. [via Privacy Digest]
|
|
|
Monday, June 16, 2003
|
This time, Microsoft's putting to rest a class-action antitrust suit in North Carolina by setting up an $89 million fund to reimburse customers and buy technology for underprivileged schools. [Microsoft Watch]
|
|
|
Friday, June 13, 2003
|
Living without Microsoft products has just become easier for Apple Macintosh users, as Microsoft has confirmed there will be no more IE developement from MS for the Mac. During the Microsoft anti-trust trials, the company agreed to offer its browser as a separate product, not integrated into the Windows operating system. Now that the trial has been settled, Microsoft has announced that there will be no future standalone installs for Internet Explorer, and this will leave the Macintosh platform without a browser from Microsoft. [The Macintosh News Network]
|
|
Redmond has long toyed with the idea of delivering security patches for its product alongside their own updates for virus definition files. This sounds fine initially you consider the problems that can arise when a patch has a negative effect on systems.
Nonetheless, Rob Rosenberger, antivirus industry gadfly and editor of Vmyths.com, believes Microsoft wants to combine WindowsUpdate with an AV system embedded in Windows itself. [The Register]
|
|
Users and resellers of RAV AntiVirus, popular especially on Linux platforms, are in limbo after Microsoft Corp. announced plans to buy the RAV technology from Romania's GeCAD Software Srl.
The RAV product line will be discontinued after Microsoft completes the acquisition of the technology, Microsoft said. GeCAD, which claims that its products protect more than 10 million users worldwide, will support current customers through the end of their contracts.
The acquisition has observers questioning Microsoft's ultimate intentions and wondering what the software maker wants with technology that powers leading virus-scanning tools for e-mail servers on Linux platforms, rivals to Microsoft's Windows and Exchange products. [Computerworld Security News]
|
|
|
Wednesday, June 11, 2003
|
In a comentary for CNET News.com, Laura Koetzle writes that Microsoft's purchase of antivirus unknown GeCad Software spells long-term trouble for Network Associates and Symantec. For now, though, users should stick with their current antivirus products and look for the software giant to claim a slice of the antivirus market in 2005. [CNET News.com]
I say: no need to worry. If Microsoft's security record with its antivirus software is comparable to that of its other products, we need then Network Associates and Symantec will live long and prosper.
|
|
Microsoft has entered the anti-virus market with the surprise acquisition of little known Romanian AV firm GeCAD Software. Financial terms of the deal, announced yesterday, were not disclosed.
In addition to developing new solutions, Microsoft said it would use GeCAD's expertise and technology to 'enhance the Windows platform and extend support for third-party antivirus vendors'. [The Register]
|
|
|
Monday, June 9, 2003
|
A new -- but not well known -- Microsoft vulnerability is being exploited by spammers, creating even more junk mail in your inbox. [via Der Schockwellenreiter]
|
|
A vulnerability has been identified in Internet Explorer, which exposes sensitive information to "msn.com" and "alexa.com".
While this is a known "feature" when the "Show Related Links" option is activated in Internet Explorer, there is a bug, so that Internet Explorer will keep transmitting the information to "msn.com" and "alexa.com" after "Show Related Links" has been de-activated. This occurs whenever "Ctrl+R" is used to reload a page.
To make matters worse, it has been confirmed that this behaviour also affects SSL enabled pages. One thing is that Microsoft has chosen to make a "feature", which reveals this information to "msn.com" and "alexa.com", but the fact that information, which was supposed to be protected by SSL and sent only to one site, is sent in plain text to a third party ("msn.com" and "alexa.com") is of great concern. [via Couchblog]
|
|
|
Saturday, June 7, 2003
|
Microsoft is adding content to its Next Generation Secure Computing Base ("Palladium") page on its Web site. [Microsoft Watch]
|
|
|
Friday, June 6, 2003
|
The secret of the software giant's success lies not in its ability to innovate, but in its negotiating skills, says CNET News.com's Michael Kanellos. [CNET News.com]
|
|
Microsoft Corp., which had agreed to pay US$1.1 billion to settle antitrust claims in California, has dropped a provision in the agreement that would give its software away for free to schools after Apple expressed complaints and concerns, according to Bloomberg News. At the first of the year Microsoft settled a lawsuit by California consumers that claimed that the company's near-monopoly led to higher prices. As part of the agreement, Microsoft said it would give schools a portion of the $1.1 billion settlement that didn't go to consumers. However, the settlement was blasted by Apple, who said it amounted to unfair competition and that schools should simply get to buy any technology products they wished. [MacCentral]
|
|
|
Thursday, June 5, 2003
|
Tristan Louis lays out how the Microsoft-AOL/TW detente could eventually lead to a Microsoft lock-in: you wanna see the movies, you gotta buy the platform. It plays nicely into what I've been trying to say about why Applied DRM is scary: No matter how good DRM sounds in theory ("Artists can negotiate deals with their audience...") if Microsoft offers the only/dominant platform for securing content, then the content owners make their stuff work only with the Microsoft platform. It's win-win... so long as you're Microsoft or Jack Valenti.... [Joho the Blog]
|
|
Anti-virus vendors today warned of the rapid spread of yet another mass mailing virus. Bugbear-B, a variant of the infamous Bugbear, is a complex mass-mailing worm with a variety of nasty tricks up its sleeve. It spreads by either emailing itself to addresses found on infected PCs or (less commonly) via network shares. As usual it's a Windows-only menace. Mac and Linux users are immune. [The Register]
|
|
Ask not whether standalone IE is dead. Instead, ask if it's just one of many technologies that will only be available embedded in Windows. [Microsoft Watch]
|
|
Two security flaws in all current versions of Microsoft's Internet Explorer Web browser could allow an attacker to take over a user's system. [Computerworld Security News]
|
|
|
Wednesday, June 4, 2003
|
Alexander Wolfe (Embedded-Watch.com): Microsoft granted US patent for "interactive entertainment" . If your company is thinking about delivering interactive video-on-demand cable-television programming or movies via satellite to consumers, maybe it'd better start thinking about paying royalties to Microsoft first. That's because Microsoft has just been granted exclusive United States patent rights to a "networked interactive entertainment system" which "allows viewers to create their own customized lists of preferred video content programs, such as movies, games, [and] TV shows." [Dan Gillmor's eJournal]
|
|
|
Tuesday, June 3, 2003
|
The recent truce between Microsoft and AOL Time Warner is part of Microsoft's broader strategy to systematically delete legal threats that loom over it, typically by settling them. Remember that Microsoft has nixed the U.S. Department of Justice's antitrust suit by striking a deal that required miminal changes in product design. It settled a California class-action lawsuit in January, and it stands a good chance of winning a private antitrust lawsuit brought by Sun Microsystems that's now before a federal appeals court. [CNET News.com]
|
|
If there's one thing the analysts are agreeing on in the wake of Thursday's settlement between Microsoft and AOL Time Warner, it's that the Netscape browser is finally kaput. In return for a cool $750 million from Microsoft, AOL is dropping its private antitrust suit against Bill Gates and Co.
As part of the deal, AOL is also receiving a license to Microsoft's Windows Media technology and is agreeing to cooperate on instant messaging and digital rights management services. These are all areas that Microsoft has, with good reason, targeted as crucial markets of the future. Microsoft has always wanted a piece of every online transaction: If it controls the Web browser, and the content distribution technology, and the digitial rights management software, well, $750 million suddenly seems like chump change if it means getting the largest media corporation and largest online service in the world to use your software. More... [Salon.com]
|
|
So, let's see, Microsoft pays AOL $750 million, AOL switches to Internet Explorer, and the two biggest behemoths in the online world start working together instead of competing.
The next time you hear anyone in the Bush administration talk about the importance of competition and the free market, remember whose Justice Department it was that brought us the Microsoft antitrust settlement. [Scott Rosenberg's Links & Comment]
|
|
|
Monday, June 2, 2003
|
Microsoft is phasing out standalone versions of its Internet Explorer Web browser, according to statements attributed to IE program manager Brian Countryman in an interview posted on the software giant's Web site. Microsoft issued a standalone browser with IE 6, following a court ruling that found the company had violated antitrust laws by bundling IE with its Windows operating system. The company has since settled the case with the Justice Department.
|
|
|
