The Evil Empire
Information about Microsoft, bugs, security holes, and dirty business tactics.
Updated irregularly (about once per week)

New Windows virus hits computers

Anti-virus firms are warning about a Windows worm called Sober that is starting to spread widely online. The virus emerged at the weekend and is multiplying because so many versions of Windows are vulnerable.

Many people are thought to be falling victim to it because one version poses as an update from anti-virus firms. It also tries to hide by using many different subject lines in both German and English and by changing the name of the payload holding the virus. More... [BBC]

Microsoft Puts DRM into Office

Dan Gillmor: "This 'Information Rights Management' scheme in the latest Microsoft Office will have some value for paranoid corporate types. For the rest of us it's an absolute disaster, and we should resist.

"This is digital restrictions management (DRM), and Microsoft is using it to accomplish two goals. The first is to continue down the path it has followed so ardently in recent years, taking away customers' control of what they've purchased and keeping it in the hands of the companies selling it.

"The other, plain-as-day purpose is to shut out competing operating systems and products. Soon you'll be getting mail you can only open with Office and the latest version of Windows. It's a classic monopolist's tactic, and it's worked before." More... [Dan Gillmor]

Virtual PC changes

We got ourselves a copy of Virtual PC 2004 Beta 2, Build 553 and installed it to see what Microsoft have changed since acquiring this product from Connectix.

Our first thoughts on starting this up we found mostly everything to be the same as Connectix's Virtual PC 5.2, with minor changes in the settings/options and the Virtual PC Wizard as well as the Microsoft rebranding. The first thing we noticed was the removal of Linux, BSD, Netware and Solaris from the Guest Operating System Wizard list, which was bound to happen to Virtual PC in the hands of Microsoft. More... [MSFN via vowe.net]

Internet Explorer dangerous for Windows

According to heise.de, hackers are once again using a security hole in Microsoft's Internet Explorer to load a trojan onto their victims' PCs by luring them to websites in chats and newsgroups. The two security leaks responsible have been known since September; a patch only exists for one of them. More... (in German) [heise.de]

Flea bugs Windows users

A new virus called Flea is on the loose. The Visual Basic Script worm disguises itself as the ‘signature file’ in HTML-formatted mail.

Flea can execute automatically when users open HTML formatted emails in Microsoft Outlook or Outlook Express. Unlike most Windows nasties, the bug does not depend on a user opening an infectious file to do its mischief, Finnish AV vendor F-Secure warns. More... [The Register]

Microsoft takes EU antitrust case to US lawmakers

Microsoft Corp. has been trying to drum up support among U.S. lawmakers as part of its effort to fend off antitrust sanctions being considered by European regulators, congressional sources say.

With the European Commission weighing a fine and behavioral changes that could go beyond its U.S. antitrust settlement, Microsoft lobbyists have taken their case to key members of the Senate Judiciary Committee, these sources told Reuters. More... [Forbes.com]

Leak-proof e-mail? (2)

Armin Grewe: "The BBC has another report, mentioning 'Microsoft says a free viewing program will be available for those who receive a protected document but are not using Office 2003', which turns out to be a 'Rights Management Add-on for Microsoft Internet Explorer'.

"If someone sends me an e-mail protected by this DRM I have to install some add-on to be able to read it? Oh, and this thing only works in Win2k or WinXP and IE6? [...] What about people who don't want to (or can't) use Microsoft software?

"In a way this smells of a devious way to expand Microsoft's position by stealth. You want to work with us? Well, we send all our e-mails, files etc DRM protected. You don't use Microsoft? Oh, sorry, we can't work with you then." More... [Ministry of Propaganda]

Leak-proof e-mail?

Armin Grewe: "The BBC reports on Microsoft Outlook 2003, in particular mentioning ''Information Rights Management' (IRM). The claim is that it can restrict who will be able to read an e-mail, print it, forward it, etc. Looking at the Outlook 2003 information page, I wonder how this will work: In the 'Work with Others More Easily' section [...] it says 'IRM functionality requires Microsoft Windows Server™ 2003 running Microsoft Windows® Rights Management Services (RMS)'.

"So what happens if someone using this sends me an e-mail protected by this IRM? I don't use Outlook, so my e-mail client doesn't know anything of IRM. Will this mean I won't be able to open the mail? Or will it mean that I can still do whatever I want with the e-mail as the IRM won't work?" More... [Ministry of Propaganda]

The Hidden Cost of Office 2003 Upgrades

Customers will obtain Office 2003's advances at what might be a steep cost: one analyst estimates businesses will see their Microsoft licensing fees rise 10 to 40 percent if they want to take full advantage of the suite's new features. While Microsoft has kept Office 2003's price tag similar to that of Office XP, businesses that want to use some of the collaboration and rights-management features need to run the latest version of Microsoft's corresponding server software.

"We're seeing now much more of a focus on vertical integration between the client and the server," says Joe Wilcox, an analyst with Jupiter Research, who studied the hidden cost of Office upgrades. "Microsoft is trying to position Office as the front end to a lot of back-end processes. They have a huge presence on the desktop, so they want to leverage that into all these back-end server products." More... [PC World]

Microsoft Prepares Office Lock-in

From Slashdot: "News.com has an article describing Office 2003's DRM features for documents. This will not only coerce those running older versions of Office to upgrade, which has been a problem for MS in the last few years, but it will also shut out competing software, such as OpenOffice. Now think about this for a second. Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device. I certainly hope the OpenOffice team will kick development into high gear. If there was a time we need a viable competitor to Office, it's now." [Slashdot.org]

Microsoft gets patent for cookies

The US Patent Office this week granted a patent to Microsoft which appears to cover the personalisation of web pages by storing a user's preferences. The patent, for which Microsoft applied in 1996, is formally described as relating to the "Customisation of network documents by accessing customisation information on a server computer using unique user identifiers".

It goes on to explain that this covers the use of cookies to store customisation options which may include a wide variety of information such as, "a collection of [favourite site URLs], types of news that the user wants to see, display information that determines how the information is presented to the user, stock ticker symbols for which the user wishes to receive stock quotes, or the city for which the user wishes to receive a weather report." More... [out-law.com]

Microsoft issues yet more patches

Microsoft has issued seven software patches to address recently discovered vulnerabilities, five of which it rates as 'critical'.

These vulnerabilities can lead to a range of problems, including providing hackers with the opportunity to mount a denial of service attack, to run arbitrary code on a targeted machine, or to take over a compromised machine altogether. More... [vnunet.com]

Microsoft issues patches for five software flaws

Microsoft Corp. today issued its first monthly security update since announcing the new initiative last week. The update consists of five Windows vulnerabilities, four of which the company deemed "critical."

Three of the flaws affect all recent Microsoft operating systems, including Windows NT, Windows 2000, Windows XP and Windows Server 2003. The fourth critical flaw affects only Windows 2000. More... [Computerworld Security News]

Security vulnerability in Microsoft's Hotmail

Security company Finjan Software Inc. detected a security vulnerability in Microsoft Corp.'s Hotmail Web-based e-mail service, which Microsoft has since closed, the companies said today.

The new security flaw, known as a cross-site scripting vulnerability, could be used to create an Internet worm that steals e-mail addresses from Hotmail users' accounts, captures credit card numbers or installs Trojan horse programs, Finjan said. The vulnerability exists in the way Hotmail treats e-mail containing ActiveX controls, which are small, portable pieces of software code that enable programmers to embed sophisticated user interface elements into Web pages for use over a corporate intranet or the Internet. Hotmail content filters do not adequately block e-mail messages containing the controls. More... [Computerworld Security News]

Microsoft RPC Race Condition Denial of Service

ISS X-Force has discovered a flaw in the Microsoft RPC service during a routine audit that may allow remote attackers to trigger a Denial of Service (DoS) condition on vulnerable hosts. This vulnerability exists in the most current patch-levels of the Windows operating systems, including computers patched against the issues described in Microsoft Security Bulletin MS03-039. More... [ISS X-Force]

Linux vs. Windows Viruses

Every time a new Microsoft virus comes out, some person will say, basically, "The only reason Microsoft software is the target of so many viruses is because it is so widely used! Why, if Linux or Mac OS X was as popular as Windows, there would be just as many viruses written for those platforms!"

Of course, it's not just "regular folks" on mailing lists who share this opinion. Businesspeople have expressed similar attitudes ... including ones who work for anti-virus companies. Jack Clarke, European product manager at McAfee, said, "So we will be seeing more Linux viruses as the OS becomes more common and popular."

Mr. Clarke is wrong. To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it. [Scott Granneman on SecurityFocus]