The Evil Empire
Information about Microsoft, bugs, security holes, and dirty business tactics.
Updated irregularly (about once per week)
January 2005
December 2004
November 2004
October 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
Older archives
January 28, 2004
Can't Talk, Coming Down
AtAT: "We suspected that Bill Gates was high on something when he claimed last week that spam would be completely eradicated by 2006, but now we're 100% certain that the World's Richest Man is completely wasted whenever he gets up on stage to address the public. You all know about that MyDoom worm that's unleashing a world of hurt on the world's email inboxes, right? [...] Now, given that this latest Windows virusy thing was raging in full force yesterday in what was arguably the most visible embarrassment of Microsoft's 'Trustworthy Computing' initiative since Blaster and its variants, wouldn't Billy-Boy have to have been stoned to get up and talk about how Windows is so much more secure than anything else out there? [But] even as MyDoom raged around him, Gates actually said that 'a high-volume system like (Windows) that has been thoroughly tested will be far the most secure.'" More... [As the Apple Turns]
January 27, 2004
'Mydoom' worm strikes computers
A malicious new computer virus spread via e-mail is clogging networks and may allow unauthorised access to personal computers, experts warn. The worm, called Mydoom or Novarg, is carried as an e-mail attachment and sends itself out to new e-mail addresses once opened by the recipient. The virus may also open a "back door" to the computer to give hackers access.
"As far as I can tell right now, it's pretty much everywhere on the planet," said one anti-virus expert. The worm only affects computers which use Microsoft Windows. More... [BBC]
January 25, 2004
Microsoft's Latest Competition-Stifling Move
Microsoft has applied for patents that could prevent competing applications from processing documents created with the latest version of the software giant's Office program.
Once again, our favorite monopolist breaks a promise. There was a brief moment when the company's adoption of XML had potential -- to be a breakthrough in interoperabilty, a move away from the proprietary file formats that have been one of the major lock-in devices of the past decade. And Microsoft assured us that it wouldn't pull the same tricks this time. More... [Dan Gillmor]
January 20, 2004
New Worm Attacks Windows Computers
A new Internet worm that spread through Asia, Australia and Europe on Monday is expected to take hold in the United States on Tuesday. The "Bagle" or "Beagle" worm arrives as an attachment to an e-mail with the subject line "Hi" and "test : )" in the body text.
Like the earlier worms, Bagle does not affect Macs or computers running the Linux and Unix operating systems.
The worm is activated when a user clicks on the attached file. Once the attachment is opened, the worm tries to send copies of itself to all of the e-mail addresses that it finds on the victim's computer, faking the return address with one randomly generated from those sifted from the infected PC. It also installs a program that lets attackers connect to infected machines, install malicious software or steal files. Bagle also tries to download an unknown program from one of more than 30 Web sites located mostly in Germany and Russia. None of those Web sites was reachable as of Monday afternoon.
A German Internet service provider that hosted one of the Web sites recorded nearly 1 million different Internet addresses trying to connect to the site within a 24 hour period, indicating that as many as a million computers have been infected so far. More... [The Washington Post]
January 16, 2004
MS Win98 support reprieve was move to block Linux, says Gartner
Microsoft's extension of the support period for the Windows 98 product family earlier this week was a move intended largely to discourage the adoption of Linux in emerging markets, according to Gartner. The research outfit concludes that the move comes too late for it to be relevant to enterprise migration plans, but that extra life support for 98 could be important to Microsoft elsewhere. More... [The Register]
January 15, 2004
Feds Force Changes to Windows XP
Microsoft Corp. has agreed under pressure to change its Windows software to resolve complaints by the Justice Department that it unfairly influenced how customers buy their music online, the government said Thursday. Microsoft will offer updated software for its Windows XP operating system in February or March to stop its disputed practice of compelling consumers who buy music on the Web to use only Microsoft's Internet browser. More... [eWeek]
IE Patch Still Elusive
On a Microsoft security Webcast held Wednesday, participants were more interested in the whereabouts of a patch for a known Internet Explorer spoofing vulnerability than they were in the three new security bulletins that Microsoft released on Tuesday.
A patch could come none too soon. Security experts say that they have seen a spike in phishing attacks after a December security bulletin revealed the IE spoofing exploit. Phishing attacks involve the use of e-mails that often appear to come from a legitimate e-mail address and usually include links to spoofed Web addresses. The vulnerability in IE allows attackers to use fake Web addresses in IE's address box to obscure the real URL. More... [eWeek]
Security a work in progress for Microsoft
Two years after Chairman Bill Gates called on Microsoft to redouble its efforts to secure its software, the company is beginning to make progress, according to customers--but much work remains. Although Microsoft is touting the large number of changes it has made in its approach to security as a measure of its success, the most telling pieces of evidence may be the numbers. More... [CNET News.com]
January 14, 2004
Microsoft issues warning about VOIP vulnerability
Microsoft Corp. issued its first security patches of the new year yesterday, warning users about a critical vulnerability in a component of the Microsoft Internet Security and Acceleration (ISA) Server used to control IP (Internet protocol) telephony traffic.
Three bulletins, MS04-001 through MS04-003 were posted on Microsoft's Web site, including lower-priority patches for Exchange Server 2003 and the Microsoft Data Access Components (MDAC), which is used by certain versions of Windows and Microsoft SQL Server. More... [Computerworld Security News]
January 04, 2004
Happy New Worm
Antivirus experts are warning of a troublesome, Christmas-themed e-mail worm and a virus that spreads via MSN Messenger, the popular instant-messaging application. The Jitux.A virus is not destructive but has already begun to spread via MSN Messenger, according to Panda Software. When executed, the file becomes resident in memory and sends messages to other MSN Messenger users every five minutes, prompting them to download the virus' code. More... [CNET News.com]
Microsoft Office Security Features Can Be Bypassed
It is reported that Microsoft Office components offer features ostensibly intended to protect access to and modification of Office documents. Several of these security features can be bypassed by malicious users. One flaw is reported in Microsoft Word in the "Protect Forms" password protection feature. A local user can invoke a hex editor and modify the document file to remove the password protection. More... [SecurityTracker]
