The Evil Empire
Information about Microsoft, bugs, security holes, and dirty business tactics.
Updated irregularly (about once per week)
January 2005
December 2004
November 2004
October 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
Older archives
March 31, 2004
Microsoft Internet Explorer MT-ITS Protocol Zone Bypass Vulnerability
Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone, such as a malicious CHM file. The issue, in combination with other vulnerabilities, is exploitable to provide for automatic delivery and execution of an arbitrary executable. This would occur when malicious web content is rendered in Internet Explorer. It has been reported that this vulnerability is actively being exploited as an infection vector for malicious code that has been dubbed Trojan.Ibiza. More... [SecurityFocus]
March 29, 2004
US politicians complaining about EU decision collected $25,000 from Microsoft
A search on the US opensecrets.org web site has revealed that half of the 10 politicians complaining about the EU ruling on Microsoft earlier this week have received substantial contributions from the company. The information on contributions was released by the FEC on 1st March 2004.
Robert Wexler, for example, received $16,500 in PAC contributions from Microsoft for the current cycle. Gregory Meeks picked up $2,000. Joseph Crowley picked up $4,000, while Adam Schiff picked up $2,000 in contributions. More... [The Inquirer]
March 26, 2004
Microsoft Hopes Appeal will Null Effect of EU Sanctions
Software giant Microsoft is confident it can evade most of the effects of Wednesday's anti-trust ruling from the European Commission and believes that a protracted appeals process can delay the imposition of the ruling until after it introduces its next generation operating system in 2006, the Seattle Times reported Thursday.
The paper quoted Microsoft chief counsel Brad Smith as saying that he's confident the company can win a stay in court, which would delay imposition of the penalties until an appeal is heard. That process could take until 2009, long after a crucial new version of Windows, code-named Longhorn, is shipped in 2005 or 2006. More... [dpa]
Newly Released Documents Shed Light on Microsoft Tactics
Even as Microsoft prepares to face penalties from the European Union, which accuses the company of abusing its Windows monopoly, new details about the tactics Microsoft used to secure a dominant position in software markets over nearly two decades are emerging in a state courthouse in Minneapolis.
Among the documents introduced in court this week was a letter from June 1990 in which Bill Gates, Microsoft's chairman, told Andrew S. Grove, the chief executive of Intel at the time, that any support given to the Go Corporation, a Silicon Valley software company, would be considered an aggressive move against Microsoft.
Other evidence presented by the plaintiffs' lawyers at trial yesterday gave an account of how Microsoft violated a signed secrecy agreement with Go and showed that Microsoft possessed technical documents from Go that it should not have had access to. More... [NY Times]
Sendo Updates Mobile Suit Against Microsoft
Sendo, the tiny British cellphone maker that launched a high-profile lawsuit in 2002 charging Microsoft with dirty tricks, is back with an updated complaint in its acrimonious battle against the Redmond, Wash., software giant.
The revised document, filed last week in the U.S. District Court for the Eastern District of Texas and obtained by internetnews.com, tacks on new claims to Sendo's original allegations that Microsoft had a "secret plan" to plunder its proprietary information and technical expertise. Sendo's second amended complaint levels a breach of contract charge as a result of the actions. More... [Internet News]
March 25, 2004
GreyMagic detects e-mail security flaw
Israeli data security firm GreyMagic Software issued a service advisory on Tuesday, warning of a security flaw in Microsoft Hotmail and Yahoo-based e-mail services, when used with Internet Explorer. Countless millions of computers had been vulnerable to attack via a code sent in e-mails. More... [Ha'aretz]
EU Antitrust Ruling
The seattlepi Microsoft weblog has lots of links about the European Union's antitrust ruling against Microsoft; Mary Jo Foley has more over at eWeek.
March 23, 2004
Passport to nowhere?
Remember when Microsoft was going to be your trusted, omnipresent guide through the world of online commerce?
That was the plan a few years ago, when the software giant began pitching its Passport online authentication service as a cure-all for what was ailing online shopping. The reality has turned out to be considerably less expansive. Passport use is limited to Microsoft-owned sites and a handful of close partners, thanks to a combination of customer apathy and high-profile Microsoft glitches. More... [ZDNet]
Netsky.P worm spreads
A new NETSKY variant propagates via email using its own Simple Mail Transfer Protocol (SMTP) engine. It exploits a known vulnerability affecting Internet Explorer involving incorrect MIME Header (MS01-020), which allows the automatic execution of email attachments while an email is read or previewed.
The email that it sends out has varying subjects, message bodies, and attachment file names. It gathers email addresses from files with certain extension names. It also attempts to propagate via network shares by dropping copies of itself on certain folders found in the affected system. More... [Trend Micro]
March 20, 2004
IE bug in Outlook lets in Bagle Q and R viruses
Reports are already flooding in to antivirus companies across the globe of new variants of the Bagle virus that spread without the recipient opening an attachment but through a hole in Internet Explorer.
The flaw, for which Microsoft issued a patch in October of last year, affects the way the applications handle code received from a Web server and if left unpatched could allow an attacker to run code on the target system. In this case, the flaw is exploited through an email which embeds a small amount of HTML to take advantage of the flaw as Outlook uses the same HTML rendering engine. More.... [PC Pro]
March 19, 2004
Passport and MSN Messenger Down Again
A number of MSN services were down for the second time in less than a week, and again, the company isn't identifying the cause. On Thursday, less than a week after a major MSN services outage, many MSN users found themselves unable to access Passport and MSN Messenger. Microsoft acknowledged the problem. More... [Microsoft Watch]
March 08, 2004
Service announcement
Sorry for the recent lack of updates. This site is not dead, I'm just a bit short of time. Regular updates will continue shortly.
