The Archives of The Evil Empire1999 November | ||
30 November: New virus spreads via Outlook security hole Virus researchers at Network Associates Inc. (Nasdaq: NETA), Symantec Corp. (Nasdaq: SYMC) and Trend Micro Inc. warned Tuesday evening that a new version of the ExploreZip virus, which wipes out information on a hard drive, has hit at least 12 companies so far, six of them high-tech manufacturing companies. Several thousand PCs are believed to have been hit. The ExploreZip variant, also called ExploreZip.worm.pak, is 120KB, about half the size of its predecessor. But other than its diminutive size, MiniZip acts exactly like ExploreZip, which wipes out files on hard drives and can spread via e-mail. 30 November: Microsoft's CE to become "Windows Powered" In an attempt to kill several birds with one stone, Microsoft is planning to revamp the branding of its scaled-down Windows CE operating system for non-desktop computers next year. Instead of stamping palm-size and handheld PCs with the "Windows CE" logo, Microsoft will begin marketing all such devices as "Windows Powered," CNET News.com has learned. The move is designed to accomplish two major goals: provide a much-needed boost to existing Windows CE-based products and unify Microsoft's disparate product lines under a more cohesive vision. 26 November: Office 2000 is very vulnerable to macro virus attacks The German magazine PC-Welt has posted an online review of the various macro virus protection mechanisms in Microsoft's Office 2000 software. The article, entitled "Dangerous Office 2000" summarizes their findings thus: "The actual protection value of these mechanisms is very limited -- indeed they can actually help macro viruses spread without being noticed by the user." 25 November: Gates email rallies troops to target congress candidates The MacOS Rumors site has published the text of what appears to be an email to Microsoft staff from Bill Gates, rallying the troops to help fund a campaign to target "only those key individuals who can make a difference" in next year's US congressional elections. That means helping candidates "who are sensitive to IT issues." The email looks genuine, as it describes the kind of actions you'd expect Microsoft to be taking under current circumstances. It was sent out to the Microsoft Corporation Political Action Committee (MCPAC) in the middle of last week, and solicits up to $5,000 a year in contributions from Microsoft staff. 24 November: Comment: Microsoft waits for no-one Microsoft is gearing up, sooner rather than later, to sell software as a service. That way it will be difficult, if not impossible, for any entity to force changes in Microsoft's business practices via remedies like splitting the operating systems group from the applications group, or opening up the Windows programming interfaces or source code, as software isn't an easily definable, shrink-wrapped collection of bits and bytes anymore. 23 November: New IE 5 bug could let web hackers see files on hard disk Microsoft has acknowledged a security problem with its Web browser that could let a malicious Web site operator rifle through visitors' files. Internet Explorer 5.0 could, under specific circumstances, allow a malicious Web site operator to view "fragments" of certain files on the computer of a visiting user, according to Georgi Guninski, a programmer who first reported this bug. 16 November: Microsoft Messaging Security Loophole Downloads Dangerous Code Forget about BubbleBoy. There's a real vulnerability lurking in Microsoft Outlook and Outlook Express capable of delivering your machine into malevolent hands. The "Active Setup Control Security Loophole" can download and save an e-mail borne attachment without your intervention or knowledge. Once free to roam your hard drive, the attachment can access or delete files at will. 15 November: BubbleBoy: Microsoft knew about potential security hole for at least a year; refused to take steps "As soon as Microsoft provided HTML-enabled mail readers and scripting in Windows 98, it was inevitable," said Padgett Peterson, principal information security specialist for Lockheed Martin Corp. "We've known that for over two years now. When the first pre-releases came out, the security-conscious administrators were pleading with them to take those 'features' out." Even in the face of a warning from the U.S. Department of Energy's Computer Incident Response Capability posted in December of 1998, Microsoft failed to heed that warning. 15 November: 'Buffer overrun' security hole makes Windows 98 vulnerable to attacks -- patch now posted The exploit, which lets an attacker run malicious code on a target's computer, is known generically as a "buffer overrun" attack. Microsoft cited estimates that between two-thirds and three-fourths of computer security problems are buffer overrun issues. An attacker could take advantage of the vulnerability by sending email or by luring a target to a Web page. A user would not have to click on a link of a malicious Web page; merely visiting that page would be sufficient to launch the attack. 13 November: Security hole in Outlook Express 5 for Macintosh In a press release, Microsoft warns Mac OE 5 users that they may experience a Trojan Horse type security issue that makes it possible for a malicious sender to send an MHTML message to an OE 5 user that will automatically download a file to the users default Download folder without the OE 5 user's knowledge. 12 November: BubbleBoy virus found on net The BubbleBoy virus, which sent shudders through the antivirus community earlier this week, is no longer just a lab rat. MSNBC has confirmed that the virus -- and an updated version 1.1 of the program -- has now been posted on a Web page hosted in Japan. 10 November: New, fast-spreading email virus uses Outlook security hole A virulent new kind of computer virus triggered simply by opening an infected email message has been identified, antivirus researchers said today. The virus, dubbed "BubbleBoy," apparently hasn't yet made it onto the open Internet, which means researchers haven't heard of any computers being infected. As with several earlier similar fast-spreading viruses, it takes advantage of security holes in Microsoft Outlook email software to run an unauthorized program on victims' computers, changing information and emailing itself to new targets. 9 November: Outlook vulnerable to masquerade attack A prominent computer 'bug hunter' has found a vulnerability that allows a malicious programmer to launch an email attack which bypasses some of the precautions built into Microsoft's Outlook software. The vulnerability smoothes the way for a new type of email-borne virus, also called a Trojan horse, and other malicious software. 8 November: Lawyer Puts Breakup on the Table The Justice Department's top antitrust enforcer said for the first time on Sunday that a break-up of Microsoft Corp. was within a range of remedies being considered in the government's antitrust suit. 8 November: How fighting piracy helps MS boost Windows sales Microsoft can even use the fight against piracy as a mechanism for strengthening its hold on the OS market, according to Judge Jackson's findings of fact. The company has achieved a situation where practically all PCs ship with Windows on them, so nobody much wants a pirate copy of the OS, and where the illegal market that does exist has no effect on keeping the prices Microsoft charges down. 7 November: How Microsoft Sought Friends in Washington Microsoft's lobbying, focused on swaying Congress and creating a generally friendlier climate in Washington, has had little if any effect on the current antitrust litigation in U.S. District Court. 6 November: What will happen if Microsoft finally loses? Yesterday's court victory for the DoJ may just have been the first battle in a war that could rage for several more years, but already the question of what's to be done about Microsoft is being raised with more vigour. If Microsoft ultimately loses it will inevitably find itself on the wrong end of a queue of private antitrust cases, which means it would do well to keep its near $20 billion of cash handy - but there are the remedies from the main event for the company to worry about too. 6 November: Judge: 'Gates Was Main Culprit' Bill Gates was directly involved in strong-arming companies into kowtowing to Microsoft's demands, according to US District Judge Thomas Penfield Jackson. 6 November: DoJ 1, Redmond 0 - jubilant critics want MS broken up Amusement followed the findings of fact as a gaggle of commentators assembled on the US Courthouse steps to contribute their two cents. Ken Wasch, President of the Software and Information Industry Association -- upon whose board Microsoft sits -- called for a "self-executing remedy" not requiring regulatory oversight. "A conduct-oriented remedy cannot be enforced," he insisted. He meant that Microsoft has to be broken up. Computer and Communication Industry Association President Ed Black agreed. It would be difficult for Microsoft to comply with the spirit of the court findings, he said. The company has demonstrated monopolistic tendencies in its "fundamental approach to business strategy." 5 November: Microsoft's rivals 'delighted' "No one wants to see Microsoft go under--we all just want to see them play fair," Ransome Love, chief executive of Linux operating system seller Caldera Systems, said. Love's response represents the thoughts of several companies who have found themselves at odds with Microsoft. For them, it indicates that there may come a time when they'll have a clearer shot at nabbing Microsoft's customers. 5 November: MS antitrust case: court releases findings of fact Judge Thomas Penfield Jackson released his Findings of Fact in the Microsoft antitrust trial today. In a nutshelkl, the Findings state that (a) Microsoft indeed has a monopoly in the PC industry; that (b) Microsoft used its position and power to squash innovations and competitors that seemingly attacked its core products, or which Microsoft deemed contrary to its own self-interest; and that (c) that abuse has harmed consumers "in ways that are immediate and easily discernable" and stifled innovation in the computer industry. 5 November: Dos 5 vapourware campaign: 'I am not a crook,' says MS exec Microsoft's inglorious history of employing preannouncements in order to destabilise the opposition goes back a lot further than DR-DOS, to Windows 1.0 and beyond, but by 1990 the practice was thoroughly bolted into the company's systems and business practices. 5 November: How MS played the incompatibility card against DR-DOS Microsoft had several methods of detecting and sabotaging the use of DR-DOS with Windows, one incorporated into "Bambi", the code name that Microsoft used for its disk cache utility (SMARTDRV) that detected DR-DOS and refused to load it for Windows 3.1. The AARD code trickery is well-known, but Caldera is now pursuing four other deliberate incompatibilities. 5 November: Special Caldera case report: Microsoft's smoking pistols Microsoft's efforts to block key aspects of Caldera's antitrust suit have now almost entirely run into the sand. US District Judge Dee Benson issued a judgement denying a further four Microsoft motions. Microsoft has been trying for summary judgement of various parts of Caldera's case, but has scored straight zeros, and only has one shot left for the judge to rule on. 2 November: Win2k smoke and mirrors -- how MS is hiking OS prices For reasons that aren't at the moment entirely clear, Microsoft has released prices for Windows 2000, although it was only the other day that the company said it wasn't going to do the big product rollout until 17th February. Ordinarily Microsoft releases the prices when the product itself is released. 2 November: Microsoft outlines Windows 2000 pricing A new pricing method for the forthcoming Windows 2000 could dramatically increase costs of e-commerce for some customers, as Microsoft's revised scheme for calculating so-called client-access licenses (CALs) would nessitate a CAL for "each individual requiring authentication, such as would be necessary for a secure online transaction," according to c|net. (pricing details also listed) 2 November: Microsoft Financial Fraud Investment manager Bill Parish claims that Microsoft's continuous profits are due to inflated numbers. He calls Microsoft stock "the greatest financial fraud/pyramid scheme this century" and goes on to say: "It is not uncommon for participants in pyramid schemes to lose their emotional bearings. My close friends who work at Microsoft are particularly upset over my work and it is possible that even Bill Gates and Steve Ballmer do not realize the implications of their financial practices." |
