The Archives of The Evil Empire2000 October
| ||
|
30 October: Unhooking MS browser, again
No sooner does Microsoft come up with a new operating system that's slower than the last one than we have a new version of 98Lite -- the utility that does what Microsoft insists can't be done: It unhooks the operating system from the Web browser. With this software, users can cut their Windows ME install from more than 200 MB to 70 MB in disk space and more than double the amount of free memory on the computer, said Brooks. Startup time has as much as 10 seconds sheared off while shutdown is nearly instantaneous. 29 October: Win2K hangs with VIA chip sets
Microsoft has put its hands up and admitted to providing incomplete support for VIA chip sets in Windows 2000's AGP drivers. Programs using 3D AGP functions under Windows 2000 Professional, Server and Advanced Server on VIA-based systems may stop responding. 27 October: How MS Helped With Own Hack
Qaz is the name of the worm that was used to penetrate Microsoft's computer system, during which hackers were able to view Windows source code. Ironically, Qaz was written with a Microsoft program. 27 October: Microsoft can't spin this worm
While it looks like there was a well-organized conspiracy attempting to exploit Microsoft vulnerabilities, the actual attack wasn't anything special. A script kiddie working off a recipe could have done it. The smoking gun appears to have been a simple Windows-only worm named W32.HLLW.Qaz.A, or the QAZ Worm to friends. It works by someone opening an e-mail attachment. It's also clear that Microsoft doesn't have adequate internal or e-mail gateway anti-viral protection. Second, Microsoft wasn't protecting their network with basic firewall security. And now a point that people still don't get: Microsoft's own fundamental operating system principles of enabling data and programs to interoperate at a low level does provide unparalleled ability for programs to interoperate with each other, but it also offers crackers unparalleled access to break into your systems. 27 October: Hackers strike Microsoft
Exploiting a software security hole, unknown hackers had access to Microsoft servers "for weeks" and had access to the Windows and Office source code. The hackers used a Trojan Horse e-mail to gain access to the server; the Trojan has been known for a while, but apparently lax security at Microsoft allowed it to enter. 26 October: Microsoft, FTC settle false ad claim
The U.S. Federal Trade Commission said Microsoft Corp.'s WebTV interactive television unit agreed to settle charges filed by the regulatory body, which accused the company of false advertising. The settlement will prevent the company from making "deceptive advertising claims about the performance capabilities of the WebTV system," the FTC said in a statement. 21 October: Windows bugs Me
Driver compatibility and support is probably the biggest problem associated with Windows Me. There are plenty of people out there with hardware that wasn't supported from day one, and who still want to run Windows Me. So either the vendors screwed up by not using the two months they had before Windows Me hit the shelves, or Microsoft did not prepare the vendors enough. There have also been reports of a mysterious problem that results in certain high-speed systems running Windows Me suffering data loss at shutdown. Microsoft insists that the problem doesn't relate to its operating systems but has nonetheless released patches to address it. 19 October: MS beats Street, ungrateful Street beats up MS
Microsoft's Q1 results comfortably 'beat the Street' - but the Street seems to be getting a mite suspicious. The company yanked earnings up from $2.19 billion a year ago to $2.21 billion, but the increase came from a surge in income from company investments, up from $550 million to an impressive $1.13 billion. Some analysts however churlishly declined to be impressed by how effective a VC/bank Microsoft is becoming, and pointed instead to a drop in profits from operations of $12 million. So Microsoft isn't doing particularly well as far as what it's supposed to do is concerned, but is making a lot of money from what it does as well. 18 October: New IE 5.5 hole lets hackers read files
A veteran bug hunter has detected a security hole in Microsoft's Internet Explorer 5.5, Outlook and Outlook Express. Georgi Guninski of Bulgaria published his "high risk" advisory of the exploit Wednesday, warning of a security vulnerability in which a malicious person could read files and URLs after enticing someone to view a Web page or read an HTML message that the malicious person created. "It's definitely a high risk," said Elias Levy, chief technology officer for SecurityFocus.com. "We assume that the only thing people can do is read files--that's pretty damaging in and of itself, but at least for now people aren't able to write or execute programs through your machine. They can only read files from your machine or read Web pages." Levy added that a hacker could also get into someone's computer system by delivering an email of a Web page to someone who uses Outlook or Outlook Express. 17 October: Security hole in Microsoft IIS allows access to files stored on server
Microsoft has identified a security vulnerability in Microsoft¨ IIS 4.0 and 5.0 that is eliminated by a previously-released patch. The vulnerability could potentially allow a visitor to a web site to take a wide range of destructive actions against it, including running programs on it. Due to a canonicalization error in IIS 4.0 and 5.0, a particular type of malformed URL could be used to access files and folders that lie anywhere on the logical drive that contains the web folders. This would potentially enable a malicious user who visited the web site to gain additional privileges on the machine Ð specifically, it could be used to gain privileges commensurate with those of a locally logged-on user. Gaining these permissions would enable the malicious user to add, change or delete data, run code already on the server, or upload new code to the server and run it. 16 October: Security hole in IE 5 that allows web page to control visiting computer
Microsoft has released a patch that eliminates a security vulnerability in Microsoft virtual machine (Microsoft VM). If a malicious web site operator were able to coax a user into visiting his site, the vulnerability could allow him to take any desired action on a visiting userÕs machine. 16 October: IT giants who don't pay tax part 2: how Microsoft does it
Microsoft makes much more money from dealing in stock options than from Windows, and as a result paid no tax in fiscal 2000. It's not the picture you'd expect, and it's not exactly easy to get the real picture either - but it's all perfectly legal, really. 14 October: Gorton hangs trial on Gore - will MS become an election
issue?
The Microsoft trial has shuffled closer to the centre stage of the presidential election, following an attack on the US government and the case by Senator Slade Gorton. Gorton getting stuck into the DoJ isn't exactly news; as the senator for Washington, Microsoft's home state, he's been defending our boys' freedom to innovate stoutly all along the way - but this time it's kind of official, making the trial much more likely to turn into a stick for the Bush campaign to beat Gore with. 9 October: Forget About Exchange 2000!
This is Exchange 2000 week. You're going to read everywhere about how great it is that the first W2K server application is finally rolling. Not here. Long delayed, Exchange 2000 finally is appearing, and guess what? After an additional year in the oven, it's still raw. While Exchange 2000's final version is still quirky enough to count as beta in my book, its major, insurmountable problem is that it must have Active Directory working well for it to run properly. Bad news: W2K Server Active Directory still doesn't work right. And, without Active Directory, Exchange 2000 just sits on a heavy-duty server and does nothing. 9 October: Microsoft paid no federal income tax
Cisco Systems and Microsoft, two of the nation's richest companies, capitalized on the windfall profits of their employees to wipe out their federal income tax bills last year. Redmond, Wash.-based Microsoft, the world's largest computer-software company, recorded a $5.5 billion tax benefit by deducting its employees' profits from stock options during its last fiscal year. Microsoft reported federal and state tax liabilities of $4.74 billion in the year ending June 30. Microsoft's profit totaled $9.4 billion. 9 October: 'They could kick me off the case,' says MS trial judge
Microsoft trial judge Thomas Penfield Jackson is accused by Microsoft of judicial misconduct for talking to the press, and it's becoming increasing obvious that this is one hell of an albatross around the good judge's neck. In an interview with the Financial Times, Jackson insists what he said after the trial was in accordance with federal codes of conduct, but nevertheless envisages the possibility that Microsoft will succeed in getting him kicked off the case. Jackson's tone seems pessimistic, with some justification. The remedies he imposed in order to tackle Microsoft's abuse of monopoly power are suspended pending appeal. Jackson tells the FT that Microsoft's anti-competitive behaviour has continued in the wake of his verdict, and that it's now "well en route to another monopoly." 6 October: Whistler beta target blows by MS
Already behind schedule, Beta 1 of Microsoft's next-generation Windows product, code-named Whistler, is scheduled to debut in late October. But testers of the latest alpha build say that date might be too soon, given the state of the user interface. Whistler build 2267, which a few Microsoft partners and testers have downloaded in the past couple of weeks, is slightly more stable than the 2257 alpha release. But 2267 is a far cry from even Beta 1 quality, testers said. According to a copy of Microsoft's internal timetable examined by ZDNet News in mid-September, the company had planned to deliver Beta 1 of Whistler on Oct. 11. 5 October: Ex-employee accuses Microsoft of racial, gender bias
Microsoft is being sued for allegedly using a subjective job evaluation process that discriminates against black and female employees. Microsoft "permits managers, who are predominantly white males, to rate employees based upon their own biases rather than based upon merit," Monique Donaldson, a former program manager at Microsoft, states in the suit.
|
