The Archives of The Evil Empire2001 March
| ||
|
30 March: IE security hole launches e-mail attachments
It's been a bad week for Internet Explorer users as the second potential devastating vulnerability in as many days has been discovered by security researchers. A security hole in Microsoft's Internet Explorer Web browser can cause the browser to automatically open HTML e-mail attachments that could be used by an attacker to execute malicious code, the company has warned. The flaw exists in versions 5.01 and 5.5 of the browser and affects how Internet Explorer processes attachments to HTML e-mail encoded with the Multipurpose Internet Mail Extensions (MIME) standard, Microsoft said in a security bulletin posted to its Web site Thursday. 30 March: All your data (and biz plans) are belong to Microsoft
With Microsoft's HailStorm .NET initiative hinging on the company's very own PassPort service, you'd think Redmond would be bending over backwards to stress the confidentially of user information. Well, if that's the case, it hasn't started yet. The current Passport Terms of Use agreement not only fails to guarantee confidentially, but actually gives Microsoft and its business partners the right to own your information, and do pretty much what they want with it. That encompasses all your Hotmail and MSN Messenger communications today. 29 March: Microsoft To Users: Pay Up
Microsoft Corp. is cracking down on enterprise customers it believes aren't paying for all the software they're using, calling on them to perform audits and stick to a narrow interpretation of license terms, according to several big Microsoft shops. "These days, the only thing that Microsoft is interested in discussing with its customers is licensing issues," said John Luludis, CIO of Danzas AEI, an international shipping company with about 10,000 Windows desktops. 28 March: Software combo could open door to IE bug
A newly discovered bug in Microsoft's Internet Explorer Web browser could let malicious hackers read the e-mail and computer files of some unsuspecting people. Bug tracker Georgi Guninski said the exploit is activated when a surfer using Internet Explorer 5 loads a malicious Web page. The surfer's network also must be running Microsoft's Exchange 2000 server for the bug to show up. The bug lists the directories of some servers the Web surfer can access, which could enable viewing of the person's e-mails or folders if they are stored on a Microsoft Exchange 2000 server. 27 March: New Windows demands PC power
PC enthusiasts looking to grab an early copy of Windows XP may be in for a big surprise: Many will need more computing horsepower to run the operating system. Microsoft's Web site recommends a minimum 300MHz Pentium II processor and 128MB of RAM to run the Windows XP beta, up from a 133MHz processor and 64MB of memory for Windows 2000. Although many PCs come with 128MB now, machines sold a year ago, especially budget PCs, typically came with much less memory. 23 March: HailStorm brews up cloudy forecast
HailStorm, which uses Microsoft's Passport technology for authentication, will enable interaction with applications and services connected to the Internet, including address books and instant messages. Skeptics charge that the HailStorm initiative is just another way of developers being forced to commit to Microsoft technology. "It's always been their history with 'embrace and extend' to have a little bit of it open but to hold onto the main portion," said John Terris, a Microsoft developer and senior programmer with Kendall Placement Group, in St. Louis. "I can see the same thing [as happened with Java] happening here." 21 March: Trustbusters look at Microsoft's Web push
Microsoft's strategy to develop new services for the Internet is raising concern among U.S. state antitrust enforcers that the software giant is trying to extend its Windows monopoly to the Web. 17 March: Germans ban MS software from army computers
The German foreign office and Bundeswehr are pulling the plugs on Microsoft software, citing security concerns, according to the German news magazine Der Spiegel. Spiegel claims that German security authorities suspect that the US National Security Agency (NSA) has 'back door' access to Microsoft source code, and can therefore easily read the Federal Republic's deepest secrets. 15 March: Virus plague causes charity to consider Linux
Development charity ActionAid is making plans to switch all its desktop computers to Linux, as a way of avoiding the viruses that continuously assault its Windows PCs. 14 March: Microsoft announces Linux.NET
Microsoft announced that the company intends to make its .NET services scheme Linux friendly. "Do we have a way for people who host Web sites on Linux to build on [.NET]? Yes we do," the paper quotes Ballmer as saying. But apparently the Grand Scheme is to figure some way to bump Linux users to Windows at some future date. 9 March: Russian Mafia uses NT flaws to raid Internet banks
Eastern European crackers have spent a year systematically exploiting known NT vulnerabilities to raid online banking and ecommerce systems. More than 40 companies have been subject to attacks and it is believed more than a million credit cards have been stolen, provoking the FBI to take the highly unusual step of providing details of an ongoing investigation in the hopes of limiting further damage. 9 March: Windows Now Slightly Open
Microsoft will share 95 percent of its operating systems source code with key developers. But the company hasn't reversed itself on loathing collaborative development; engineers can look at but not touch the code. 9 March: European hackers attack U.S. web sites
A series of organized hacker attacks targeting U.S. Web companies continues, despite previous warnings because many companies are not taking the necessary security measures to prevent them. The hackers, from Russia and the Ukraine, have penetrated U.S. e-commerce computer systems by exploiting vulnerabilities in Microsoft Windows NT operating systems. 8 March: MS leaked memo whips up anti-piracy 'national cause'
Microsoft France is plotting to manipulate "public authorities and large institutional players" to make piracy enforcement, implementing copy protection and product activation technology, and the fight against hacking a "national cause" in France, according to a leaked internal memo obtained by The Register. 6 March: Microsoft discloses denial-of-service bugs
A flaw found in two major Microsoft business applications could allow a malicious computer hacker to crash a company's Web site or disable its email system. The same bug is found in Microsoft's Internet Information Server (IIS) 5.0, which is used to power many commercial Web sites and in Exchange 2000, Microsoft's flagship corporate email product. The bug means that a specially formulated message can be used to crash these applications and render them inoperative. 6 March: Why Hotmail users get so much spam
Hotmail has come under criticism for placing its subscribers' email addresses on a public Internet directory site when they sign up for the service, making them easy prey for spammers. Customers signing onto Microsoft's free Web based email service are automatically added to Infospace's Internet White Pages directory by default. Microsoft sees Hotmail users inclusion on the Infospace directory as a "consumer benefit" - an attitude we feel it would surely change if it had to pay for the cost of downloading spam itself. 6 March: Microsoft mulling fee-based services for MSN
Microsoft, apparently serious about turning software into a service, is testing the waters with a number of new, fee-based MSN services including virus protection, music subscriptions and even an e-mail-via-phone plan, sources say. 2 March: Microsoft plants most web bugs
Microsoft's business portal linkexchange.com (now called bCentral) is the biggest user of Web bugs, according to a survey by Securityspace.com. Web bugs, objects such as frames or images, are embedded on a Web site and cause part of the Web page to be retrieved from a different site. In the process, the second web site gets to know who visited the original site. These web bugs can be used to verify email addresses and collect IP numbers of users.
|
