29 August: Microsoft.Net: a new monopoly?
Microsoft.Net can be summarized in one simple statement: Microsoft is
building an Internet monopoly.
Microsoft is poised for success given its broad market penetration,
current business practices and deep pockets. But Microsoft's trump card is the desktop
monopoly that governs how over 96 percent of people access the Internet. Tie the desktop
monopoly to Microsoft-held Internet properties and watch Internet.Net grow.
28 August: Protests over the release of Internet Explorer 6
The latest version of Microsoft's Internet Explorer browser, made available for free download
Monday, is drawing protests because it doesn't support two rival products commonly used on
Internet Explorer 6.0 will not automatically support the embattled Java programming language or
Netscape-style "plug-ins," though users and developers will have tools to make the browser
compatible with those products.
Microsoft decided to drop support for the plug-ins in favor of Microsoft technology called ActiveX.
27 August: MS bugware blamed for 'inadvertent' hack
Possible Good Samaritan Brian West of Oklahoma was using MS FrontPage
when he learned (inadvertently, he claims) that he could gain privileges on
the local Poteau Daily News Web site without authentication. After
bringing this gaffe to the paper's attention, he got into a bit of hot water
with the Feds for 'exceeding authorization' on the machine.
Now West's lawyers are claiming that Microsoft's bugware is to blame for
the whole incident.
24 August: XP Invasion Is Imminent
Microsoft's new operating system, Windows XP, works well enough
that there's no reason to think it won't dominate the world. The
biggest problem may be enduring the onslaught of built-in pitches
to use other MS services.
24 August: Bill Gates' Way or No Way
We don't have enough automobile companies, but at least we
have a few. We have, what, hundreds of TV channels? Probably
enough. At the grocery, I counted 11 brands of toilet tissue. I
have my choice of at least six manufacturers of aloha shirts, dozens of religious groups, five
branches of the military service, a couple of kinds of tooth
fillings, about 69 cuisines and a lot of different kinds of bikes.
Then we have Microsoft. No choice, no spice, no soul, no pleasure.
23 August: Lobbyists Tied to Microsoft Wrote Citizens' Letters
Letters purportedly written by at least two dead people landed
on the desk of Utah Atty. Gen. Mark Shurtleff earlier this year,
imploring him to go easy on Microsoft Corp. for its conduct as a
The pleas, along with about 400 others from Utah citizens, are
part of a carefully orchestrated nationwide campaign to create
the impression of a surging grass-roots movement.
The targets of the campaign, attorneys general of some of the 18
states that have joined the Justice Department in suing
Microsoft, have figured out the campaign's origins, and they're
The campaign, orchestrated by a group partly funded by
Microsoft, goes to great lengths so that the letters appear to be
spontaneous expressions from ordinary citizens. Letters sent in
the last month are printed on personalized stationery using
different wording, color and typefacesdetails that distinguish
those efforts from common lobbying tactics that go on in
politics every day.
Regulators became suspicious of the ruse after noticing that the same sentences appear in the
letters and that some return addresses appear invalid.
22 August: MS stalks US local government
Microsoft has issued letters to 650 US local government authorities,
asking them to conduct "voluntary software audits", according to
information obtained by LinuxWorld.com
The letters appear to form part of a campaign to persuade municipalities
in America to adopt easy-to-adminster enterprise licensing contracts. However, Microsoft is also carrying a big stickthe threat of
penalties, in effect enormous finesto municipalties that have failed to
keep proper account of their licence obligations to the company.
22 August: Microsoft, the masters of spin, at it again
If you've read even one article about Microsoft you probably already know
that everything the company does is in the interest of consumer convenience.
Well, that's the spin, anyway.
As a consumer interested in convenience, you have to ask yourself: Why is Microsoft coming
out with a new version of Windows that doesn't include a popular feature called the Java
Virtual Machine? Microsoft can try to spin the
answers from now until
judgment day, but it's clear
that the world's biggest
software company didn't
have your best interests in
mindto say nothing of
those of the millions of
developers who use Java
technology to ensure
compatibility across diverse
22 August: Serious security leaks patched
MS has patched a serious vulnerability in Outlook 2002 by which an
attacker could take over one's machine. At issue is an ActiveX feature, the
Outlook View Control, which enables mail folders to be viewed via Web
pages. In Outlook 2K the flaw doesn't give up control, but could allow for
Additionally, a CSS (cross-site scripting) vulnerability in Hotmail which could have
allowed for considerable HTML mischief was sorted out before it became
popular, thanks to WhiteHat Security which found it and alerted MS.
22 August: [Humour] The real Windows interface
You'll like this. An interactive Shockwave movie that threatens to offer
you the Windows RG (really good edition) OS. It has all your favourite MS
items, like crashing, eating huge chunks or memory, tons of error
messages and so on.
21 August: The trouble with Hotmail
Miller, a software quality assurance expert, could hardly believe what he was
reading. Microsoft's inability to simply change [a user's] age, or even delete and
re-create the account, seemed ridiculous. Though perhaps not quite
life-threatening in importance, to Miller the incident bore a significance that
extended beyond your average software nuisance. If Microsoft's engineers
couldn't fix an apparently minor problem with Hotmail, how much confidence
should Net users place in Microsoft's much more ambitious planswith its
much ballyhooed .NET initiative and HailStormto absorb their online lives?
20 August: Hotmail hole exposes e-mails
Hackers have exposed a security flaw which allows you
to read other people's e-mails in Hotmail.
Details of how to read other people's messages have
been posted on a website run by a group called Root
Core and it has quickly spread to other sites and
"This is a serious
vulnerability with Hotmail,"
said Graham Cluley, senior
technology consultant at the
anti-virus firm Sophos.
20 August: Microsoft withdraws Windows XP security claim
A promotional Web site for Microsoft's
soon-to-be-released Windows XP operating system said it would offer the same protection from
viruses and hackers that major corporations use, but the company has since rescinded those
A Microsoft executive had the reference removed from the Web site after The Associated Press
20 August: MS Firewall has security holes
Microsoft's much vaunted first security product has become the subject of
three separate security problems.
Internet Security and Acceleration (ISA) server 2000, which was
positioned by Microsoft as a credible alternative to corporate firewalls,
has become the subject of two denial of service and one cross site
scripting flaws. Microsoft has issued an alert, which explains these problems in detail and
how to get a single patch which we're told addresses all three of these
17 August: MS confirms: support for Netscape-style plug-ins dropped in IE 5.5 SP2 and IE 6
SYMPTOMS: Netscape-style plug-ins do not work after you upgrade Internet Explorer by installing any of the products listed
Some examples of Netscape-style plug-ins include QuickTime by Apple Computer, Inc.; Finale MusicViewer by
Coda Music Technology; and AlternaTIFF by Medical Informatics Engineering.
CAUSE: The versions of Internet Explorer that are listed above do not support Netscape-style plug-ins.
RESOLUTION: Contact the manufacturer of your Netscape-style plug-in to inquire whether the manufacturer has a version of the
component available that is built on ActiveX technologies.
16 August: IIS über-patch claims to wipe out all old Web server flaws
Microsoft has released an über-patch that aims to address all the
previously announced vulnerabilities in its IIS Web server software, and a
few more besides.
The cumulative patch includes the functionality of all security patches
released to date for IIS 5.0, and all patches released for IIS 4.0 since
Windows NT 4.0 Service Pack 5.
Microsoft has promised that the cumulative patch eliminates the "side
effects" of the previous IIS cumulative patch, which have led some admins
to defer the installation of the fix even while the FBI warned the Russian
Mafia was exploiting flaws with IIS to raid online banks.
16 August: Making Lemonade
How Microsoft Is Using Its Own Legal Defeat to Hurt Java
Eolas has been wiping the courtroom floor with Microsoft, which doesn't look like it will win.
If Microsoft can't win the case, they will have to pay damages to Eolas and perhaps pay a license fee, too. But
what if Microsoft takes a different route and simply removes from Windows the offending code? That would be
unthinkable even months ago. It would require the removal of Java and the abandonment of APPLET and
EMBED tags from future versions of Windows. Then, on August 10th, came a note from Apple engineering staff to the QuickTime VR mailing list saying that "IE
5.5 SP2 [for Windows] will not use the QuickTime plug-in no matter what you do. Microsoft has disabled all
'Netscape style' plug-ins, there is nothing you can do. Look for information from us about how work around this
problem in the near future."
Of course, this has a delightful outcome for Microsoft. They are able to abandon Java and blame it on Eolas. It puts even more oomph behind Microsoft's move to .NET. And as an extra bonus, Apple's QuickTime (and RealPlayer, too!) gets nuked in favor of Microsoft's next-gen Media Player.
15 August: IE upgrade cuts off QuickTime
With IE 5.5, Microsoft discontinued support for plug-ins, according to a Microsoft representative. Instead, the browser relies on technology developed by Microsoft known as ActiveX that links desktop applications to the Web.
ActiveX has been seen as a challenger to Sun Microsystems' Java programming language, which Microsoft has said will no longer be supported by default in its pending Windows XP operating system and IE 6.
ActiveX has also been identified as a source of serious security risks, offering a powerful tool for malicious programmers to take control of a target computer, for example. As specific security problems have come to light, Microsoft has issued repeated service pack upgrades and patches for its browser.
15 August: MS asks court to wait while it delays
Microsoft's lawyers clearly operate better out of court than in. The case the company made for itself during the epic Jackson antitrust trial was, frankly, dismal, but the post-verdict delaying tactics are starting to acquire a certain baroque splendour. Microsoft has already asked the Appeals Court to change its mind on browser-related aspects of its decision, and has asked the Supreme Court to overturn the Appeals Court's ruling. Now it has asked the Appeals Court not to decide on whether to send the case back to the District Court or not until after the Supreme Court has decided what it's going to do about Microsoft's request for it to overturn the ruling of the Appeals Court.
14 August: MS drops support for Netscape-compatible plugins in IE
Jim Gaynor writes: "It seems that Microsoft dropped support for plug-ins written to the Netscape standard, and is now only supporting ActiveX plug-ins in IE 5.5 SP2 and IE 6. Here at the University of Washington, several groups have been told not to upgrade, as certain plug-ins that are used for our in-house databases break under IE 5.5 SP2."
As a symptom of this fact, Robin Walker found that Internet Explorer 5.5 SP2 for Windows is incompatible with QuickTime: "It will not play QuickTime movies, or work with any other function that requires the QuickTime plug-ins. QuickTime plug-ins play QT movies in other versions of MSIE up to and including MSIE 5.5 SP1, but SP2 just gives a blank frame or broken graphic icon. The same problem with QuickTime is reported to be present in the previews of MSIE 6.0 for Windows.
10 August: Hacking IIShow sweet it is
The Register has looked over a few recent credit-card database compromises brought
to our attention by CardCops (formerly AdCops), an organization which
tries to get the straight dope on e-commerce hacks directly from the
blackhat community to better inform merchants of threats to their
Not surprisingly, Microsoft IIS is quite popular among carders, because its
got lots and lots of holes, and because its often used by people who lack
the technical know-how to bung them. CardCops founder Dan Clements reckons that IIS is in use by roughly fifty
per cent of e-merchants, but represents over eighty per cent of their data
10 August: MS internal network whacked by Code Red
It's not just MSNCode Red has just ripped through Microsoft's internal network too, according to our spies in Redmond. The unleashed worm is claimed to have whacked numerous servers on the corporate network; something of an embarrassment for Microsoft this, as it can only mean we hadn't quite got our act together on the patch front before the storm broke.
9 August: How Microsoft's file system caper could wrongfoot the DoJ
A wag last year suggested to us that since Oracle was the only competition Microsoft had left, its next step would be to bundle SQL Server with the operating system.
If current briefings are correctand Microsoft has evidently been briefing pretty heavilythen that's exactly what the company intends to do, and then some. It's a move could not only wrong foot the Beast's wealthiest antagonist, but antagonise the Department of Justice.
9 August: IE 6 central to Passport privacy boost
Microsoft will soon be offering better privacy and security for online consumers, but at a price: exclusive usefor nowof the company's forthcoming Internet Explorer 6.0 Web browser.
9 August: [Humour] Windows, Windows everywhere
I'm sending you this e-mail from 2021--40 years after IBM released its first personal computer--in a last attempt to prevent the mistakes in computer development that put civilization in jeopardy.
Not everything is awful. Some things are just, well, weird. Read more...
9 August: Hotmail servers infected by Code Red
Microsoft has confirmed that some servers running its MSN Hotmail service were infected with a version of the Code Red worm, though it said no personal information was breached. A company representative said Thursday that a number of its servers were brought offline to deal with the problem and that service was not disrupted. The infection
comes after a big push by
the Redmond, Wash.-based
software giant to get
customers to download a
patch to protect their
computers from the virus.
7 August: Microsoft asks Supreme Court to take case
Microsoft Corp. appealed to the Supreme Court on Tuesday to overturn a ruling that the software giant is an illegal monopoly that has harmed consumers and stifled competition. Microsoft sent the petition to the high court two days before the case was to be sent to a new judge to decide what penalty the Redmond, Washington, firm should face. Simultaneously, Microsoft asked the appeals court that currently has the case to hold off any action until the Supreme Court decides whether to take the case. The action could make it more difficult for the Justice Department and 18 states to seek an injunction against Windows XP.
6 August: How to anonymously get root access on a quarter million machines overnight
In the past 24 hours the CodeRed II worm has been infecting IIS web servers with a speed equal to or greater than that of the original CodeRed. The original CodeRed
infected what is thought to be all vulnerable machines, approximately 250,000 hosts, in under 24 hours.
While CodeRed I was relatively harmless, CodeRed II installs a full Administrator-access back door shell that can be accessed via HTTP. This creates a very
interesting situation, and with the techniques discussed in this paper opens a new potential door for mass system cracking.
6 August: Code Red II Wends Its Way
A nasty spinoff of the Code Red worm began to wiggle across the Internet early Saturday,
scanning quickly and furiously in a search for vulnerable computers to infect.
"Code Red II" is far more dangerous than its namesake, which infected other machines so that
it could then use them to attack the White House website.
If the new worm infects a system it installs a "back door" into that system, allowing a malicious
hacker to remotely connect to and control any Code Red II infected Web servers.
Code Red II can only infect systems running the Microsoft Windows 2000
operating system, and only if Microsoft's Internet Information Server (IIS)a Web server applicationis also installed and active. If a system has
already been patched against the original version of Code Red, it cannot be
infected by Code Red II.
6 August: MS Passport considered "harmful"
The lynchpin of Microsoft's web services - the Passport authentication
service - has been found wanting in a study by two senior AT&T scientists.
The authors credit Passport with being an ambitious model, but warn that
"the system carries significant risks to users that are not made
adequately clear in the technical documentation available."
6 August: MS Sends Listbot to the Heap
One of the Web's most popular e-mail listservs is about to be
shuttered. The alternative? Pay or move. It's another sign of things
that were to come, but now are here.
2 August: Microsoft drops eleventh hour app blocking into WinXP
Although Release Candidate 2 (RC2) of Windows XP is billed as a bug fix,
it actually implements a long-promised feature that disables current
versions of some users' most trusted software.
At the eleventh hour, Microsoft has turned on "Driver Blocking", and RC2
refuses to install a host of third party applications including Black
Ice, Zone Alarm and AOL.
Previous | Next