Microsoft vulnerabilities, Microsoft patent lawsuits, and more.

I read The Heise Online regularly and I thought I would quote some of their articles where I don’t feel like being comment moderated on their own site.

First up. Microsoft patch day fixes critical bug in TCP/IP stack

Windows Firewall? O RLY?

Something that allows programs to whitelist themselves  or any inbound or outbound port traffic without notifying the user is not a firewall, it is a practical joke, on the user.

The article mentions that people behind router or modem equipment might be safe, but doesn’t mention this is because that equipment typically runs Linux or Wind River Systems VXWorks as its firmware and has a real iptables-based firewall that sometimes protects Windows users from Windows.

On the other hand, I guess Port Nuking is back. So much for Windows 7 being more secure than Windows 95. This time they even tell you Windows has a Firewall. Nothing like being wined and dined before you get fucked I guess.

Moving on. Operation Ghost Click: FBI busts DNSChanger botnet

Four million computers globally, which the article doesn’t mention, all run Windows, have been compromised with malware that changes the DNS servers that Windows uses and redirects them to malicious fakes.

The US FBI has taken over the fake DNS servers and is now quietly hijacking all four million victims of the original botnet, essentially turning it into US government malware. This lets them slip past what’s left of the Fourth Amendment protections against illegal search and seizure, and essentially keylog the websites that those four million Windows users try to access. And, last but not least, nothing stops them from monkeying around and forging DNS entries like the original Windows malware authors were doing.

Moving further on, into Microsoft’s patent racket operations. You might remember that Foxconn, a global manufacturer of PC and Mac motherboards (sometimes sold under different brand names), was conspiring with Microsoft a few years ago to break non-Windows operating systems with corrupt ACPI implementations in the board’s BIOS firmware. As a reward for carrying water for Microsoft in their Corrupt PC BIOS Initiative , Foxconn ended up being named as a defendant in Microsoft’s patent-racketeering lawsuit against e-reader maker Barnes & Noble.

Loyalty to Microsoft simply means that they’ll save you for last I guess.