Reasons to Avoid Microsoft
These pages are a compilation of links and quotes to news articles and
others sources that might help convince you to switch to Linux.
Next 25 Articles
- Microsoft IE Flaw Exploited by Hackers to Steal Info From Google
In this case the flaw wasn't overly severe, but the attackers were
unusually sophisticated and struck out at businesses, looking to steal
their data. Writes Dmitri Alperovitch, a vice president of research
with McAfee, 'We have never seen attacks of this sophistication in the
commercial space. We have previously only seen them in the government
- Draconian DRM Revealed In Windows 7
The days of capturing an audio program on your PC seem to be over...
Win7 allows programs like Photoshop to insert themselves stealthily
into your firewall exception list. Further, that the OS allows large
software vendors to penetrate your machine.
Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38
- More gnashing of teeth after Microsoft update brings PCs to a standstill
Something seems to have gone horribly wrong in an untold number of IT
departments on Wednesday after Microsoft installed a resource-hogging
search application on machines company-wide, even though administrators
had configured systems not to use the program. ... Critics cried
foul on the principle that users should have absolute control over
their machines. They also argued that the stealth update could hamper
- Microsoft dispels rumors of stealth Windows updates
Reports of secret updates began circulating after at least two sites reported that Windows Update pushed patches on machines - even though the automatic update feature had been disabled. ... The issue has touched off concern among some that allowing Microsoft or any other company to install files without their prior knowledge and consent sets a dangerous precedent.
- Internet Explorer Unsafe for 284 Days in 2006
(Washington Post 'Security Fix' Blog,
For a total 284 days in 2006 (or more than nine months out of the
year), exploit code for known, unpatched critical flaws in [IE] was
publicly available on the Internet. Likewise, there were at least 98
days last year in which no software fixes from Microsoft were available
to fix IE flaws that criminals were actively using to steal personal
and financial data from users. ... In contrast, [the Open Source Mozilla
Firefox browser] experienced a single period lasting just nine days
last year in which exploit code for a serious security hole was posted
online before Mozilla shipped a patch to remedy the problem.
- Was HP.s traceable 'PattyMail' spyware? You decide
If you've been following the HP privacy scandal at all, then you'd know
that HP resorted to (or considered resorting to) several techniques
in hopes of smoking out whoever it was that was leaking information
from its boardroom to the press... [including] sending traceable
email ... I also showed how the versions of Microsoft's Outlook that
are currently in circulation ... make it impossible to successfully
forward an HTML-based e-mail without re-activating its traceability.
- Microsoft's Calling Home Problem: It's a Matter of Informed Consent
No doubt many of you saw on Slashdot the article "Microsoft Talks
Daily With Your Computer" or in Steven J. Vaughan-Nichols article for
eWeek titled, Big Microsoft Brother, about allegations that Microsoft's
Windows Genuine Advantage validation tool phones home daily to report
information to Microsoft about you on each boot. Lauren Weinstein broke
the story on his blog. Microsoft has now put out a statement, asserting
that the Windows Genuine Advantage tool is not spyware, that they're
going to change it some, and that one thing that distinguishes it from
spyware is that they get consent before installing it. I question the
accuracy of the statement.
- Invasion of the Computer Snatchers
Hackers are hijacking thousands of PCs to spy on users, shake down
online businesses, steal identities and send millions of pieces of
spam. If you think your computer is safe, think again. ... At the
moment, [the hacker interviewed] controls more than 13,000 computers
in more than 20 countries. This morning he installs spyware on just
a few hundred of the 2,000 PCs that he has commandeered in the last
- Spyware Barely Touches Firefox
Internet Explorer users can be as much as 21 times more likely to end
up with a spyware-infected PC than people who go online with Mozilla's
Firefox browser, academic researchers [said]. ... [Researchers] sent
their crawlers to 45,000 Web sites, cataloged the executable files
found, and tested malicious sites' effectiveness by exposing unpatched
versions of Internet Explorer and Firefox to "drive-by downloads."
... no domain managed to infect the Firefox-equipped PC in a drive-by
- Internet Explorer DHTML Edit ActiveX Control Cross-Site Scripting
A vulnerability in Internet Explorer [has been discovered], which can be
exploited by malicious people to conduct cross-site scripting attacks.
The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.
- Click here to become infected
A junk mail message doing the rounds today provides an even more
compelling reason [to not press the 'click here to remove' link on
spam messages]. ... 'Typically, your machine may be turned into an
open proxy, have passwords extracted, and keyloggers installed. So not
only do you confirm your email address to the spammers, you also get
to host their next spam run, and get your bank account cleaned out.'
- New Worm Installs Network Traffic Sniffer
A new worm whose payload includes the SDBot trojan tries to install a
'sniffer,' seeking to use infected computers to capture login and banking
information for other computers on the same network.
- Meet the Peeping Tom worm
A worm that has the capability to using webcams to spy
on users is circulating across the Net. Rbot-GR, the latest variant
of a prolific worm series, spreads via network shares, exploiting a
number of Microsoft security vulnerabilities to drop a backdoor Trojan
horse program on vulnerable machines as it propagates. Once a backdoor
program is installed on a victim's PC it's game over and an attacker
can do whatever takes their fancy. ... 'If your computer is infected
and you have a webcam plugged in, then everything you do in front of
the computer can be seen, and everything you say can be recorded...'
- Computer 'spy' that could clean you out
Spies sitting in your computer could be sending signals
to international fraudsters determined to clean out your bank account
or use your credit card. ... Deats believes criminals have details
of more than 1,000 financial institutions including all the major UK
banks. The code transmits that you are online to the bank. But the
real killer application is that it reads every keystroke you make, as
you make it. This means it can replicate your user name and password
for future use.
- MyDoom.O Harvesting Email Addresses from Search Engines and
Causing Denial of Service Attacks
MyDoom.O searches user files (DOC TXT HTM and HTML)
for domain names, then uses search engines (Lycos, AltaVista, Yahoo
and Google) to search for 'e-mail' and the harvested domain in order
to gain access to other email addresses. There is a strong likelihood
that web-based lists such as phone books, memberships, discussion
boards and general user home pages will be harvested by the machine
and in turn infect others.
- Microsoft Internet Explorer Multiple Vulnerabilities
in Internet Explorer [allow] malicious people to bypass security
restrictions and potentially compromise a vulnerable system. ...
Successful exploitation allows execution of arbitrary script code in the
context of another website. This could potentially allow execution of
arbitrary code in other security zones too. ... Successful exploitation
may potentially cause users to open harmful files or do other harmful
actions without knowing it.
- U.S., citing security concerns, steers consumers away from IE
of Homeland Security's U.S. Computer Emergency Readiness Team touched
off a storm this week when it recommended for security reasons using
browsers other than Microsoft Corp.'s Internet Explorer. ... The
particular virus initiated this week ... allows keystroke analysis of
user information. The target is believed to be credit card numbers. CERT
estimated that as many as tens of thousands of Web sites may [have been
infected with the malicious code, via a vulnerability in Microsoft's
'Internet Information Services' webserver software].
- New scam targets bank customers
The victim of the attack found that a file ... been
loaded onto their machine. ... The second half of the file consists
of a ['Browser Helper Object', which Internet Explorer loads when
it starts up]. Created BHO's then have access to all the events and
properties of that browsing session. This particular BHO watches for
HTTPS (secure) access to URLs of several dozen banking and financial
sites in multiple countries. [The malicious code] grabs any outbound
POST/GET data from within IE before it is encrypted by SSL.
- Internet Explorer Is Just Too Risky
People who browsed there on Windows
computers got infected with malicious code without downloading
anything. ... The biggest security problem in IE, one that has plagued
Microsoft and its customers for at least four years and is at the
heart of the recent exploit, is a flaw that lets a Web site trick the
browser into running an alien program in violation of its own security
settings. In effect, an unknown program on a Web site is treated as
though it were a trusted program on your computer. Compromised Web
sites can covertly install programs ranging from nuisances that cause
ad pop-ups to real threats that record your keystrokes, allowing the
site to steal your passwords and account information.
- Web browser flaw prompts warning
Users are being told to avoid using Internet Explorer
until Microsoft patches a serious security hole in it. The loophole
is being exploited to open a backdoor on a PC that could let criminals
take control of a machine. The threat of infection is so high because
the code created to exploit the loophole has somehow been placed on
many popular websites.
- Microsoft warns on IIS 5 and IE attack
of web pages that, when executed, attempts to access a file hosted
on another server. 'This file may contain malicious code that can
affect the end user's system. US-CERT is investigating the origin of
the IIS 5 compromises and the impact of the code that is downloaded
to end-user systems,' the organisation said.
- DoS Attack May Tap Web Graphics Flaw
When visitors to a few particular Web sites-including
popular auction, shopping and price-comparison sites-request pages
that include the malicious graphics, the code automatically downloads
itself onto their machines. Once installed, the code unpacks itself
and loads a keystroke logger on the PC. NetSec officials said the
attack seems to exploit a vulnerability in Internet Explorer.
- New virus reads keys you type
A new virus is on the prowl that can infect your
Windows XP/2K system and record every key you hit on your keyboard. The
keys are then sent back to the virus creator where he/she can steal
your passwords and credit card information. ... [You get the virus]
without even knowing it. It does not arrive by email, but simply by
being connected to a network or to the Internet...
- Korgo-F Threat Level Heightened
Korgo-F is a worm that attempts to propagate by exploiting a Microsoft
Windows vulnerability... 'Korgo.F includes backdoor functionality that could
leave systems open to unauthorized access ... This backdoor functionality
could result in a loss of confidential data and may also compromise security
Collection originally created by, donated to LUGOD by,
and maintained by
Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are
trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.