Does Microsoft Even Care? Technet willing host of Spammers…

December 10, 2009 · Posted in Information Security, Information Systems, Information Technology, The Internet, Web Design / Development 

I was out of commission for the past two days, not because I was sick, but is simply loaded with other commitments and barely had any chance to pee… ;-)

Anyway, an unavoidable facet of blogging or the Web 2.0 framework in general, wherein the web publisher allows their visitors to submit entries such as comments, is the fact that you will be dealing with a lot of spammers who will use every trick in the book to exploit your system. This blog is no exception. I do, however, care and try to monitor and try my best not to let spammers inundate this blog with useless crap.

It is a standard practice for all Web 2.0 systems developers to provide some form of spam protection in their system and it is wise for the users of these systems to utilize these protections in order for them to avoid getting their site inundated with junk and their mailbox with even more junk.

I am not sure if the company well-known for their efforts on ensuring security :-P , Microsoft, missed this simple concept or they simply don’t care. In the past two days that I have not worked on this blog, I received several comments on one of my entries and to my disappointment ;-) , they are not from fans of this blog but from spammers…

One of the items that I found interesting in this spam entries, however, was the URL that they were using: http://social.technet.microsoft.com/Forums/en/ucccommunitygovernance/thread/<and-some-gibberish-link>

Yes this is the link the the Microsoft’s Technet forums. Technet where most Microsoft Geeks go to figure out how to battle the Microsoft gremlins that pops-up everytime the tech giant runs an update ;-) … At first I thought that the URL was simply spoofed, common practice used by Phishers. But as I look further, it is a valid Microsoft link. So I followed the URL and I landed on a spam site. I backtacked the links and ended up here.

Yes ladies and gentlemen most if not all the forum topics in that site will lead you to a spam site… Attention Mr. Ballmer, I didn’t know you love spammers so much… I don’t remember even Bill Gates being this sloppy. It is one thing when it is happening in MSN or other Microsoft run community sites. It is an almost accepted menace, but FOR CRYING OUT LOUD, this is a tech site. A RESOURCE FOR PEOPLE WHO FIXES THE DAILY PROBLEMS YOUR SOFTWARE BRINGS!!! And even that site now brings more problems…

WAY TO GO MICROSUCK!!!

Ok in slight fairness to Microsoft, they are not the only site that is supposed to provide a community and resource, but is left alone to become a hub of spammers. This is one example… Moving forward, I’ll try to monitor sites like this and will report as I find them… Will also report if anything else changes…

Bookmark and Share

Thought you should know, etc... Update

When Reality Hits - Project Managers Roll With It

When Reality Hits - Project Managers Roll With It By Project Manage This One of the top challenges new PM types face is facing, and then dealing, with reality. That point in the project when things just aren’t going as planned… At the beginning of the project your Gantt view is a work of art – each dependency [...

The question: Is the Mainframe still the "right answer" for your business?

(Posted February 11, 2012) The short answer is  A B S O L U T E L Y  . . . In fact, why would risk your corporate future on anything else!!!! When the question “Why is System z essential to your business?” is presented, Terrie Jacopi, Program Director, DB2 for z/OS...

Exit...Stage Left

I’ve changed houses.  Instead of Suzhou, Jiangsu, China, I’mon the Southern Outer Banks of North Carolina.  Instead of skyscrapers, cranes and car horns honking, it’slittle buildings, quaint shops and a Jimmy Buffet-like atmosphere… 

“Welcome back Sanity…you werea missed chum...

Project Management Lite: Estimating–Preparing non-human Resource Cost Estimates

1. Objective •    To produce estimates of the non-human resource costs of the project (computer hardware, communications hardware, systems software, package software, etc.). 2. Responsibilities •    The Project M...

What Email Faux Pas Do You Commit?

Email—it’s a part of our everyday lives as business people.  Do you send emails that your co-workers take seriously?  Do you find some incoming emails off putting?  This humorous video by -->

Tags: , , , , , , , , ,

Comments

Leave a Reply




  • Your Shopping Cart

    Your cart is empty

  • Calendar

    December 2009
    M T W T F S S
    « Nov   Jan »
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  

  • RSS From the National Vulnerability Database

    • CVE-2011-3958 (chrome) February 7, 2012
      Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. […]
      nvd@nist.gov
    • CVE-2012-1033 (bind) February 7, 2012
      The resolver in ISC BIND 9 through 9.8.1-P1 does not properly implement a cache update policy, which allows remote attackers to trigger continued resolvability of domain names that are no longer registered via an unspecified "Ghost Names exploit." […]
      nvd@nist.gov
    • CVE-2011-3971 (chrome) February 7, 2012
      Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. […]
      nvd@nist.gov
    • CVE-2011-3954 (chrome) February 7, 2012
      Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage. […]
      nvd@nist.gov
    • CVE-2011-3970 (chrome, libxslt) February 7, 2012
      libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. […]
      nvd@nist.gov
    • CVE-2012-0926 (realplayer, realplayer_sp) February 7, 2012
      The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream. […]
      nvd@nist.gov
    • CVE-2011-3969 (chrome) February 7, 2012
      Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. […]
      nvd@nist.gov
    • CVE-2011-3956 (chrome) February 7, 2012
      The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension. […]
      nvd@nist.gov
    • CVE-2011-3968 (chrome) February 7, 2012
      Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. […]
      nvd@nist.gov
    • CVE-2012-1035 (ada_web_services) February 7, 2012
      AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. […]
      nvd@nist.gov
Get Adobe Flash playerPlugin by wpburn.com wordpress themes