Microsoft is Still Propagating the Malware Problem

Saturday, January 23rd, 2010 at 9:13 am | 1,294 views | trackback url

Microsoft LogoHaven’t we learned enough about viruses, malware, spyware and other malicious behavior online to avoid … running unknown executables to get to content? (video, documents, images) The AnnaKournikova.jpg.vbs debacle should have been enough to keep people from double-clicking unknown attachments and files that they couldn’t recognize, but apparently not.

This morning, one of my daily Google Alerts delivered me a link to a blog page promoting the use of Microsoft OneNote, which included a link to the Microsoft’s OneNote Demo video page. The Microsoft page included this helpful description:

Brief Description
Watch this introductory demo to learn about Microsoft Office OneNote 2007 and how to use it to gather, organize, and share your notes and other information.

But that Microsoft page has a link to download a file called “On2007DemoWhatIsOneNote.exe“. Wait, I thought I was going to be able to watch a demo of OneNote… not install something on my machine?

Why would I ever download an executable file to watch a video demo of OneNote? It’s not like there aren’t enough other ways to watch video online already.

But let’s just make sure I’m not being paranoid:

$ cabextract On2007DemoWhatIsOneNote.exe 
Extracting cabinet: On2007DemoWhatIsOneNote.exe
  extracting ON_WhatIs_final_ZA10177529.wmv

Nope, I’m not. Microsoft is still not being smart about protecting their users at all. They compressed the original source video into an executable file, to save 1 megabyte of bandwidth.

Not only does this propagate the problem of running unknown executables for the purposes of watching video or providing other non-application content, but it makes it prohibitive for someone on say… a Linux machine (like myself) or a Mac (like my work colleagues) to watch the video.

What if a non-Windows user wanted to learn more about OneNote? They have to have a Windows machine to run the executable, to unpack the video, to watch it?

Further to that problem, instead of using many of the industry-standard video encoding algorithms (MPEG4, MPEG, AVI or even Windows Media), they opted for the sole proprietary format that almost nothing but Microsoft’s own Windows Media Player can play: Microsoft ASF. Well-done, Microsoft… well-done.

Since I run Debian and Ubuntu, and patents and copyrighted algorithms prevent me from playing them natively in Linux, I tried to use Medibuntu to leverage that.

But guess what? That doesn’t work either. Ridiculous.

When people ask me why I run Linux instead of Microsoft, it is examples like these that validate my choice in an operating system.

Last Modified: Sunday, March 6th, 2016 @ 02:43

Leave a Reply

You must be logged in to post a comment.

Bad Behavior has blocked 347 access attempts in the last 7 days.