Windows Vista
The Week Of Vista Bugs promised to report an unpatched Vista bug every day this week

Microsoft falls for Vista security hoax

April Fool's joke fails to catch gullible media

Tom Sanders in California

An April Fool's joke that aimed to expose sensational media coverage and educate non-security experts failed to find any victims.

A self-proclaimed group of hackers set up The Week Of Vista Bugs website that promised to report an unpatched Vista bug every day this week. 

Advertisement

Pioneered by security researcher H D Moore last summer, projects aiming to uncover vulnerabilities every day for a week or a month have proved a powerful way to direct the public's attention to security issues in certain applications. 

Applications targeted by such daily security disclosures included browsers, Apple's OS X, Oracle software and MySpace.  

"Education is an important step to consider in security. People have, as experts do, to rely on real facts, things they can verify," the group warned on a website where they exposed their hoax.

The Week of Vista Bugs issued its first 'security alert' on Monday, warning people against an allegedly critical flaw that offered a way to bypass the firewall in Vista.

The alert was riddled with technical lingo, but the educated reader would have been able to see through the hoax.

Apparently most media saw through it as well. Google News does not list a single English media outlet that picked up the report.

The report was noticed by vnunet.com, but was not published. As part of our standard fact-checking procedures, vnunet.com contacted Microsoft on Monday with a request for comment on the reported flaw. 

The company issued a generic public relation statement, but did not expose the report as a hoax.

A Microsoft spokesperson said on Monday that the Microsoft Security Research Center is "aware of 'The Week of Vista Bugs' project in which details about possible issues affecting Windows Vista will be publicly disclosed.

"As always, the Microsoft Security Response Center will stand ready to mobilise its teams to investigate, fix and learn from any vulnerabilities discovered through the project, and take appropriate action to protect its customers as needed."

The person responsible for the hoax said that Microsoft did not contact the team.

Symantec flagged the report in its DeepSight subscription-based threat management alert network. But researchers for the company warned that the report failed to prove the claimed flaws.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Related whitepapers

Related jobs

Most watched

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file sharers

Intel unveils its micro server platform

Small-enclosure systems take aim at hosting market

IT white papers

Search white papers

Top categories

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Spotlight

Top 10 cup

Top 10 technologies in a death spiral

A look at some technologies that may soon be departed

Thunderbird

Thunderbird 3 out this month

Open source email system gets a makeover

Best Buy to storm Blighty's stores

Now that Circuit City is gone, Best Buy's ruling the...

Internet Explorer

Europe's browser war heats up again

Mozilla and Opera demand changes to Microsoft's proposed ballot system

Primary Navigation