LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 04-02-2004, 05:58 AM   #1
Nukem
Member
 
Registered: May 2003
Location: Canada, TO.
Distribution: Slackware: in progress, Mandrake 9.2, Libranet, Vector
Posts: 373

Rep: Reputation: 30
Microsoft is not able to patch its code!


From Astalavista.com

Quote:
eEye, a very well known security company, discovered 200 days ago two flaws in Microsoft products. As usually eEye notified to Microsoft these problems and now it (and WE!) is still waiting for these patches. eEye is attacking Microsoft for not releasing patches for these two critical security flaws. These flaws affect all versions of Windows NT 4.0, Windows 2000, Windows XP and Windows Server 2003 and it's possible to exploit them remotely.

One vulnerability can allow an attacker to conduct a Denial of Service attack against default installations of the affected software and the system will have a total crash.

The second can allow an anonymous attacker to compromise default installations of the affected software and will give, to the remote attacker, SYSTEM access, the highest possible level of access.

According to eEye more than 300 million machines are vulnerable to these flaws but there are no evidences that someone is trying to attack machines using it.

In the past the Microsoft patching system has had the same problem of slowness, we want to remind you that Microsoft took some months to patch a high-risk flaw in the ASN.1 library. eEye adds that there are two more known vulnerabilities, that in a month or two will hit the 200-day mark.
Thought you should also see this.

Quote:
Earlier today (March 29, 2004), one Microsoft web site ( http://register.microsoft.co.kr ) was compromised and defaced on the Microsoft Korea (microsoft.co.kr) network. The machine was defaced (and is still defaced 15.25 GMT) initially (...) by a Brazilian defacer/group know as "c0derz". The defacer obtained an unauthorized access to this system by using a misconfiguration in the Frontpage Estensions. After some minutes many other defacers crew has started to redeface the same site. "Silver Lords", "int3rc3pt0r" take part to this "tour" in the Microsoft site. The funny thing is that also Microsoft is defaced by using a very common error in the configuration of the Frontpage Extensions, we must consider the following: where is the security if also Microsoft is hacked by using a misconfiguration in their own product while they should know everything about it?

You can see the mirror of this defacement at the following url:

http://www.zone-h.org/en/defacements/view/id=1090606 /

Last edited by Nukem; 04-02-2004 at 06:03 AM.
 
Old 04-02-2004, 11:46 AM   #2
Lleb_KCir
Senior Member
 
Registered: Nov 2003
Location: Orlando FL
Distribution: Debian
Posts: 1,765

Rep: Reputation: 45
could you link the artical from eEye for me please. id love to read the full write up on that.
 
Old 04-02-2004, 12:08 PM   #3
320mb
Senior Member
 
Registered: Nov 2002
Location: pikes peak
Distribution: Slackware, LFS
Posts: 2,577

Rep: Reputation: 48
http://www.eeye.com/html/Research/Upcoming/index.html
http://www.eeye.com/html/Research/Advisories/index.html

read the first link first!!!!

Last edited by 320mb; 04-02-2004 at 12:14 PM.
 
Old 04-02-2004, 12:39 PM   #4
Lleb_KCir
Senior Member
 
Registered: Nov 2003
Location: Orlando FL
Distribution: Debian
Posts: 1,765

Rep: Reputation: 45
thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft STOLE Internet Explorer code! slapNUT General 21 12-12-2006 04:08 AM
Source code, Microsoft, linux, viruses webwolf70 General 17 10-31-2004 01:36 AM
Applying patch to source code dax_neoburn Linux - Software 2 10-02-2003 08:38 PM
Microsoft to license Unix code macewan General 6 05-27-2003 05:05 PM
Microsoft releasing all of it's Windows code in Japan ... Bert General 11 01-03-2003 05:27 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 07:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration