Software giant fixes flaw, could face massive penalty
Published:
10 May 2003 y., Saturday
Microsoft acknowledged a security flaw Thursday in its popular Internet Passport service that left 200 million consumer accounts vulnerable to hackers and thieves — an admission that could expose the company to a hefty fine from U.S. regulators.
Microsoft said it fixed the problem early Thursday, after a Pakistani computer researcher disclosed details of it on the Internet. Product Manager Adam Sohn said the company locked out all accounts it believed had been altered using the flaw. He declined to say how many people were affected but said it was a small number.
Several security experts said they had successfully tested the procedure overnight. Sohn said the flaw had apparently existed since at least September 2002, but Microsoft investigators have found no evidence anyone tried to use the technique to seize a Passport account before last month.
Passport promises consumers a single, convenient method for identifying themselves across different Web sites and encourages purchases online of movies, music, travel and banking services.
Closely tied to Microsoft’s flagship Windows XP software, Passport also controls access for Windows users to the free Hotmail service and instant-messaging accounts.
Šaltinis:
msnbc.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
search.lt presents newest links
more »
Not ruled out, not ruled in
more »
The Internet Corporation for Assigned Names and Numbers (ICANN), meeting in Carthage, Tunisia this week, will be getting down to brass tacks on how the Internet works for the first time
more »
search.lt presents newest links
more »
Romania emerges as new world nexus of cybercrime
more »
A consortium of Alaskan law enforcement agencies today announced a new information sharing initiative that uses the commercially-available Coplink system to analyze disparate pieces of data for investigative leads
more »
A group of students at Swarthmore College in Pennsylvania has launched an "electronic civil disobedience" campaign
more »
Microsoft Corp. has a variety of "opportunities" to take cost out of the development, deployment and day-to-day operations of IT systems
more »
There's a "total meltdown" in America's intelligence services
more »
Project Green aims to bring enterprise applications, including Great Plains and Navision, into a single unified .Net architecture
more »