Microsoft Admits NT Has Serious Security Flaw.
Published:
28 August 1999 y., Saturday
Microsoft has acknowledged a serious security flaw in NT when used with Service Pack 4 (SP4) -- probably the most commonly deployed version of its operating system. The flaw enables hackers to masquerade as trusted hosts to get access to secure systems, using so-called Predictable IP Sequence Numbering - something that was identified and fixed in Unix systems several years ago, according to Richard Thomas, head of Winterfold Datacomm (Guildford, UK), a networking consultancy. Security problems had been found in earlier versions of NT, but the bundle of patches and fixes in SP4 were supposed to have made everything watertight. That_s proved not to be the case, according to NTA Monitor (Rochester, UK), a consultancy that conducts security audits on corporate systems by simulating hacker attacks over the Internet. When conducting such an audit, it came across Predictable IP Sequence Numbering at a customer site using NT with SP4. After doing bench tests to establish
that the problem was generic to NT and SP4, NTA-Monitor contacted Microsoft. After nearly three weeks of deliberations, Microsoft has come clean. Sunil Gopal, a technical specialist at Microsoft,
acknowledged the problem on Tuesday in a memo to Roy Hills, NTA-Monitor_s testing development director. His memo says fault has been eliminated in Windows 2000 and "will be back-ported to NT 4.0 in a future SP release."
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
China's crackdown on pornograhy is gathering pace following reports that 700 Web sites have been shut down and 220 people arrested as authorities try to censor XXX sites
more »
AMD to release Sempron early
more »
Instant messaging software firm Jabber has outlined plans for an XMPP-to-SIP Gateway that opens the door for interoperability with IBM's Lotus IM product
more »
A new vulnerability makes it easier for fraudsters to pass off content from bogus websites as the real thing
more »
search.lt presents newest links
more »
Microsoft CEO Steve Ballmer has criticised the lack of innovation in open source software
more »
European 'variations' will prevent Indian players enjoying same success as in US
more »
Speaking about an on-line
broadcast we mean not only television, we speak about Internet too. In
comparison to television the Internet allows us not only to see and hear on-line
program broadcast, it allows to realize all our ideas and thoughts in practice.
With only one button press we can enjoy a real time view of the wild Africans’
dances or the choppy Baltic Sea via Internet.
more »
A Hungarian virus writer escaped prison yesterday after he was convicted of writing a virus that infected tens of thousands of Windows PCs
more »
Swedish telecomms solutions provider Ericsson said on Monday (28 June) that the Estonian mobile operator EMT had launched its commercial EDGE service by using infrastructure supplied by Ericsson
more »