Microsoft Admits NT Has Serious Security Flaw.
Published:
28 August 1999 y., Saturday
Microsoft has acknowledged a serious security flaw in NT when used with Service Pack 4 (SP4) -- probably the most commonly deployed version of its operating system. The flaw enables hackers to masquerade as trusted hosts to get access to secure systems, using so-called Predictable IP Sequence Numbering - something that was identified and fixed in Unix systems several years ago, according to Richard Thomas, head of Winterfold Datacomm (Guildford, UK), a networking consultancy. Security problems had been found in earlier versions of NT, but the bundle of patches and fixes in SP4 were supposed to have made everything watertight. That_s proved not to be the case, according to NTA Monitor (Rochester, UK), a consultancy that conducts security audits on corporate systems by simulating hacker attacks over the Internet. When conducting such an audit, it came across Predictable IP Sequence Numbering at a customer site using NT with SP4. After doing bench tests to establish
that the problem was generic to NT and SP4, NTA-Monitor contacted Microsoft. After nearly three weeks of deliberations, Microsoft has come clean. Sunil Gopal, a technical specialist at Microsoft,
acknowledged the problem on Tuesday in a memo to Roy Hills, NTA-Monitor_s testing development director. His memo says fault has been eliminated in Windows 2000 and "will be back-ported to NT 4.0 in a future SP release."
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
A growing number of online companies are ambushing competitors through software that puts ads where marketers want them most--in front of customers visiting rival Web sites.
more »
Internet Explorer 6 is due to go gold next week and will be released on August 15 as a standalone program, according to software development sites.
more »
Another .NET enabled product has left the stables at Redmond.
more »
The worm has kept Josef Chamberlin busy at the keyboard, operating on only snippets of sleep, many recent days and nights.
more »
If you need to reach someone at his or her office, the phone--we now know--is not the best way to do it. E-mail is easier and more popular, as evidenced by the deluge of messages with which cube dwellers are greeted each morning as they log onto their com
more »
Over a third of European Internet users are ready to buy a car on the Internet, according to a new study.
more »
Sweden must maintain the pace of its UMTS network rollout
more »
While the Federal Bureau of Investigation and network security advocates are busy mobilizing IT managers around the country for the upcoming outbreak of the Code Red Worm, one resourceful Web site operator from the Utrecht in the Netherlands stands to mak
more »
The fast-spreading ``Code Red'' Internet worm, which disrupted U.S. government Web sites last week, is likely to start multiplying again on Tuesday and could slow down the Internet, officials said on Monday.
more »
search.lt presents newest links
more »