Previously undiscovered flaw used to attack Army Web site

A computer intruder armed with a secret, particularly effective attack tool recently took control of an Army Web server. Both Microsoft and the CERT Coordination Center released hastily-prepared warnings about the vulnerability that led to the attack on Monday. But it was a disturbingly successful attack, experts say, because the intruder found and exploited a flaw that took security researchers completely by surprise. IT’S UNKNOWN WHAT Army computer was attacked, how significant a target it was, or what the intruder’s intentions were. But the exploit was sophisticated and well designed, and it was alarmingly successful, said Russ Cooper, security researcher for TruSecure Corp. The company learned of the attack through sources in the U.S. military last Tuesday, Cooper said. “We believe the Army was being targeted,” Cooper said. “We don’t believe anybody else has been targeted by this.” Another source that several Web sites with “.mil” domain names have recently been targeted with the same attack method. Microsoft’s director of security assurance, Steve Lipner, confirmed that several customers were hit with the attack last week, but he refused to identify them. Lipner said about 100 employees worked “around the clock” last week, and through the weekend, to develop an emergency fix.