[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FYI] Secret Code in Microsoft Software
- To: Fitug ML <debate@fitug.de>
- Subject: [FYI] Secret Code in Microsoft Software
- From: Joerg-Olaf Schaefers <js@digital-movie.de>
- Date: Fri, 14 Apr 2000 13:34:01 +0200
- Comment: This message comes from the debate mailing list.
- Organization: Digital Movie
- Sender: owner-debate@fitug.de
--/ Bisher nur in der Presse & im Heiseticker
( http://www.heise.de/newsticker/data/nl-14.04.00-000/ ),
auf den einschlaegigen Webseiten fuer Sicherheitsangele-
genheiten habe ich noch nichts gefunden. /--
http://dailynews.yahoo.com/h/ap/20000414/tc/microsoft_password_2.html
-----snip------------------------------------------------------------
NEW YORK (AP) - Microsoft Corp. (NasdaqNM:MSFT - news) engineers
included a secret password in Internet software that could be
used to gain illegal access to hundreds of thousands of Web sites,
The Wall Street Journal reported today.
The rogue computer code was discovered in a three-year-old piece
of software by two security experts, the newspaper said. Contained
within the code is a derisive comment aimed at a Microsoft rival:
``Netscape engineers are weenies!''
Steve Lipner, who manages the company's security-response center,
described such a backdoor password as ``absolutely against our po-
licy'' and a firing offense for the as-yet unidentified employees.
There have been no reports of site access through the code, but the
affected software is believed to be used by many Web sites. The file,
called ``dvwssr.dll'' is installed on Microsoft's Internet-server
software with Frontpage 98 extensions. A hacker may be able to gain
access to key Web site management files, which could in turn provide
a road map to such things as customer credit card numbers, The Jour-
nal reported.
Microsoft urged customers to delete the file and planned to warn
customers with an e-mail bulletin and an advisory published on its
corporate Web site.
-----snip------------------------------------------------------------
MfG
Olaf