Microsoft: hackers strike very home of software giant

The flaw was exposed last week as hackers defaced some of Microsoft's own websites. The attacks won't do Microsoft's reputation any good. Perhaps more importantly, they reinforce the importance for enterprises of a strong and coherent eSecurity strategy - and one that doesn't just counter insider threats, but also keeps out would-be hackers.

Microsoft is trying to minimize damage from a serious flaw in its flagship web server software.

Prime Suspectz, an organized hacking group, altered three of Microsoft’s international sites in the UK, Mexico, and South Africa last week. The group exploited a flaw in Microsoft’s flagship operating system and web server software.

The flaw affects Windows 2000 server software running version 5.0 of Internet Information Server (ISS). The problem resides on the Windows 2000 Internet printing module, but can only be exploited if IIS is also running and Internet printing is enabled (the default setting). Given this scenario, a hacker can gain full remote access to the enterprise web server by sending a specifically formatted string of characters to the printing module.

Microsoft has taken a proactive stance by posting a patch and security advisory on its site describing the vulnerability. Additionally, Microsoft has decided to hold Service Pack 2 – a collection of updates and bug fixes – for Windows 2000 until it can integrate the patch with the update. Marc Maiffret of network protection firm eEye Digital Security, says the security hole is serious: There are at least a million web servers sitting on the Internet that, within a few minutes, you can get system level access to them. However, the flaw does not affect companies that have set up their web server with the printing option turned off, as recommended by the ISS Security Checklist guidelines.

This incident brings to light the importance for enterprises not to look upon security as a peripheral line-item issue but a true operating expense in running today’s corporation. According to the 2000 CSI/FBI Computer Crime and Security Survey, theft of proprietary information, unauthorized insider access and sabotage accounted for nearly $92 million and is on the rise.

The focus of security software and writing policy should no longer be entirely on addressing internal threats to networks. The time has come to make the commitment to understand the growing ‘outsider’ threat – and to convince executive management to provide the monetary support needed to tackle the problem intelligently.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing