http://smallbusiness.yahoo.com/entrepreneur.html?s=smallbiz/articles/20010514/microsoft_ackno
Last Thursday, Microsoft admitted its engineers planted a secret
password in its software that could be used to gain illegitimate
access to hundreds of thousands of Internet sites worldwide. Two
security experts discovered the code, which was written during the
dispute between Netscape and Microsoft over their versions of
Internet-browser software.
While the software giant acknowledges that the function was
"absolutely against our policy," it plans to alert customers as soon
as possible with an e-mail bulletin and advisory published on its
corporate Web site. The company is also asking customers to delete the
computer file called "dvwssr.dll", which contains the offending code.
It is installed on Microsoft's Internet-server software with FrontPage
98 extensions.
Although there are no reports that the security flaw has been abused,
it's believed to be used by many Web sites. By using the affected
software, a hacker may be able to access key Web site management
files, which may lead to acquisition to private information such as
customer credit card numbers.
ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe@SecurityFocus.com.
Received on Tue May 15 01:28 CDT 2001