ad info




CNN.com
 MAIN PAGE
 WORLD
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
* TECHNOLOGY
   computing
   personal technology
 SPACE
 HEALTH
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 ARTS & STYLE
 NATURE
 IN-DEPTH
 ANALYSIS
 myCNN

 Headline News brief
 news quiz
 daily almanac

  MULTIMEDIA:
 video
 video archive
 audio
 multimedia showcase
 more services

  E-MAIL:
Subscribe to one of our news e-mail lists.
Enter your address:
Or:
Get a free e-mail account

 DISCUSSION:
 message boards
 chat
 feedback

  CNN WEB SITES:
CNN Websites
 AsiaNow
 En Español
 Em Português
 Svenska
 Norge
 Danmark
 Italian

 FASTER ACCESS:
 europe
 japan

 TIME INC. SITES:
 CNN NETWORKS:
Networks image
 more networks
 transcripts

 SITE INFO:
 help
 contents
 search
 ad info
 jobs

 WEB SERVICES:

COMPUTING

Microsoft's Taiwan Web site hacked

January 10, 2000
Web posted at: 11:21 a.m. EST (1621 GMT)

by Ellen Messmer

From...
Network World Fusion
hacking

(IDG) -- On Wednesday, an unknown attacker broke into Microsoft's Web server for public information in Taiwan, leaving the message: "Hi, Bill, welcome to the real Y2K bug."

The hacker, who signed himself as "inferno.vr," apparently exploited a known Web server vulnerability in the Microsoft Internet Information Server that hadn't been fixed. The server has hosted at the Taiwanese company, AUNET, a Microsoft spokesman says.

Microsoft public relations manager Adam Sohn says the server in Taiwan has been shut down, and the intent is to restage the Web information at one of the three data facilities around the world operated by Microsoft itself rather than a third-party hosting facility.
MESSAGE BOARD
Microsoft

"These Microsoft data centers are in London, Tokyo and Seattle, and nobody has ever compromised the security of the data on these hosted servers," Sohn says. The Taiwanese information will probably be added to a server in Tokyo, he added, though Microsoft intends to keep using the URL www.microsoft.com.tw.

Still investigating the incident, Microsoft believes at this point that the hacker exploited a hole in Microsoft's Remote Data Server software used to let Web developers update information to the Microsoft Web server, IIS.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Activist defends DVD hack
  How'd they hack that?
  Protect your PC against hack attacks

"We patched this back in July '98, and then again reminded customers in July '99 to install the patch," Sohn says. Ironically, the Web server on which Microsoft kept its own information in Taiwan hadn't been fixed.

Microsoft says it learned about the hack after a call from a Network World publication, looking into a tip gleaned from an Internet mailing list.


RELATED STORIES:
Reporter's notebook: Hackers are all business at annual congress
January 4, 2000
Feds leave doors open for hackers
December 22, 1999
eToys attacks show need for strong Web defenses
December 21, 1999
Known vulnerabilities are No. 1 hack exploit
December 17, 1999
Cyberattacks against DOD up 300 percent this year
November 5, 1999

RELATED IDG.net STORIES:
White House Web site hacked
(Computerworld)
Could well-meaning legislation wipe out your right to hack?
(Infoworld)
Activist defends DVD hack
(Network World Fusion)
The Web is a hacker's playground
(PC World)
Ernst & Young teaches the fine art of hacking at your site
(Infoworld)
How'd they hack that?
(Computerworld)
Protect your PC against hack attacks
(PC World)
It was sort of a neat hack: The birth of the Internet
(Network World Fusion)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:
Internet Auditing Project
Strategies to protect against TCP SYN Denial of Service
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.