Skip to main content /TECH with IDG.net
CNN.com /TECH
CNN TV
EDITIONS

Microsoft security flaw in shades of gray

image
Industry Standard

(IDG) -- The latest security hole in Microsoft's Internet Information Server 5.0 is a doozy. It lets anyone anywhere run code on the hosting Windows 2000 system with administrator privileges. The hole was reported on Tuesday by eEye Digital Security. Microsoft released a patch to fix it, and acknowledged and thanked eEye.

Microsoft's hole-du-jour was widely reported on Wednesday. That same day, several hackers released exploits demonstrating how to use the technique to run code on remote Windows 2000 systems, and the press clamor began anew.

MESSAGE BOARD
 
IDG.net INFOCENTER
IDG.net
Visit an IDG site


IDG.net search



Accounts varied as to how many vulnerable systems there are. The AP reported that Microsoft has sold a million licenses of its Windows 2000 Server, but didn't guess how many are running the IIS Web software. The Register blithely guesstimated, and headlined, that "several million" Windows 2000/IIS 5.0 systems are in use.

An early Associated Press report simply covered a press release from eEye announcing the exploits. ZDNet and InternetNews identified one of the hackers - who goes by the nickname Dark Spyrit - and described his exploit code, called jill.c.

Because eEye waited for Microsoft's fix before posting details of the problem, the security community would consider it a "white hat." (Gray hats are those hackers who believe that the best way to force attention to security is to promulgate dangerous exploits. Black hats are the just-plain bad guys.) Yet after Dark Spyrit - whom InternetNews's Brian McWilliams called a gray hat - released jill.c, eEye's "chief hacking officer" published a harmless sample exploit of his own. Watch his hat darken.

The Register's hat is looking a little smudged after its coverage. Reporter Thomas C. Greene not only fingered a second published exploit but also provided handy links to both pieces of abusive code. InternetNews quoted security expert Russ Cooper, identified as the "surgeon general" of TruSecure, who said releasing an exploit "was not necessary to put fire under the butts of anybody. Every alerting mechanism on the planet has been invoked."



RELATED STORIES:
Microsoft scorns 'open-source'
May 3, 2001
Virus infects Microsoft support server
April 27, 2001
Clone of 'Melissa' virus infects the Internet
April 19, 2001
Microsoft security flaw can lead to Web attack
April 18, 2001
Security firm aims to wipe out computer viruses
April 25, 2001

RELATED IDG.net STORIES:
U.S. Air Force blasts Outlook security patch
(IDG.net)
Microsoft security attack tool published on Net
(IDG.net)
Microsoft patches glitch in security tool
(ITWorld.com)
Bug Hunter Claims Windows Flaw Can Hide Hazards
(PCWorld.com)
Microsoft security flaw can lead to DoS
(IDG.net)
Microsoft, Cisco team on wireless security
(IDG.net)
MS updates Windows to combat VeriSign glitch
(ITWorld.com)
Microsoft details browser-privacy tools
(InfoWorld.com)

RELATED SITES:
Microsoft

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.



 Search   





MARKETS
4:30pm ET, 4/16
144.70
8257.60
3.71
1394.72
10.90
879.91
 













Back to the top