Linux Today: Linux News On Internet Time.

More on LinuxToday

CNET Microsoft secret password could allow access to Web sites

Apr 14, 2000, 17:04 (12 Talkback[s])
(Other stories by Joe Wilcox)

WEBINAR: On-demand Event

Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >

"The password back door was included in software by one or more Microsoft engineers, the company confirmed. Hackers knowing how to exploit the vulnerability could access any site using FrontPage 98 extensions, Microsoft said. FrontPage, a Web authoring and site management software package, requires that special software code--or extensions--be present on the Web site for all features to be available...."

"Although Microsoft is treating the problem "as a serious security risk," a spokeswoman downplayed its overall effect. "Very few people are still using FrontPage 98," she said. "Most people are using FrontPage 2000."

"But a quick survey of Web hosting services this morning found a number of major companies--such as Concentric Networks and UUNet--offering FrontPage 98 and FrontPage 2000 extensions."

"The password back door is potentially most devastating for companies that host commercial and consumer Web sites. Hosting providers typically apply FrontPage extensions individually to hundreds of thousands of Web sites, meaning the problem could be difficult to clean up."

Complete Story

Related Stories: