“Novell claims that its engineers have uncovered a substantial
security glitch in the Windows Active Directory. Microsoft’s
directory is a fundamental part of the Windows 2000 Server, and
according to The Industry Standard, one of the most difficult parts
of the W2K package to upgrade. A network directory enables
administrators to both track and manage resources on remote
networks — users or applications, for example. The Standard notes
that Microsoft’s retooled directory makes it easier for IT staff
“to manage information, users, security and domain structure across
large internal networks.’
That’s a big part of the problem, according to Novell.
Novell reports that while Active Directory reduces the
administration required with multiple domains, it opens up access
to more sensitive parts of the network. ‘A security flaw exists
whereby a blocked administrator can effectively remove this block,
thus enabling access to sensitive corporate assets. This security
issue was duplicated on multiple Windows 2000 Servers in different
configurations. All Windows 2000 Servers were running
Build 2195, the final release of the Windows 2000 operating
system.’
Microsoft has vehemently denied the claims. According to
News.com, Novell brought the hole to Redmond’s attention on Friday,
but company engineers have since been unable to find the alleged
hole. Steve Lipner, manager of Microsoft’s Security Center told
News.com that the found hole was in fact an oversight on Novell’s
part.”