TechTarget

Security alert over Microsoft vulnerability

Microsoft has announced vulnerabilities in Internet Information Server 5.0 and Exchange 2000 that could allow a hacker to bring...

Microsoft has announced vulnerabilities in Internet Information Server 5.0 and Exchange 2000 that could allow a hacker to bring down corporate systems, writes Antony Adshead.

Microsoft has revealed that a specially-devised message can be used to crash the software - effectively a denial of service attack.

It is possible to write a script which will repeatedly target the server's IP address or URL to make sure that Windows 2000 is not able to restart itself following an attack. A hacker would not be able to gain control over the server or add, change or delete any data held on it, although any Web-based mail sessions in progress would be halted.

According to Microsoft's Technet Web site, because the flaw occurs in two code modules that are found separately in the two applications it is necessary to patch both of them.

www.microsoft.com/technet

This was first published in March 2001

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close