Microsoft shuts down online store


Microsoft shuts down online store

Microsoft has acknowledged that it shut down an online Microsoft Developers Store on 10 January to look into a possible security hole.

The alleged problem involves a defective script, according to a posting on Web site. The script allegedly has a hole, which a hacker could potentially use to obtain customer information from the site.

The online store is a Web site used by software developers to download product betas, evaluation kits and other information.

Cesar Cerrudo, the developer from Argentina who posted the report about the alleged flaw on 10 January, said in his post: "I don't know when they gonna fix it, so don't put your personal info there until they fix it".

Cerrudo said he stumbled upon the security hole while he was shopping on the site. He notified Microsoft of the hole by e-mail, but did not get a response. After waiting 14 hours he posted a message with SecurityFocus.

A Microsoft spokeswoman said the site was shut down after the company was notified by a list moderator at SecurityFocus of Cerrudo's posting. The site is hosted by a third-party vendor for Microsoft and is not linked to any Web sites on Microsoft's own network, the spokeswoman said.

The company is investigating Cerrudo's claim, she continued. "Microsoft as a company is vigilant about taking reports like this seriously," the spokeswoman said. She could not say when the site would go back online.

Charles Kolodgy, an analyst at IDC, said such security problems are everywhere.

"It's a whole software thing, It's not just a Microsoft thing," Kolodgy said. " I think these things just continue to show that we need more discipline in the way that software is developed and coded."

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy