By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The alleged problem involves a defective script, according to a posting on SecurityFocus.com Web site. The script allegedly has a hole, which a hacker could potentially use to obtain customer information from the site.
The online store is a Web site used by software developers to download product betas, evaluation kits and other information.
Cesar Cerrudo, the developer from Argentina who posted the report about the alleged flaw on 10 January, said in his post: "I don't know when they gonna fix it, so don't put your personal info there until they fix it".
Cerrudo said he stumbled upon the security hole while he was shopping on the site. He notified Microsoft of the hole by e-mail, but did not get a response. After waiting 14 hours he posted a message with SecurityFocus.
A Microsoft spokeswoman said the site was shut down after the company was notified by a list moderator at SecurityFocus of Cerrudo's posting. The site is hosted by a third-party vendor for Microsoft and is not linked to any Web sites on Microsoft's own network, the spokeswoman said.
The company is investigating Cerrudo's claim, she continued. "Microsoft as a company is vigilant about taking reports like this seriously," the spokeswoman said. She could not say when the site would go back online.
Charles Kolodgy, an analyst at IDC, said such security problems are everywhere.
"It's a whole software thing, It's not just a Microsoft thing," Kolodgy said. " I think these things just continue to show that we need more discipline in the way that software is developed and coded."