In what amounts to another security blunder at Microsoft, the company alerted users on 8 February that the popular telnet utility bundled with Windows had a security hole.
The telnet utility on Windows 2000 has been plagued by problems. The utility, which is designed to give users access to remote IT systems, was last fixed in June 2000 when Microsoft issued a patch. This plugged seven security holes in Windows 2000's Telnet service, including serious holes that could have led to Denial of Service attacks.
Microsoft said that this latest breach could cause a denial of service, or in some cases, allow the attacker to run any code they wanted in Windows 2000 or Interix 2.2, a program that allows users to run Unix applications in Windows 2000. Microsoft has issued a patch that fixes the problem in both applications.