Microsoft Fixing 'Fixed' Flaw

Microsoft Fixing 'Fixed' Flaw

Techtree News Staff, Nov 26, 2007 1915 hrs IST

The hacker can then proceed to accessing the victim's data, passwords, his/her Internet usage, and in general -- his/her PC to distribute spam/viruses.

While most of the US sat back and enjoyed Thanksgiving, Microsoft engineers tinkered away at fixing a design flaw in Windows, recently brought to light by Beau Butler, an ethical hacker.

Demonstrated by Butler at last week's 'Kiwicon Hacker Conference' in New Zealand, the design flaw is such that even a lone hacker exploiting it can take control of a vast number of home- or office- PCs across the globe. All it takes is one single attack.

The hacker can then proceed to accessing the victim's data, passwords, his/her Internet usage, and in general -- his/her PC to distribute spam/viruses.

When Butler tested the flaw, he found over 160,000 computers in New Zealand alone to be vulnerable. While USA is an exception, a lot of countries are potentially open to attack.

Meanwhile, Microsoft, which has acknowledged the seriousness of the flaw, is researching comprehensive mitigations and workarounds to protect customers. The flaw affects all versions of Windows, including Microsoft's most recent Vista release.

Interestingly, it is an old flaw, which was first exposed, and apparently fixed over five years ago.

All said, the old fix does not seem to be working all that well, for the flaw to have re-surfaced in this manner.



(All fields are mandatory.)

Text Limit = 255 Characters

Type the characters you see in the picture below.

#

Characters are not case sensitive.

Close[x]