[Am-info] Microsoft: critical alert

[Erick Andrews]

http://www.guardian.co.uk/online/news/0,12597,1145539,00.html

=================================================
Microsoft:  critical alert

Wednesday February 11, 2004 The Guardian

Microsoft warned customers yesterday about unusually serious
security problems with its Windows software that could let
hackers quietly break into their computers to steal files,
delete data or eavesdrop on sensitive information.

The company, which learned about the flaws more than six
months ago from researchers, said the only protective solution
was to apply a repairing patch it offered on its website.  It
assessed the threat as "critical", its highest rating.

Security executive Stephen Toulouse said the flawed software
was "an extremely deep and pervasive technology in Windows,"
and urged customers to apply the patch immediately.

The disclosure comes just weeks before Microsoft chairman Bill
Gates delivers a keynote speech in San Francisco at one of the
industry's most important security trade conferences.
Microsoft has struggled in recent months against a tide of
renewed criticism about security risks in its software, the
engine for computers in most of the world's governments,
corporations and homes.

"This is one of the most serious Microsoft vulnerabilities
released," said Marc Maiffret, of eEye Digital Security in
California, which discovered the flaws.  "The breadth of
systems affected is probably the largest ever.  This is
something that will let you get into internet servers,
internal networks, pretty much any system."

Mr Maiffret said systems that control important power or water
utilities were vulnerable.  He predicted hackers will try to
unleash an internet infection within weeks.
=================================================

Erick Andrews