Submitted by: Rush, Peterrr
Source: PC World
Dutch hacker claims he accessed servers and could alter files on Microsoft's download site.
One week after Microsoft reported an intrusion into its corporate networks, another hacker claims to have penetrated the company's Web servers on Friday. The Dutch hacker, using the alias Dimitri, says Microsoft failed to install a patch for a known bug in its Internet Information Server and has not sufficiently secured its Web servers. Dimitri says he gained access to several of Microsoft's Web servers and was able to upload a short text file boasting of the hack to a page on Microsoft's public site. He could alter files on Microsoft's download site, he says. "I could add Trojan horses to software that Microsoft customers download," Dimitri says. A Microsoft spokesperson confirms that a hacker reached at least one server but says Microsoft security personnel are rechecking their servers for holes to patch. "We investigated this report," says Adam Sohn, a Microsoft representative. "He was able to exploit a known security flaw that we were able to patch. The patch had not yet applied to the server." He could not confirm that all servers in Microsoft's network had the hole patched. ... Dimitri also claims he downloaded files containing administrative usernames and passwords to the server. The encrypted files could be decoded with a tool called the L0ft crack, he says, but says he will not decode them. Dimitri says he got a "pretty good look" at Microsoft's server structure. The server domain is called Houston, and all of Microsoft's Web servers are set up the same way with the same disk image, he says. |
He used the Unicode bug that Microsoft already patched on 10 August... Looks like microsoft is a populair target lately
