By editorial@silicon.com, 11 February 2002 17:05
NEWS Two security flaws have been found in Microsoft's Exchange 2000 and Windows 2000 server software. The holes appear to expose critical information about the system registry as well as allowing hacker to alter the registry itself. A second flaw could allow a malicious party to run new code on the server itself. The flaw lets the hacker execute new code on the server after causing unchecked buffers to overflow. The US Governments 'Computer Incidents Advisory Capability' (CAIC) has flagged the risk of these flaws as high although Microsoft only classes the risk as 'moderate'. The flaws are yet another embarrassing incident for Microsoft which claims to be clamping down on the security of its products after a string of high profile failures.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below