October 11, 2001

MS blocks peephole into customer data

Author: JT Smith

ZDNET: "Microsoft moved swiftly this week to close a security gap in its customer service Web site that let anyone with
a browser view customers' sales records and other confidential information.

The software giant had left a search database exposed without security protections. The address of the customer
service page was unpublished, but by altering the numerical IP (Internet Protocol) addresses of known Microsoft
Web sites, a security enthusiast located it and found himself with access to an unknown number of customer service
records."

Category:

  • Linux
Click Here!