Microsoft hacked (again)
Results 1 to 8 of 8

Thread: Microsoft hacked (again)

  1. #1
    AntiOnline Senior Member
    Join Date
    Oct 2001
    Posts
    514

    Talking Microsoft hacked (again)

    Taken from: http://www.newsbytes.com/news/02/175442.html

    Not again...

    -ura

    Microsoft Hacked

    Exploiting a widely known flaw in Microsoft's Web server software, attackers have defaced three Microsoft [NASDAQ:SFT] Web sites this month.
    On Sunday, a Brazilian defacement group known as Silver Lords replaced the home page of a Microsoft customer support site located at http://cust-supp-chat.one.microsoft.com with one of their own.

    The defaced page, which was still viewable today, included a message in Portuguese that begins "Bill Gates, my beloved and millionaire friend," and ridicules Microsoft for failing to follow the advice in its security bulletins.

    The other defaced sites included the Web home of Microsoft Research's Social Computing Group, and a site for an advisory group for Microsoft's Office suite. All three sites were running Microsoft's Internet Information Server (IIS) software, according to Netcraft.

    In an online interview today, a Silver Lords member who calls himself "Lord Choo3s" said he attacked the three sites by exploiting an unpatched flaw in an IIS component called FrontPage Server Extensions.

    Microsoft released a bulletin and patch for the buffer overflow flaw, which allows attackers to run code of their choice on a vulnerable server, on Jun. 21, 2001.

    The vandalized Microsoft support site was also briefly defaced by another attacker today. The defacer, who called himself "Analysis," posted a new message in Portuguese that read "Bill Gates, son of the devil ... go to hell."

    To deface the Microsoft sites, Lord Choo3s of Silver Lords, who said he was 15, relied on an exploit published by NSfocus, a computer security firm in China.

    Microsoft's bulletin on the FrontPage vulnerability thanks NSfocus for reporting the issue to Microsoft and working with it to protect customers.

    NSfocus' advisory about the FrontPage flaw included a disclaimer that reads: "This code is for test purpose only and should not be run against any host without permission from the system administrator."

    Among the pages hosted at the cust-supp-chat.one.microsoft.com server is one for unsubscribing from MSN Newsletters. Another page assists users of Microsoft's Passport service who have forgotten their passwords.

    A Microsoft representative said the company is "vigilant in our efforts to ensure the security of our network," but added that Microsoft does not discuss or comment on specific attempts or claims of intrusion.

    A mirror of the defaced Microsoft support site is at http://www.zone-h.org/defaced/2002/0....microsoft.com .

    SecurityFocus' description of the FrontPage vulnerability is at http://online.securityfocus.com/bid/2906 .
    [shadow]uraloony, Founder of Loony Services[/shadow]
    Visit us at
    [gloworange]http://www.loonyservices.com/[/gloworange]

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    170
    Mankan

    \"The purpose of abstraction is not to be vague, but to create a new semantic level in which one can be absolutely precise.\"
    - Edsger Dijkstra

  3. #3
    Member
    Join Date
    Mar 2002
    Posts
    85
    What is wrong with this? I think <M$ got what they had coming.

    J/K, but thier is a bit of truth in every joke.
    LATER-
    __________________________
    Computers make sense people
    DON\'T.

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    243
    Hah! MS has too much "pride" in their work to use *nix :\
    Search First Ask Second. www.google.com

  5. #5
    AntiOnline Senior Member
    Join Date
    Oct 2001
    Posts
    514
    Hey mankan i didn't see that you already posted - my bad... sorry dude.
    [shadow]uraloony, Founder of Loony Services[/shadow]
    Visit us at
    [gloworange]http://www.loonyservices.com/[/gloworange]

  6. #6
    Junior Member
    Join Date
    Mar 2002
    Posts
    17
    they get everything they deserve if they dont follow their own advice!
    ONE BY ONE THE PENGUINS STEAL MY SANITY!

  7. #7
    Senior Member
    Join Date
    Oct 2001
    Posts
    677
    Microsoft Hacked
    What a surprise!
    I'd never have expected that to happen... lol.

    One Ring to rule them all, One Ring to find them.
    One Ring to bring them all and in the darkness bind them.
    (The Lord Of The Rings)
    http://www.bytekill.net

  8. #8
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    PortVyper> The whatswrong site has been posted before. Not sure about the insanity test though, because I don't have speakers here at work.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •