Last Thursday, Microsoft admitted its engineers planted a secret password in its software that could be used to gain illegitimate access to hundreds of thousands of Internet sites worldwide. Two security experts discovered the code, which was written during the dispute between Netscape and Microsoft over their versions of Internet-browser software.
While the software giant acknowledges that the function was "absolutely against our policy," it plans to alert customers as soon as possible with an e-mail bulletin and advisory published on its corporate Web site. The company is also asking customers to delete the computer file called "dvwssr.dll", which contains the offending code. It is installed on Microsoft's Internet-server software with FrontPage 98 extensions.
Although there are no reports that the security flaw has been abused, it's believed to be used by many Web sites. By using the affected software, a hacker may be able to access key Web site management files, which may lead to acquisition to private information such as customer credit card numbers.
detaljnije na:
http://www.entrepreneur.com/Yo...ess/YB_Node/0,1286,555,00.html