WASHINGTON -- Microsoft Corp. on Wednesday warned about a serious flaw in all versions of its popular Windows software that could allow hackers to seize control of a person's computer when victims read e-mails or visit Web sites.
Microsoft assessed the problem's urgency as critical, its highest level, and urged customers to download a free repairing patch immediately from its Web site, www.microsoft.com/security.
A top Microsoft security official, Steve Lipner, said the vulnerability was being discussed openly among experts on the Internet when Microsoft learned about the flaw early in January.
Internet security company, iDefense Inc. of Chantilly, Va., said Wednesday it learned about the flaw in December 2002 from Roland Postle, a respected British computer security researcher widely known as "Blazede," and passed the information to Microsoft on Jan. 9.
But iDefense also immediately and quietly warned its clients, which include large corporations and U.S. agencies, before Microsoft could fix the problem.
Microsoft and iDefense said they were unaware of any reports that hackers already had used the technique to break into computers, even though months had passed between the disclosure of the flaw and Wednesday's announcement that it could be fixed.
Russ Cooper, a security expert for TruSecure Corp., based in Herndon, Va., predicted that antivirus software will be updated to protect users who might receive infected e-mails and that Web sites with infected pages would be shut down quickly once they are detected.
The problem involves tricking Windows into processing unsafe code built into a Web page or e-mail message. It was particularly unusual because it affected so many different versions of Windows, from Windows 98 to Windows XP.
Lipner confirmed that the faulty software code was created years ago and included in every successive generation of Windows software without programmers ever realizing it was so seriously flawed.
There was some good news. Microsoft said customers using the newest versions of Outlook Express 6 and Outlook 2002, were protected from hackers.<
Please purchase a Premium Subscription to continue reading.
To continue, please log in, or sign up for a new account.
We offer one free story view per month. If you register for an account, you will get two additional story views. After those three total views, we ask that you support us with a subscription.
A subscription to our digital content is so much more than just access to our valuable content. It means you’re helping to support a local community institution that has, from its very start, supported the betterment of our society. Thank you very much!
Only subscribers can view and post comments on articles.
Already a subscriber? Login Here
Woodside Musical Theatre proudly presents Jesus Christ Superstar in Concert — the company’s … Read moreJESUS CHRIST SUPERSTAR in Concert
“Side-splittingly funny and brilliantly chaotic” Read moreThe Play That Goes Wrong
John Baker said:
CA Is Burning said:
Success! An email has been sent to with a link to confirm list signup.
Error! There was an error processing your request.
Sorry, an error occurred.
Already Subscribed!
Cancel anytime
Thank you .
Your account has been registered, and you are now logged in.
Check your email for details.
Submitting this form below will send a message to your email with a link to change your password.
An email message containing instructions on how to reset your password has been sent to the email address listed on your account.
No promotional rates found.
Secure & Encrypted
Thank you.
Your gift purchase was successful! Your purchase was successful, and you are now logged in.
| Rate: | |
| Begins: | |
| Transaction ID: |
A receipt was sent to your email.
(0) comments
Welcome to the discussion.
Log In
Keep the discussion civilized. Absolutely NO personal attacks or insults directed toward writers, nor others who make comments.
Keep it clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't threaten. Threats of harming another person will not be tolerated.
Be truthful. Don't knowingly lie about anyone or anything.
Be proactive. Use the 'Report' link on each comment to let us know of abusive posts.
PLEASE TURN OFF YOUR CAPS LOCK.
Anyone violating these rules will be issued a warning. After the warning, comment privileges can be revoked.