Microsoft's NZ Website Hacked

[InfoSec News <isn () C4I ORG>]

http://aardvark.co.nz/daily/2001/0124.shtml

24 January 2001

Users of Microsoft's Internet server software ought to be a little
more worried today.

In the wee small hours of this morning, a hacker (or hackers) attacked
the Microsoft NZ website, replacing the homepage with some of their
own rather pointed comments about the security of Microsoft's
products.

The culprit was allegedly "Prime Suspectz" and the regular home-page
was replaced with one that said "oh!! what's happened! Another
Micro$oft was hacked?"

"The vulnerability is completely teorical [sic]"

The hack leaves further egg on the face of Microsoft, who suffered a
similar breach of security related to their Microsoft.com site just a
few months ago.

After all -- if Microsoft can't keep it's own websites secure when
running its own software -- what chance do regular users have?

Microsoft was unable to comment on the hack this morning when
contacted by Aardvark, but said that it would be making a statement
about noon.

Would you like a coke to go with that egg sir?

[Microsoft's Offical Response...]

http://aardvark.co.nz/pr2001/012401.htm

24 January 2001

Microsoft Responds to Security Issue

Auckland, New Zealand - Wednesday,  January 24, 2000 --

In a statement issued today, Microsoft New Zealand says the Microsoft
Security Response Centre learnt early this morning that
www.microsoft.co.nz had been defaced, and immediately began
investigating this report. Microsoft New Zealand's Technical Manager,
Richard Burte says the company is committed to keeping customers'
information secure, and takes all reports sent to secure () microsoft com
very seriously.

"This breach exploits an already known security issue for which a
patch exists.  There was no customer data or Microsoft-sensitive data
on the site," says Burte.  "So far our investigations have indicated
that the New Zealand Direct Access Web Site
(www.microsoft.co.nz/directaccess) is the only Microsoft web site
affected. This site is the only one hosted at www.microsoft.co.nz All
our other sites are hosted off www.microsoft.com."

The Direct Access web site www.microsoft.co.nz/directaccess is
currently operated by a third party vendor located in New Zealand and
is not part of the Microsoft corporate network.

"The Direct Access web site cannot be used to gain access to the
Microsoft corporate network or the main Microsoft web sites
www.microsoft.com or www.microsoft.com/nz.

We are currently working with our third party vendor to determine how
the site was defaced and to restore the site to normal operation,"
says Burte.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".