Information Security News mailing list archives
FrontPage Flaw Shows Security Still Challenges Microsoft
From: InfoSec News <isn () c4i org>
Date: Thu, 3 Oct 2002 02:18:56 -0500 (CDT)
http://www3.gartner.com/DisplayDocument?doc_cd=110335 [Check out Gartner's forcast on when Microsoft will really be on the path to "Trustworthy Computing" We're doomed! - WK] 27 September 2002 Rich Mogull A new security flaw in FrontPage Server Extensions shows that Microsoft has a long way to go before it can deliver on its much-publicized promise of Trustworthy Computing. Analyst Comments On 25 September 2002, Microsoft acknowledged that hackers could exploit a flaw in FrontPage Server Extensions 2000 to cause a denial-of-service attack or possibly run arbitrary code on the server. The latest vulnerability is nothing new - FrontPage Server Extensions have long been a security risk - but it does indicate that security remains a serious problem at Microsoft. Gartner forecasts that, due to legacy code and resistance to cultural change, Microsoft will not deliver necessary security improvements before 2004 (see "Microsoft Takes Steps Toward Business-Strength Security" [1]). [1] http://www3.gartner.com/DisplayDocument?doc_cd=105525 - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- FrontPage Flaw Shows Security Still Challenges Microsoft InfoSec News (Oct 03)