Microsoft warns of new ‘critical’ flaw in Windows NT, 2000, XP, Server 2003

“Microsoft has warned that a ‘critical’ flaw in the latest versions of its Windows operating system could allow hackers to access a person’s computer. In its monthly security bulletin, the world’s largest software maker said Windows versions NT, 2000, XP and Server 2003 were affected,” BBC News reports.

“Giving the problem its highest security rating of ‘critical,’ Microsoft has called on users to download a software repairing patch free from its website. This is said to cure the problem. The flaw is also said to be completely unconnected with the latest clutch of computer viruses currently causing problems around the world,” BBC News reports. “It could however allow hackers to quietly break into someone’s computer to steal files, delete data, or eavesdrop on what that user is doing.”

“Marc Maiffret of eEye Digital Security, the US company that discovered the Windows flaw, said it was a major issue. ‘This is one of the most serious Microsoft vulnerabilities ever released,’ said Mr Maiffret. ‘The breadth of systems affected is probably the largest ever.’ He added: ‘This is something that will let you get into internet servers, internal networks, pretty much any system,'” BBC News reports. Full article here.

CNET reports, “‘There are more attack vectors and more people that could be affected by this,’ said Marc Maiffret, chief hacking officer for eEye Digital Security, the software firm that warned Microsoft of the vulnerability more than six months ago. This is the second time this month that Microsoft has warned users of a security flaw. The company has a new policy of announcing vulnerabilities and releasing patches on the second Tuesday of each month, unless a critical flaw needs to be released immediately.”

“Last week, the software maker revealed a security flaw in Internet Explorer and issued a patch. On Tuesday, Microsoft announced three more vulnerabilities: the critical flaw and two other issues of lesser severity. One security hole affects computers running the Windows Internet Naming Service, and the other affects Microsoft’s Virtual PC for the Mac platform,” CNET reports. “eEye’s Maiffret was critical of Microsoft for taking so long to issue the patch. ‘Two hundred days to fix this,’ Maiffret said. ‘It is obviously ridiculous.'”

MacDailyNews Take: For information on how to switch cleanly to Mac OS X, click here.

Related MacDailyNews article:
Mac owners boast of virus, worm immunity vs. Windows’ swiss cheese security – February 05, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004

36 Comments

  1. You guys forgot to add the trademarked “Macintosh unaffected�” (even though it IS obvious) ” width=”19″ height=”19″ alt=”raspberry” style=”border:0;” />

  2. We had an issue at work today where a piece of management software we have deployed was misconfigured after an update. The software began showing progress boxes that are normally hidden. Our PC users are so paranoid about viruses that many began pulling their network cables for fear of being infected. And yet, the company continues to purchase Wintel boxes, all while trying to convince us they are interested in improving efficiencies and reducing costs. Every time someone thinks they have a virus, there goes 1-2 hours wasted on the virus scan. Unbelievable.

  3. You would think that after 3 major problems this year some coporate guys would just be like. Get rid of this crap from our systems. I especially love how Bill Gates came out and said Windows is the most secure system. iMac $1299, Mac OS X – Panther $129, Making fun of all the people that still “buy” into Bills Testimonies….. Priceless

  4. WhtKnight, you are right, you would think that would happen. In my situation however, everyone is such a politically correct yes-man/woman that no one would dare recommend such a thing. A fool and their money soon part ways…even if those Dell boxes are “cheaper”.

  5. I also read that now that Microsoft owns Virtual PC, they are going to remove the “tu” from the name and just call it “Viral PC”. ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

  6. 2004 is shaping up to be “Year of the Virus” for M$.

    I wish people would wake up. Windoze is a piece of swiss cheese when it comes to security. I don’t think the majority of of people realize there are like over 70,000 windoze viruses out there and currently ZERO (yes, zero) viruses for OS X. That stat should be in every article about viruses. A nice one liner like “There are currently over 70,000 Windows viruses. No viruses have yet been reported for the Apple Macintosh OS X.”

  7. Even if that stat got up to “Only 70 viruses have been been discovered which affect the Apple Macintosh OS X.” It would still blow windoze out of the water.

    But watch, if even ONE virus comes out for OS X, windoze users will be hooting that our system is just as insecure as theirs.

  8. I’d laugh at this news but again, you can’t kill a dead cow can you!
    These vulnerabilities are costing the corporate world hundreds of million and yet, they don’t seem to learn from these terrible flaws.

  9. How come you never see that moron McConnel posting in these threads?

    Could it be that the MS butt licker simply can’t defend his sacred COW in the face of glaring truth?

    Me thinks the answer is a resounding YES!

  10. <childishmoment>windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux…na na na na na na windowssux windowssux windowssux windowssux windowssux windowssuxna na na na na na windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssux windowssuxna na na na na<childishmoment/>

  11. MacLover, you’re right on target. Can anyone think of any other company that has spawned an entire multi-billion (trillion?) dollar industry just to support it’s product? Many people whine and gripe about public education, but M$ requires far more outside support systems to keep it up and running. Perhaps MDN should start taking ad proposals like moveon.org did. We could all submit our iMovie/Final Cut versions of tv ads and then have the best posted online.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.