Printer Friendly

Microsoft looks into loopholes. (Up front: news, trends & analysis).

Microsoft Corp. is investigating claims that some of its flagship programs, including the Internet Explorer Web browser and Microsoft Office productivity suite, have a loophole that could crash users' systems and allow attackers to read users' online files.

Attackers taking advantage of the loophole could trick computer users into thinking they are visiting legitimate Web sites and convince them to divulge personal information. Internet Explorer versions 5.0, 5.5, and 6.0 may have loopholes in handling Web sites' digital certificates, such as those from VeriSign, which verify Web sites as being legitimate and also include unique code for encrypting information. Essentially, any Web site operator with a valid certificate could pretend to be any other Web site operator. Attackers could hijack computer users over a company's internal network as users visit e-commerce sites and intercept their information. Or they could send hijacked users to dummy Web sites and get users to provide their private information.

Microsoft said it's too soon to judge whether a flaw exists and, if so, how severe it is, but such a problem has the potential to compromise more than 100 million Microsoft software users' names, passwords, and credit card numbers. The problem can be fixed by downloading a software patch from www.microsoft.com/technet. The company issued a bulletin advising customers to install the patch immediately.
COPYRIGHT 2002 Association of Records Managers & Administrators (ARMA)
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2002, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Author:Swartz, Nikki
Publication:Information Management Journal
Article Type:Brief Article
Geographic Code:1USA
Date:Nov 1, 2002
Words:224
Previous Article:A digital archiving standard. (Up front: news, trends & analysis).
Next Article:Who's afraid of Sarbanes-Oxley? Accountability legislation creates additional document retention requirements and responsibilities for records...
Topics:


Related Articles
FROM THE EDITOR.
George H. Ryan. (Keeping Current).
Shareholder class actions subject of new Strafford Publications newsletter.
Technology continues transforming associations.
From Dr. Janice Campbell. (Letters to the Editor).
Making the most of your business, trade media opportunities.
Information for authors.

Terms of use | Privacy policy | Copyright © 2021 Farlex, Inc. | Feedback | For webmasters