Microsoft admits to backdoor in IIS webservers.
Deven Phillips
dphillips at viata.com
Mon May 14 12:38:48 PDT 2001
Microsoft has done it again. Although "such code is againt our policy",
Microsoft admits that there is a backdoor built into IIS servers running
FrontPage Extensions. The Yahoo story here:
http://smallbusiness.yahoo.com/entrepreneur.html?s=smallbiz/articles/20010514/microsoft_ackno
explains the compromise in a little detail. Supposedly, the offending
code allows for a built in account with administrator access on IIS
servers running FrontPage extensions. Yet again we see why we all like
open-source.
Deven Phillips, CISSP
Network Architect
Viata Online, Inc.
More information about the LUAU
mailing list