Search /
Advanced search  |  Help  |  Site map
Click for Layer 8! No, really, click NOW!
Networking for Small Business
How a cyber cop patrols the underworld of e-commerce
Kill switches coming to iPhone, Android, Windows devices in 2015
Galaxy S5 deep-dive review: Long on hype, short on delivery
Google revenue jumps 19 percent but still disappoints
Windows XP's retirement turns into major security project for Chinese firm
Teen arrested in Heartbleed attack against Canadian tax site
Still deploying 11n Wi-Fi?  You might want to think again
Collaboration 2.0: Old meets new
9 Things You Need to Know Before You Store Data in the Cloud
Can Heartbleed be used in DDoS attacks?
Secure browsers offer alternatives to Chrome, IE and Firefox
Linksys WRT1900AC Wi-Fi router: Faster than anything we've tested
Heartbleed bug is irritating McAfee, Symantec, Kaspersky Lab
10 Hot Hadoop Startups to Watch
Server makers rushing out Heartbleed patches
Fortinet, McAfee, Trend Micro, Bitdefender battle in socially-engineered malware prevention test
Net neutrality ruling complicates US transition to IP networks
Net neutrality ruling complicates US transition to IP networks
6 Social Media Mistakes That Will Kill Your Career
Canonical's new Ubuntu focuses on the long haul
4 Qualities to Look for in a Data Scientist
Big bucks going to universities to solve pressing cybersecurity issues
Mozilla appoints former marketing head to interim CEO
Box patches Heartbleed flaw in its cloud storage systems
Obama administration backs disclosing software vulnerabilities in most cases

Microsoft's Taiwan Web site hacked

Today's breaking news
Send to a friendFeedback

TAIPEI, TAIWAN - On Wednesday, an unknown attacker broke into Microsoft's Web server for public information in Taiwan, leaving the message: "Hi, Bill, welcome to the real Y2K bug."

The hacker, who signed himself as "inferno.vr," apparently exploited a known Web server vulnerability in the Microsoft Internet Information Server that hadn't been fixed. The server has hosted at the Taiwanese company, AUNET, a Microsoft spokesman says.

Microsoft public relations manager Adam Sohn says the server in Taiwan has been shut down, and the intent is to restage the Web information at one of the three data facilities around the world operated by Microsoft itself rather than a third-party hosting facility.

"These Microsoft data centers are in London, Tokyo and Seattle, and nobody has ever compromised the security of the data on these hosted servers," Sohn says. The Taiwanese information will probably be added to a server in Tokyo, he added, though Microsoft intends to keep using the URL

Still investigating the incident, Microsoft believes at this point that the hacker exploited a hole in Microsoft's Remote Data Server software used to let Web developers update information to the Microsoft Web server, IIS.

"We patched this back in July '98, and then again reminded customers in July '99 to install the patch," Sohn says. Ironically, the Web server on which Microsoft kept its own information in Taiwan hadn't been fixed.

Microsoft says it learned about the hack after a call from a Network World publication, looking into a tip gleaned from an Internet mailing list.

Contact Senior Editor Ellen Messmer

Other recent articles by Messmer


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.