Spacer Sidebar Directory Map

The Technical Writer's Checklist

The Training Book, the handbook for trainers

 

ITrain - International Association of Information Technology Trainers Blatent Disregard For Customer Safety
Hardware vendors goof big time with security snafu
ITINFO Sponsor
Website Hosting: Special Offer for IT Professionals

Fast, unlimited hits. Secure SSL servers.
100MB web & ftp storage.
Unlimited email aliasing, redirection, and autoresponders.
4 multi-homed T3 & T1 lines on the primary backbone.
24/7 Monitoring
Daily access reports
Free MySQL database with multiple tables ($120 value)
Free PGP encryption ($120 value)
Free Autoresponders ($120 value each)
Ask for the special database package

host@dgl.com
DGL Super-Fast Website Hosting

Internet Poll
Have you attended a seminar via e-learning?
yes
no

poll archive

Windows Ships With Gaping Security Holes
by Dave Murphy
ISSN 1535-3613

Dave Murphy, DGL President & ITrain founder Some popular models of PCs from Compaq Computer Corp. and Hewlett-Packard that include pre-installed and configured Microsoft Windows are leaving the new owners at a significant risk of malicious intrusion via the Internet.

Microsoft Corp. and Compaq Computer Corp. on Friday confirmed the existence of several significant software security flaws that could enable intruders to gain access to the computers of millions of customers and to damage their data via email or through commands sent from a malicious website.

The security holes reported here primarily affect computers running Win95/98 and Microsoft's Internet Explorer (IE) web browser that have been configured to allow easy access by vendor support technicians during routine assistance or upgrades.

A Microsoft official said the company was at work creating a fix for the newly discovered security holes. "We take security issues very seriously," said Andrew Dixon, group product manager for Office at Microsoft. "Right now, we are working on testing a solution and steps for customers to take."

I wonder if the problem may stem from Microsoft's choice to integrate IE as a primary component of W98. Because of the tight integration I think third-party vendors may have a more difficult time offering software apps that will prevent just this type of crisis. For example, the tight integration of the Jet engine with MS Office apps prevents anti-virus programs from detecting many online attacks.

Compaq made the big boo-boo of signing an applet that allows it's technicians complete access to customer's computers via the net. But with the security door left wide open by Compaq, who's to say the technician who's diddling in your new Presario computer right now is from Compaq?

Got something to say on the subject? Leave your comments on the message center.

Microsoft
Compaq
HP
Message Center

Subscribe to ITINFO.
Receive computing and Internet news & tips
by subscribing to the ITINFO information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Damar Group, Ltd. helps business use technology.

ITINFO is again accepting sponsors. Sponsor messages are included in ITINFO's email newsletter and are permanently posted to DGL's website and online reference areas.

ITINFO is an electronic publication of Damar Group, Ltd., publisher of Training Express computer learning guides. Comments and submissions to info@dgl.com.

Previous issues are on our website at http://dgl.com/itinfo/.

updated July 31, 1999
http://dgl.com/itinfo/1999/it990731.html

Return to DGL homepage
Copyright © 1999, Damar Group, Ltd., All Rights Reserved