Microsoft executives dismissed a
security issue exposed on a Web site run by "Vitali Chkliar" as a
"non-issue" today, noting that the hole can only be exploited if default
settings are used without a firewall in place--that is, if proper security
procedures are not implemented. The hole can allegedly expose detailed
information about groups of users except password data. The "Chkliar" site
also allows a user to input their own IP address in order to test a site
and lists 10 such sites that are exposed to the hole.
Short Take: Microsoft dismisses bug report
Microsoft executives dismissed a security issue exposed on a Web site run by "Vitali Chkliar" as a "non-issue" today, noting that the hole can only be exploited if default settings are used without a firewall in place--that is, if proper security procedures are not implemented. The hole can allegedly expose detailed information about groups of users except password data. The "Chkliar" site also allows a user to input their own IP address in order to test a site and lists 10 such sites that are exposed to the hole.
Be respectful, keep it civil and stay on topic. We delete comments that violate our policy, which we encourage you to read. Discussion threads can be closed at any time at our discretion.