heres one for infinite = ) Yet ANOTHER problem with Windows, sheesh, I am realizing how shity MS really is...
===============
Microsoft warned customers on Monday that a security hole in Windows 2000 and the company's Web server software is allowing online attackers to take control of corporate servers.
Because the vulnerability is being actively exploited by Internet vandals, Microsoft advised customers to apply a patch or use a workaround to defend against the attack as soon as possible.
"We have had isolated reports from customers that (the flaw) is getting exploited," said Iain Mulholland, security program manager for Microsoft's security response center. "We have issued a number of workaround options. Ultimately, the only way to protect yourself is apply a patch, but we respect companies' need to test first."
The incident nearly embodies a worst-case scenario for how a vulnerability should be discovered. Companies generally hope that researchers will discover a flaw, inform the software maker, and then wait to announce the flaw until a patch is prepared. When online vandals have access to a "zero day" vulnerability--a flaw that companies aren't warned of--they can break into far more computers before software makers understand what is going on.
In this case, Microsoft learned of the vulnerability after online hackers used the flaw to breach the security of a customer's Web servers last Wednesday, Mulholland said. He said the incident is being investigated by federal law enforcement.
Atlanta-based Internet Security Systems also had a customer affected and confirmed that a tool to take advantage of the flaw is being distributed on the Internet.
http://news.com.com/2100-1002-992920.html For the full story
Its also on the front news page
