Out-Law / Your Daily Need-To-Know

In a security bulletin posted yesterday, Microsoft revealed the discovery of three flaws in the company’s Content Manager Server, an application which simplifies the development and management of e-business web sites. The flaws could potentially be exploited by hackers to take control of servers and authentication systems.

The first vulnerability was detected in a feature which allows web site owners to restrict access to certain sites. According to Microsoft’s security bulletin, “by sending a specially chosen request to an affected server, an attacker could either disrupt web services or gain the ability to run a program on the server”. Such a program could run with full system privileges and “be capable of taking any action the attacker desired”.

The second flaw relates to the way that the web-authoring function uploads files and the third was found in the server’s database features.

The flaws could allow hackers to attack computers running Windows, Unix operating systems and Mac OS X.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.