Browse > Home / Blog article: Attack code for Microsoft Works File Converter published; danger for users who don’t install patch

Attack code for Microsoft Works File Converter published; danger for users who don’t install patch

By Janine de Blois

February 15, 2008

When a hacker, who goes by the name “Chujwamwdupe” got an email from Microsoft refusing him credit him under the name he uses he decided to publish the attack code.

Microsoft is normally diligent about crediting hackers for informing them of vulnerabilities. However, this hackers name apparently refers to a form of sexual intercourse in Polish.

A Microsoft spokesperson stated, “The finder’s user name could have been perceived as offensive in another language, so we credited the vendor, VeriSign iDefense VCP [Vulnerability Contributor Program], for reporting the issue to us responsibly.”

Many hackers use pseudonyms when reporting bugs, but few are offensive. Using a name like this on a security bulletin could cause the bulletin to be blocked by email or web filters and not actually reach the customer.

Chujwamwdupe published the code a day after the patch was released by Microsoft. This means that many systems using the Works File Converter, will be vulnerable to attack until they install the patch; which will be months in some cases.

Click here to discuss this: Security Forums

Filed Under Computer Security, IT Security, Internet Security News, Software Security 
Tagged:



Add to Bookmarks:

ADD TO DEL.ICIO.US     ADD TO DIGG     ADD TO FURL

ADD TO STUMBLEUPON     ADD TO YAHOO MYWEB     ADD TO GOOGLE     ADD TO SPURL


Related posts to "Attack code for Microsoft Works File Converter published; danger for users who don’t install patch":



Comments

Got something to say?





Visited 408 times, 3 so far today