A Dutch hacker claims to have penetrated Microsoft's Web servers on Friday – just one week after the company reported a serious hacker attack on its networks.
The Dutch hacker, using the alias Dimitri, said that Microsoft failed to install a patch for a known bug in its Internet Information Server (IIS) software, and has not sufficiently secured its Web servers.
He gained access to several of Microsoft's Web servers and was able to upload a short text file boasting of the hack to Microsoft's Web site, Dimitri said. He also claimed he could alter files on Microsoft's download site.
"I could add Trojan horses to software that Microsoft customers download," Dimitri said.
Server holes A Microsoft spokesman confirmed that the hacker reached at least one server, but said that Microsoft security personnel were rechecking their servers for holes to patch.
Adam Sohn, a Microsoft spokesman, said: "We investigated this report. He was able to exploit a known security flaw that we were able to patch." He could not confirm that all servers in Microsoft's network had the hole patched.
Sohn added: "We are very focused on securing and maintaining the servers on our network. From a security standpoint, there should be no difference between servers."
The server was in semi-retirement, redirecting visitors to another area of the network with more updated content, he said.
Dimitri said that he used the "Unicode" bug to get access to Microsoft's systems. Microsoft first patched this security hole on August 10, and issued a security bulletin on October 17 pointing customers to the same software patch. On its TechNet Web site, Microsoft refers to the bug as the "Web Server Folder Traversal" vulnerability.
"It is extremely sloppy for Microsoft not to install it's own patches," Dimitri said.
Sohn denied that the security flaw was related to the intrusion Microsoft reported to the Federal Bureau of Investigation on October 26. In that case, hackers gained access to unidentified source code under development for a future product.