Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » $2 trillion fine for Microsoft security flaw?

$2 trillion fine for Microsoft security flaw?

by Nikola Strahija on May 11th, 2003 A recent security flaw in Microsoft Passport password reset tool could cost the software giant 2 trillion dollars. Will Microsoft finally learn it's lesson?


On Thursday, Microsoft admitted that a flaw in the password reset tool exists, and could compromise the infromation stored on all 200 million users.

It took Microsoft three hours to disable the password reset tool, after the Microsoft's advisory has been published.

Last year, the Federal Trade Commission demanded that Microsoft improve it's Passport security or face fines of up to $11,000 per violation. As always, Microsoft promised to work harder to protect consumer information and therefore launched it's Trustworthy Computing initiative to pur regulator's minds at ease.

To cover all 200 million violated users, the FTC is looking into the Passport breach and could slap Microsoft with a $2.2 trillion.

The flaw is exploited by opening the following URL in a web browser:

https://register.passport.net/emailpwdreset.srf?lc=1033
[email protected][email protected]&rst=

after that, URL which resets the password will be delivered, in this case, to [email protected]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »