Web Hosting News

  Home arrow Web Hosting News arrow Page 4 - cPanel, IE Security Flaws Exploited by...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING NEWS

cPanel, IE Security Flaws Exploited by Hackers
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 5
    2006-10-18

    Table of Contents:
  • cPanel, IE Security Flaws Exploited by Hackers
  • The Set Up
  • The Fallout
  • And What About Microsoft?

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement

    cPanel, IE Security Flaws Exploited by Hackers - And What About Microsoft?


    (Page 4 of 4 )

    We know that cPanel responded quickly to repair the flaw once the company was informed. But what about Microsoft, whose IE issue made up the second half of the problem? Well, the software giant releases patches for its software on a regular schedule, unless it’s something really critical. And at first, Microsoft didn’t seem to think this particular exploit was critical enough. “Attacks remain limited,” explained Microsoft’s Scott Deacon on the company’s Security Response blog. “There’s been some confusion about that, that somehow attacks are dramatic and widespread. We’re just not seeing that from our data, and our Microsoft Security Response Alliance partners aren’t seeing that at all either.”

    In the normal cycle of things, Microsoft would have waited until October 10 to release a patch for this vulnerability. In fact, the Zeroday Emergency Response Team (ZERT) released an unofficial patch. “We think it’s great that there are people out there working to help protect our customers,” Deacon noted, alluding to this group of veteran security researchers, “But as we’ve always said, we cannot endorse third party updates.”

    It took a little bit longer, but the software giant finally did post a patch, on September 26. Microsoft says that the patch not only takes care of the public security issue but also “additional issues discovered through internal investigations.”

    From a web hoster’s point of view, what happened has to be one of the scarier scenarios: two security holes in software created by two different vendors (only one of which needs to actually be used by the web host) being exploited together to attack your customers. With the amount of third-party software being used, it may become a more common scenario as well. We can only hope that proprietary software vendors become ever more responsive to their user’s needs and concerns, to help keep the damage from such an event from getting out of hand.


    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    WEB HOSTING NEWS ARTICLES

    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap