Version: 2008
  • On CBSSports.com: Watch March Madness® Games Free Online

February 24, 1999 4:20 AM PST

Microsoft, Novell patch OS problems

By Ben Heskett
Staff Writer, CNET News

  • Post a comment
Related Stories

SCO revamps UnixWare with Linux features

 February 23, 1999

Novell exec bonus tops salary

 February 22, 1999

Delay in Caldera-Microsoft antitrust trial

 February 18, 1999
Software remains an inexact science, as made clear by two problems recently found in popular operating systems from Microsoft and Novell.

In the case of Novell, the network software maker released an update for its NetWare 5.0 operating system in early February to add new functions only to find that the update created a data synchronization problem within the company's directory service, known as NDS.

Novell executives recommend users upgrade to a new "1A" version of its Support Pack, even though the company notes that the "synchronization issue is both rare and may take considerable time before manifesting itself."

A company executive said fewer than five customers experienced issues with the synchronization flaw.

The updated support pack is available for download on the company's Web site.

In Redmond, Washington, software giant Microsoft has issued a bulletin concerning an exploit that could give a wayward user administrative privileges to a particular machine. The problem affects versions 3.5, 3.51, and 4.0 of the company's Windows NT operating system.

The so-called vulnerability was discovered by Lopht Heavy Industries. The organization dedicated to discovering vulnerabilities and building software could not be reached for comment.

Microsoft has developed a "workaround" that will change the default permissions on an NT machine. A software fix is currently being developed by the company.

The vulnerability occurs when the operating system caches various files during its set-up. During this process, local users could replace a certain DLL file, or Dynamic Link Library, with a malicious file that could allow them access to a machine they are not supposed to use. The issue is local in nature, meaning that a user has to interact with a certain machine to gain access to it.

The company said, "This vulnerability is primarily a concern for workstations and other systems that allow non-administrative users to interactively log on." More information is posted on the company's Web site.

Microsoft said a preventative mechanism has been available for this issue since May of last year as part of an NT 4.0 Resource Kit.

advertisement

Latest tech news headlines

advertisement

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets

Market news, charts, SEC filings, and more

Related quotes

Dow Jones Industrials (-0.34%) -37.19 10,741.98
S&P 500 (-0.51%) -5.93 1,159.90
NASDAQ (-0.71%) -16.87 2,374.41
CNET TECH (-0.54%) -9.00 1,645.82
  Symbol Lookup
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET