Microsoft has discovered an apparent attempt by hackers to steal user information from its South Korean MSN Web site and has taken action to repair the problem.
The attack was directed at the news section of the MSN Korea Web site, said Adam Sohn, a company spokesman. Microsoft was alerted Tuesday morning that the site had been compromised and took the site offline for a few hours to fix the problem, he said.
Microsoft has received no reports of users falling victim to the attack. The Redmond, Wash.-based software maker is still investigating the issue and has called in law enforcement to investigate and take action against those responsible, Sohn said.
Early investigation has shown that the attackers placed an additional frame on the Web site, a so-called iFrame, Sohn said. These frames could be used in malicious attacks that take advantage of a flaw in Internet Explorer, which Microsoft patched last December.
The IE Elements flaw, also known as the iFrame vulnerability, could allow an attacker to take control of a victim's PC. Microsoft's Windows XP Service Pack 2 security update, or SP2, is not vulnerable to the flaw.
Microsoft is confident that its other MSN Web sites are not vulnerable to the same type of attack. The Korean site, unlike the U.S. and most other international MSN sites, was not hosted by Microsoft, but by a Microsoft partner, Sohn said. "There may have been unpatched servers," he said, which could explain the break-in.
In Microsoft's own data centers, the company makes sure its servers are patched and in physically secure locations, Sohn said.
Broadband and mobile Internet usage is popular in South Korea. The market is important to Microsoft's MSN group, which has trialed new services in the country.
It would be my guess that Homeland security would have a more that casual interest in the MSN Membership of Korea. There new super cuybersquad has to get some field training somewhere... Duuu
Chinese authorities have reportedly taken iPads from a third-party retailer, a move apparently brought on by Apple's continued refusal to honor a trademark for the iPad name owned by a Chinese manufacturer.
NY professor believes that a word-based algorithm can help bring together those who believe, with one glimpse, that they have found and lost the love of their lives.
After a higher-than-expected fourth quarter, the video subscription service unburdens itself of a pending yearlong class action suit and settles for $9 million.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
This week, we pass around Sony's new PlayStation Vita for some hands-on testing, check out HP's newest Beats Audio laptop, and debate the best and worst Valentine's Day gadget gifts.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
