Critical security hole found in Windows 2000

By Derek Sooman on
An unpatched flaw in a core component of Windows 2000 might be exploited to launch computer worms, security researchers warns. The flaw was discovered by security research firm eEye Digital Security. The firm is withholding details pending the release of a software patch. Microsoft is investigating the issue, which is complicated by its decision to wind down support for the operating system.

The flaw affects a core component of Windows 2000 that can't be disabled, meaning a workaround is unlikely, according to security firm eEye, which discovered the bug.

The company said it won't release details of how the flaw works, until Microsoft has issued a patch. However, it said the vulnerability isn't limited to Windows 2000 alone - Internet Explorer, Windows Server 2003, Windows XP and XP SP1 are all vulnerable, its advisory states.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.