Neowin.net - Update: Microsoft Beta Newsgroups 'Wide Open'

Update: Microsoft Beta Newsgroups 'Wide Open'

Posted by Steven Parker on 06 August 2003 - 10:27 · 71 comments & 6512 views

Thanks to a prying eye and probably a stroke of luck, a user has managed to exploit Microsofts Newsgroups via Microsoft BetaNews. That user can gain access to any Beta newsgroup as long as he has a valid Microsoft BetaID and that person knows the ID number for the newsgroup.

A friend enabled us here at Neowin to access the microsoft.beta.longhorn developer preview groups that were opened in March for select developers. The newsgroups there aren't buzzing with activity since they received the official M4 build of Windows Longhorn Professional and not much else since.

We will be passing this information on to Microsoft so that they can review their security. Below is a screenshot of our entry to these newsgroups.

Update: We have contacted Microsoft Security, Some of the more sensitive newsgroups have now been locked down, but less important ones still seem to be affected

Screenshot: >> Click here <<

View: Microsoft BetaNews (requires valid BetaID)

FIC Radeon 9600 Pro at Gamer Depot

View: FIC Radeon 9600 Pro at GD

VajaCases-iPod Case @ Geekshelter.com
"With the iPod craze that has sweept the nation, many people are constantly trying to stylize their iPods look and feel. Recently, a company by the name of Vaja has released an elegent set of Cases to really beef up your pod. I was lucky enough to obtain their new case released for the 3rd Generation iPods."

View: VajaCases-iPod Case @ Geekshelter.com

Radeon 9800 & 9700 put head to head
Having the capability to produce as much as 1.8 million graphic cards per month, Sapphire Technologies happens to be one of ATI’s primary OEM partners.
Today we are examining their Radeon 9800 Atlantis Pro; with a board design that resembles ATI's reference a lot, the Atlantis offers 9800 Pro's outstanding performance packed with a great bundle, high quality parts (good for o/cing) & Sapphire's warranty to back it up, at an acceptable price point.

View: Radeon 9800 & 9700 put head to head @ Techspot

Vantec NXP-205 Fan Controller Review
Nexus Fan Controller connects up to 4 fans and allows you manually adjust the fan speed and noise level. The fan speed is determined by the variable speed potentiometer settings which vary the voltage of the fan from 7V-12V. Each channel will support 15-18W. Blue LED lights combine perfectly with the Black or Silver housing. Nexus Fan Controller is great for Large CFM fans and fits perfectly in your standard 5'25" drive bay.

View: Vantec NXP-205 Fan Controller Review @ Ascully.com

Hide additional information

About the Author
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline

Total votes: 0

Bookmark on del.icio.us

Advertisement

#1 Posted by Quick Reply on 06 Aug 2003 - 10:31: awesome, the Longhorn newsgroups are gonna rock after they release a beta

(1 reply) #2 Posted by kairon on 06 Aug 2003 - 10:58: Gee, won't even tell us. Why even bother posting this.

#3 Posted by Trix on 06 Aug 2003 - 10:59: aww no sharing of the id and wont let other ppl post it grrrrr havto fin this exploit my self or lern howto make these Xploits

#4 Posted by Voodoo on 06 Aug 2003 - 11:03: we gotta give ms the chance to plug it first

#5 Posted by Sim31 on 06 Aug 2003 - 11:04: <<removed>>

#6 Posted by Trix on 06 Aug 2003 - 11:07: what wwas removed ???? tell meeee!

#7 Posted by Trix on 06 Aug 2003 - 11:08: grrr hwat mod is watching this commenty goto findout

(3 replies) #8 Posted by Trix on 06 Aug 2003 - 11:09: just look at iexbeta they think this is all a fake grrr idiots well who know neowin mite be messin wiht our heads! <<iexbeta.com>>

Last edited by 32223 on 06 Aug 2003 - 11:26

(1 reply) #9 Posted by Sim31 on 06 Aug 2003 - 11:13: Hmm guess its not allowed to say how to do it then

#10 Posted by Sim31 on 06 Aug 2003 - 11:16: Yes, Posted it and got removed, so I cant tell

#11 Posted by nathanintu on 06 Aug 2003 - 11:20

(1 reply) #12 Posted by air101 on 06 Aug 2003 - 11:26: The Screen shows LongHorn , can't it be fake or something ?

#13 Posted by Sim31 on 06 Aug 2003 - 11:59: I dont think they will let you post in the groups tho since I tried, and nothing shows up hmmm

Last edited by 15825 on 06 Aug 2003 - 12:05

#14 Posted by Trix on 06 Aug 2003 - 12:09: hey Sim31 i figured out how to do it but all i need now is a beta place ID and i lost my a loooooooooooooooooooooooooooooooooooooong time ago

#15 Posted by Trix on 06 Aug 2003 - 12:14: sh|t theve said now!

(1 reply) #16 Posted by on 01 Jan 1970 - 00:00

#17 Posted by Voodoo on 06 Aug 2003 - 12:25: again to remind u - we will not allow links to sites that give details of the exploit

(4 replies) #18 Posted by Quick Reply on 06 Aug 2003 - 12:29: I got in, pretty boring eh?

but I also found...
Cobra
Miata
Everest
SFU 3.5
SQL SLammer Defense
MRS Trial
Mira v1.5
MSTV Tools Suite 1.0 Preview Release 1
Project 11
mediacenter update
UNIX DB Library
VS6 Sp6 Beta
msklc
MidTownx
Baseball 2003
Exchange RDP
Storage Services
FS 9
Preview Beta SP4 (dont know if thats w2k sp4 or not)
Windows ADS Beta
CRM1.0 Intl
Ozone
Jupiter
Windows2000 JA SP4
HIS
SQL QFE
ObjectSpaces EAP
Highwire v1.0
MSIB 2.0
IB Training

and others that are heard of

#19 Posted by Trix on 06 Aug 2003 - 12:32: aww man i want a beta ID

(3 replies) #20 Posted by SOHara on 06 Aug 2003 - 12:35: Found the Halo PC beta on there as well

(1 reply) #21 Posted by joa on 06 Aug 2003 - 12:41: I found Longhorn Dev => achthonderd vijftien

#22 Posted by Trix on 06 Aug 2003 - 12:44: we should start a separte topic for this

(2 replies) #23 Posted by air101 on 06 Aug 2003 - 12:48: THE Screenshot is FAKE!

#24 Posted by Trix on 06 Aug 2003 - 12:49: no the screen shot isnt fake i got 3 other ppl to back that up

#25 Posted by Trix on 06 Aug 2003 - 12:52: PLEASE does anybody have a Beta ID i can use just for 10 minutes please!

(1 reply) #26 Posted by air101 on 06 Aug 2003 - 12:54: all n00bs

#27 Posted by Trix on 06 Aug 2003 - 12:56: so what the ucp or what ever it is call id 81 or 81_somthing?

(3 replies) #28 Posted by ThunderRiver on 06 Aug 2003 - 13:03: Oh Almighty Voodoo, if you actually use your little brain, you might understand it is not wise to post when you don't belong to that specific newsgroup.

Oh well..

(1 reply) #29 Posted by Tom Servo on 06 Aug 2003 - 13:17: I spoiled. I'm reading their newsgroups...

On a second note... Why are there people called "Joe User" and BS like that in these newsgroup? Talk about seriousity.

--edit--
OMFG an OT topic about Matrix Reloaded! What the?

Last edited by 413 on 06 Aug 2003 - 13:24

#30 Posted by whistlerxp on 06 Aug 2003 - 13:24: Cool nice trick,you made MS all exited.

(2 replies) #31 Posted by ZiUL on 06 Aug 2003 - 13:52: Read the bible:
Genesis 5:10

(2 replies) #32 Posted by Cool4 on 06 Aug 2003 - 14:16: i have a valid beta ID, but i don't know how to sign in, it should only ask for the beta ID, i think! but it ask for user and pass! what do i have to do?

#33 Posted by dougkinzinger on 06 Aug 2003 - 14:32: I'm also in, since I actually USE the newsgroups....there is some interesting stuff out here, but remember folks--it's just NEWSGROUPS....that's all....

(1 reply) #34 Posted by EnIgMa-PenGuIn on 06 Aug 2003 - 14:36: ^_^ nice one guys lols. im sure ms was happy to know and fix that hole. good work ^_^ and at least it keeps unmentionables out of there

#35 Posted by gameguy on 06 Aug 2003 - 14:44: hehehe, widbey

#36 Posted by Know Won on 06 Aug 2003 - 15:29: Good find.

#37 Posted by gameguy on 06 Aug 2003 - 16:27: is it "fixed" now? i think it is

(2 replies) #38 Posted by netizen on 06 Aug 2003 - 16:37: Sureley MS ought to reward the Neowin admins with an access-all-areas betaID for this

#39 Posted by whoreman on 06 Aug 2003 - 19:07: i see the theory behind it and i belive this to true but possibly fixed now?

well half my legit links dont work

(1 reply) #40 Posted by Michael Lerner on 06 Aug 2003 - 22:18: Great Job they did too, can't access one of my newsgroups

#41 Posted by filter04 on 16 Sep 2004 - 00:38: neowin alert microsoft to so much stuff that goes wrong, and do we ever here a thanks ?

#42 Posted by 23305004937369 on 17 Sep 2004 - 01:33: ccooool thnx

[1]

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Scroll to the Top