Microsoft confirms that XP has random number generator bug

Windows XP, Microsoft Corp.'s most popular operating system, sports the same encryption flaws that Israeli researchers recently disclosed in Windows 2000, Microsoft officials confirmed late Tuesday.

The researchers, Benny Pinkas from the University of Haifa and two Hebrew University graduate students, Zvi Gutterman and Leo Dorrendorf, reverse-engineered the algorithm used by Windows 2000's pseudo-random number generator (PRNG), then used that knowledge to pick apart the operating system's encryption. Attackers could exploit a weakness in the PRNG, said Pinkas and his colleagues, to predict encryption keys that would be created in the future as well as reveal the keys that had been generated in the past.

View: Full Article @ InfoWorld

Report a problem with article
Next Article

Microsoft clears up Zune 80 availability issues

Previous Article

Microsoft November 2007 Security Releases ISO Image

Join the conversation!

Login or Sign Up to read and post a comment.

5 Comments - Add comment