Exploiting a widely known flaw in Microsoft's Web server software, attackers have defaced three Microsoft Web sites this month.
On Sunday, a Brazilian defacement group known as Silver Lords replaced the home page of a Microsoft customer support site located at https://cust-supp-chat.one.microsoft.com with one of their own.
The defaced page, which was still viewable today, included a message in Portuguese that begins "Bill Gates, my beloved and millionaire friend," and ridicules Microsoft for failing to follow the advice in its security bulletins.
The other defaced sites included the Web home of Microsoft Research's Social Computing Group, and a site for an advisory group for Microsoft's Office suite. All three sites were running Microsoft's Internet Information Server (IIS) software, according to Netcraft.
In an online interview today, a Silver Lords member who calls himself "Lord Choo3s" said he attacked the three sites by exploiting an unpatched flaw in an IIS component called FrontPage Server Extensions.
Microsoft released a bulletin and patch for the buffer overflow flaw, which allows attackers to run code of their choice on a vulnerable server, on Jun. 21, 2001.
To deface the Microsoft sites, Lord Choo3s of Silver Lords, who said he was 15, relied on an exploit published by NSfocus, a computer security firm in China.
View: NSFOCUS Security Advisory (SA2001-03) [25th June 2001]