Freeserve escapes bug threat

Hole in IIS lets hackers slip through

Dixons-owned Freeserve has confirmed that a bug responsible for compromising the security of its service has been squished. The bug affects Microsoft Windows NT and could have potentially allowed anyone to hack into Freeserve's servers and do all sorts of unmentionable things, apparently. The gaping hole was discovered by security group eEye earlier this month when it claimed it had unearthed a "serious security flaw in Microsoft's Internet Information Server (IIS) 4.0". Although Microsoft managed to issue a patch pretty swiftly -- with the promise of a full fix to follow -- a "confidential" newsgroup posting leaked to The Register suggested that as of Monday morning Freeserve had failed to plug the hole. A spokeswoman for Freeserve confirmed that the ISP was aware that there had been a problem and that all the relevant patches had been applied. "I can confirm our system is robust," she said. In an unrelated incident, The Sun's CurrantBun.Com web site was hacked at the weekend. ®

Sponsored: 5 critical considerations for enterprise cloud backup