Feeds

MS UK kills mystery 'Live to Code' site

Misconfigured marketing offshoot pulled

The Essential Guide to IT Transformation

Microsoft has pulled an apparently rogue internal marketing project that sat quietly, but not unnoticed, on the same servers as its main UK website for at least a fortnight.

For at least two weeks leading up to Tuesday (6 May) surfers visiting http://microsoft.co.uk got a somewhat minimalist "Live to Code" page, rather than the main UK website they might have expected to see. The main www.microsoft.co.uk site worked normally throughout.

Live to Code - rogue marketing offshoot pulled.

The "Live to Code" page, by contrast, displayed a list of sub-directories linking to pictures of what appeared to be marketing collateral on sites such as Flickr and YouTube.

This microsoft.co.uk page had the same CNAME as the main site, indicating it was on the same server. Furthermore, www.theeducationcommunity.com, resolved to the same IP address (http://217.64.231.177), until Microsoft sorted out the confusion on Tuesday night.

Reg reader Ian notified us of the Live To Code site on 23 April, prompting our initial inquiries. He thought the site was the result of a DNS hack.

Not so.

Another reader, Simon, came up with a much better theory, when he contacted us on 1 May. "My guess is that someone tried to set up the latter [Live to Code] using MS UK's existing servers, but changed the default website in IIS instead of creating one specifically," he said. "It seems someone might have made a boo boo at Microsoft UK."

Microsoft pulled the Live to Code site, following repeated inquiries from El Reg, on Tuesday. It is yet to explain what was going on. Microsoft's UK site is administered from the US and this factor has made it more difficult to uncover what was going on.

In a statement, Microsoft said the Live to Code site is "legitimately associated with Microsoft and is not serving malware", without explaining its purpose. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.