Microsoft has hit back at claims that Windows 2000 users are exposed to a loophole in the operating system’s random number generator, a flaw researchers claim allows hackers to retrieve users’ personal information. Dr Benny Pinkas from the Department of Computer Science at the University of Haifa, said CryptGenRandom can be exploited by hackers to access information such as email, password and credit card details.
“This is not a theoretical discovery. Anyone who exploits this security loophole can definitely access this information on other computers,” he said. However, Mark Miller, Microsoft’s director for security response communications, said after further investigation into the claims by Dr Pinkas, the company found that there is no security vulnerability.
Vulnerability, Exploit, Windows Server 2000, Microsoft