24 January 2001

Microsoft Responds to Security Issue

Auckland, New Zealand - Wednesday,  January 24, 2000 --

In a statement issued today, Microsoft New Zealand says the
Microsoft Security Response Centre learnt early this morning that
www.microsoft.co.nz had been defaced, and immediately began investigating
this report. Microsoft New Zealand's Technical Manager, Richard Burte
says the company is committed to keeping customers' information secure,
and takes all reports sent to secure@microsoft.com very seriously.

"This breach exploits an already known security issue for which a patch
exists.  There was no customer data or Microsoft-sensitive data on the
site," says Burte.  "So far our investigations have indicated that the
New Zealand Direct Access Web Site (www.microsoft.co.nz/directaccess)
is the only Microsoft web site affected. This site is the only one hosted at
www.microsoft.co.nz All our other sites are hosted off www.microsoft.com."

The Direct Access web site www.microsoft.co.nz/directaccess is currently
operated by a third party vendor located in New Zealand and is not
part of the Microsoft corporate network.

"The Direct Access web site cannot be used to gain access to the Microsoft
corporate network or the main Microsoft web sites www.microsoft.com or
www.microsoft.com/nz.

We are currently working with our third party vendor to determine how the
site was defaced and to restore the site to normal operation," says Burte.

Home | Today's Headlines | Contact | New Sites | Job Centre | Investment Centre