'Ethical' Kiwi hacker keeps Microsoft busy
A lone New Zealand hacker has triggered a security scare that had Microsoft software engineers in the United States working through their Thanksgiving holiday weekend to fix a design flaw in Windows software.
Beau Butler – who describes himself as an "ethical hacker" – revealed at NZ computer security conference Kiwicon earlier this month that the flaw was exposing millions of computers to hijacking by criminals.
Mr Butler told Melbourne's Age newspaper that he did not get any response to emails in which he tried to alert Microsoft to the problem before going public with his research.
"I assumed they were aware of the issue," he said. The "bug" was first recognised five years ago, but was supposed to have been fixed.
The design flaw meant a person could take control of vast numbers of home or office PCs around the world in a single attack, read data, steal passwords or use them to distribute spam or viruses.
Mr Butler said while testing the flaw, he found more than 160,000 computers in NZ were vulnerable.
Microsoft confirmed the issue was serious and asked the newspaper not to publish specific details over fears they could be mis-used.
Microsoft said it had engineers in Australia and the US working on the problem through the Thanksgiving holiday.