Skip to main content

New Windows 2000 security loophole found

The operating system Microsoft wants to kill is still around. Windows 2000 (opens in new tab), whose first beta was out back in September 1997, is still powers a non-negligible number of Windows computers in businesses, currently the third most used OS, ahead of Apple Mac OS X.

Although Windows 2000 support including security updates will be terminated on July 13, 2010, a recent report (opens in new tab) by Forrester Research showed that nearly one in every ten companies are still using Windows 2000 within their companies with nearly a third having no plans to move to Windows Vista.

A team of Israeli security experts from the Department of Computer Science at the University of Haifa have found out yet another serious vulnerability in Windows 2000 operating system, one which affects the Random Number Generator.

The team leader, Dr. Benny Pinkas (opens in new tab) says that hackers can readily exploit this loophole in order to get their hands on sensitive information such as emails, passwords and credit card details.

The Security Response Communications Director at Microsoft, Mark Miller said that Microsoft did not find any security issues with CryptGenRandom.

More worryingly (opens in new tab), the researchers says that Windows XP and Windows Vista might also be at risk as they use similar random number generators.

Désiré Athow
Contributor

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.