Windows 2000 Seeing Security Problems Already

On Wednesday, Microsoft released a patch for its Windows 2000 Index Server, due to the discovery of two security holes found earlier this month. The most serious of the two, named the "Malformed Hit-Highlighting Vulnerability," which allows a malicious user to view files stored on a server, was found on January 17th. The second, a less dangerous problem, allows an attacker to view information regarding the targeted network, has been known about for several months now, although Microsoft states that it was unaware of the problem until two weeks ago. Unfortunately, the patch was not available in time for the shipping versions of Windows 2000, but it can be downloaded from the Microsoft Download Center. For more information, read the security bulletin posted by Microsoft.