The security hole placed in Internet Information Server 4.0 by Microsoft's own engineers could be used to gain access to sensitive information, including Web site passwords and customer credit card details.
The bug installs itself with anything on the Windows NT 4.0 Option Pack.
A Microsoft representative said without authoring privileges the bug will only allow read access to active server files. Hackers still need authoring privileges to change or delete pages, he said.
But where multiple Web sites are hosted on a single server, a client given privileges for their site could breach the security of another hosted on the same machine.
The bug allows hackers to gain access to key Web site management files, potentially giving access to sensitive information, by using the phrase "Netscape engineers are weenies".
While the back door does not expose an entire Web server, it does open access to Web site management files and possibly user information and passwords. That information could then be use to expose anything else on the server.
Resellers should advise customers to delete files named 'dvwssr.dll' which contain the code.
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007