The hacker group Cult of the Dead Cow has challenged Microsoft to recall its Systems Management Server (SMS) software, claiming that it has the same stealth features as its own Backorifice 2000 (BO2K) network utility.
The group also called for anti-virus software vendors to issue updates to scan for SMS. It issued an official statement last week, claiming that Microsoft is operating a "do what we say not what we do" policy.
In its security bulletin to warn users about BO2K, Microsoft said: "BO2K is intended to be used for malicious purposes, and includes stealth behaviour that has no purpose other than to make it difficult to detect."
However, in its own online documentation for SMS, Microsoft touts "the possibility of carrying out a remote control session [using SMS] without the user at the client being aware of it."
The documentation continues: "It is possible to configure a remote control [SMS session] where there is never any visible or audible indication that a remote control session is under way. It [SMS] has been made this flexible due to customer demands ranging from one end of this spectrum to the other."
The Cult claimed that Microsoft, in its efforts to portray BO2K as simply a malicious tool, had overlooked the fact that SMS provided similar features. It also pointed out that Microsoft charged customers for SMS, whereas BO2K is "free, open source, and better constructed any way you measure it: size, efficiency, functionality, security."
Jack Clark, European product manager for anti virus at Network Associates, derided the Cult's statement and said that Network Associates would not be updating its products to scan for SMS. "Because of its intentions, we will never take [Cult of the Dead Cow] seriously. We still consider it to be a hacking group," he said.
Kevin Street, technical manager at Symantec, said: "I don't think it is a legitimate challenge; [Cult of the Dead Cow] are pretty much taking the mick. The difference between SMS and BO2K is one of intent of use and consent of use. The fact that it is open source is both a good and a bad thing: although users can tweak it for their own network, so could others."
He also questioned BO2K's provisions for auditing, pointing out that in Symantec's PCAnywhere, administrators have the option of logging to a third server, to ensure that log files could not be tampered with. BO2K does not provide activity logging.
Microsoft declined to comment.
For more news, see this week's issue of PC Week UK
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23
Asda, Morrisons and Tesco in the frame for checkout facial recognition technology
Research opens up new possibilities for structural batteries, where the carbon fibre forms part of the energy system
Another shape could have indicated hard-to-detect particles