Microsoft Admits Passport Vulnerability

A security vulnerability in Microsoft Passport caused the company to temporarily shut down the service this weekend, casting doubts on Microsoft's plans for a .NET future. According to the person who discovered the vulnerability, this issue exposes a serious flaw in the service's eWallet feature that could have let hackers steal credit card information and other personal information.

However, Microsoft said this weekend that none of its 2 million Passport customers were at risk from the vulnerability. "We do not believe customer data was compromised in any way," a Microsoft spokesperson said. "We know we've got to build and earn trust for \[Passport\] to be successful. We're taking the right steps to do that." According to the spokesperson, Windows XP users were never at risk because of the additional security features built into that OS.

News of a Passport vulnerability is disturbing because it hits at the heart of Microsoft's strategy for the future. The temporary cessation of eWallet functionality this weekend affected only a few dozen e-commerce sites, but if the service is successful, a far wider range of customers could be affected by such service interruptions in the future. Microsoft says it has now fixed the problem.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.