WinInfo Daily UPDATE, March 26, 2007: Microsoft Admits to Xbox Support Slipups

Microsoft Admits to Xbox Support Slipups


Free World Data Products’ Intel Spec Guide

Visit our sponsor, who brings you WinInfo Daily Update:

==== SPONSOR: World Data Products


Free World Data Products’ Intel Spec Guide
World Data Products has what you need; our free 108-page Intel Server Specifications Guide features almost one thousand Dell, HP/Proliant, and IBM server models. This definitive guide provides information on each server's processor, memory, and storage specifications to help you decide which servers would be perfect for your business. This guide is a must-have for everyone involved in the design, installation, and maintenance of servers. World Data Products: World-Class Provider of Server, Storage, and Networking Solutions. To order this guide, click here:



Microsoft Admits to Xbox Support Slipups

by Paul Thurrott, [email protected]

Last week, Microsoft quickly dismissed rumors of a security problem with its Xbox Live online service, but the company came around to the truth of the matter a bit more slowly: Although the Xbox Live service is technically sound, it appears that some Microsoft Xbox support employees have been giving users' personal information to callers without properly verifying the callers' identities. Consequently, some malicious users have been able to compromise Xbox Live accounts using good, old-fashioned social-engineering schemes.

SecurityFocus, an online security forum, first brought up the possibility that Microsoft support employees were coughing up Xbox Live users' personal information. According to the Web site, malicious Xbox users have been bragging online about their ability to easily steal Xbox Live accounts.

"You call 1-800-4my-xbox, pretend to be that person, make up a story about how your little brother put in the information on the account and it was all fake," one user wrote in an online forum. "You might get one little piece of information per call, but then you keep calling and keep calling, every time getting a little bit more information . . . once you have enough information you can get the password (and) the Windows Live ID reset."

Microsoft said it's now investigating this problem and posted a statement about its efforts on Xbox Live Programming Director Larry Hryb's blog. "We are making some pretty top-to-bottom changes to reduce this type of attack," Hryb wrote. "This shouldn't have happened. Clearly, along the way here, people have not followed the policy and need to be educated with the policy."

Contrary to claims that 10 or more Xbox Live user accounts are being stolen every day, Microsoft said that only a handful of Xbox Live accounts have actually been compromised in the past month or so. Microsoft scheduled an Xbox Live service outage for Tuesday, but said that the outage has nothing to do with the account thefts.

In related news, rumors of a new high-end Xbox 360 console appear to be correct. According to reports, Microsoft will soon unveil a new $479 version of the console that includes a larger hard disk, an HDTV-compatible HDMI connector, and the IP Television (IPTV) capabilities that Microsoft first announced in January. A new version of the console has been expected for some time, and Microsoft's discussions about IPTV in January fueled rumors that a new Xbox 360 version would be released this year.

Editor's Note: Voting Has Opened in the Windows IT Pro 2007 Community Choice Awards! Vote for your favorite products from the Buyer's Guides we published in Windows IT Pro over the past 12 months. The first three categories--Host-Based Intrusion Systems, KVM over IP Switches, and Ultra-Portable Laptops--are now open for voting on the Windows IT Pro forums. We'll open three new categories each week for the next three weeks, and voting will remain open for three weeks per category. To see the list of products in each category and place your vote, follow these links:

Host-Based Intrusion Prevention Systems
( )

KVM over IP Switches
( )

Ultra-Portable Laptops
( ).



Deploy Exchange Server 2007 Without a Hitch!
This one-day technical training event teaches you how to preempt pitfalls and avoid corrupting your infrastructure. Learn how to effectively install, manage, and secure Exchange Server 2007 in a 64-bit environment. You'll also get a peek into the integration of Outlook, SharePoint Server 2007, and Exchange Server 2007. Register today!



Devote your time, energy, and resources to serving your customers, not your servers. Want to focus on high-value activities instead of applying OS patches and updates, dealing with security vulnerabilities, and managing disk drives? Download this free white paper now and find out how you can have a business-class Web hosting solution with secure application pooling to protect your data.



Introducing a Unique Security Resource
Security Pro VIP is an online information center that delivers new articles every week on topics such as perimeter security, authentication, and system patches. Subscribers also receive tips, cautionary advice, direct access to our editors, and a host of other benefits! Order now at an exclusive charter rate and save up to $50!



About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring an UPDATE -- [email protected]



Be sure to add [email protected] to your list of allowed senders and contacts.

Take a look at all of our technology newsletters:

This email newsletter is by the same people who create Windows IT Pro every month. Check it out!


Windows IT Pro is a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2007, Penton Media Inc. All Rights Reserved.

TAGS: Windows 8
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.