Israeli Researchers Discover Security Hole In Microsoft Windows

Haifa, Israel (AHN) - Three researchers from the University of Haifa's computer science department have discovered a security flaw in Microsoft Corp.'s "Windows 2000" operating system, the Israelnationalnews.com said on Monday.

Dr. Benny Pinkas, leader of the researchers, said the new security flaw is more serious than previous breaches because it allows hackers to track all e-mails, passwords and credit card numbers that were typed in a computer using Windows 2000 or even information no longer stored on the machine running on the same program.

Previous security breaches on computer operating systems only allow hackers to steal information from another computer starting from the time the security codes were broken.

The researchers, who included Hebrew University graduate students Zvi Gutterman and Leo Dorrendorf, deciphered how the Windows 2000's random number generator works enabling them to enabling them to compute previous and future encryption keys, and eavesdrop on private communication. The generator creates random encryption keys for files and e-mails, so that only the target website can read the correspondence.

Pinkas warned that large companies and people who manage sensitive information on Windows 2000 are at risk. He also warned that information of Windows XP and Vista are vulnerable to hackers because these operating systems also use similar random number generators.

The researchers already notified Microsoft of their discovery. It suggested that Microsoft improve the way it encodes information and allow other computer security experts to verify their discovery.