Dr. Ali Jahangiri: Security Expert Finds Problem with Microsoft’s MSN.com
December 2009 by Dr Ali Jahangiri
A world renowned security expert has found a problem with a subdomain of Microsoft’s MSN.com where simple operations lead to error messages from the server. Is this just an error on Microsoft’s part or a prelude to a cyber attack?
Dr. Ali Jahangiri, a world-renowned security expert, has discovered a problem on Microsoft’s MSN.com website. As an expert on hacking and server vulnerabilities he is concerned about Microsoft’s response time in fixing this problem as well, as the possibility that this is a prelude or even the result of an attack on Microsoft’s website.
Discovered on Saturday 26, 2009 at around 5:00pm GMT, the problem is with MSN’s Arabia subdomain. MSN uses subdomains to provide localized content to different parts of the world. There are MSN subdomains for the UK, France, India and so on. There is also a subdomain for Arabia at http://arabia.msn.com. The problem occurs when users of the site try to access Microsoft’s Bing search engine.
On other subdomains and the main MSN.com website, entering a search term into the Bing search box takes you to the Bing search engine and a page of results for the term entered. But on the Arabia site using Bing results in an error. The error comes in two parts, the general error is “You are not authorized to view this page” and the reason given for this is “Forbidden: IP address of the client has been rejected.”
Dr. Jahangiri, who is the author of Live Hacking - a comprehensive guide to hacking techniques and countermeasures for ethical hackers, has tried accessing Bing on http://arabia.msn.com from computers in the U.S., U.K., Canada and UAE and the same error is seen. This means that it isn’t a specific problem with just a few computers but all computers on the Internet.
Dr. Jahangiri is calling on Microsoft to fix this problem quickly but to also check their MSN Arabia website to ensure that it hasn’t been compromised and also to check for any other vulnerabilities in the web server configuration.
About Dr. Ali Jahangiri
Dr. Ali Jahangiri is a world-renowned information technology expert and author. His book Live Hacking is available from Amazon.com and world wide through book shops. He has an extensive background in computer science and has worked as an information security auditor, security consultant and technical trainer. He is a Chartered IT Professional member of the British Computer Society, and a professional member of both the IEEE and the Information Systems Audit and Control Association.