Attack on Pentagon Computer Sparks Probe

Authorities are investigating a computer attack on a U.S. military computer server that took advantage of a previously unknown flaw in a Microsoft Corp. program.

The attacker accessed the Defense Department server last week through a machine running the Windows 2000 operating system and Microsoft’s Internet Information Server, which is used for displaying Web pages to the public.

Once inside, the hacker began scanning computers linked to the compromised server and sending information back to an outside machine, said Russ Cooper, who runs a popular computer-security electronic mailing list.

A military official contacted both Cooper and Microsoft about the problem, Cooper said. The company issued a “critical” alert with a software patch Monday, citing an attack on an unnamed customer. Army spokesman Gary Keck said Wednesday that he had been instructed not to discuss the incident.

Cooper said it was unlikely that the hacker caused much harm, because the targeted Web server probably was not networked to sensitive machines.

“The Pentagon has incredibly powerful intrusion-detection software. It would have been setting off alarms,” Cooper said.

Some customers who installed the fix-it patch saw their computers crash as a result. Microsoft said that problem, which since has been fixed, was limited to machines running Windows 2000 with a particular set of upgrades and one previous patch.

Also Wednesday, Microsoft warned Windows users of another critical flaw that could allow hackers to seize control of a computer through specially designed e-mails or viewed Web pages.