Microsoft Refutes Windows 'Back Door' Claim

Microsoft has denied allegations that the Windows Metafile (WMF) bug is actually a "back door" planted by the company's developers so they could secretly access users' PCs.

The charges were raised last week by Steve Gibson, security researcher best known for his ShieldsUp Web site, in a podcast. A transcript of that podcast is available here.

Although Gibson presented no proof of the indictment -- he said that without access to Windows' source code, it would be impossible to prove, or disprove, his charge -- he said that any other explanation just didn't make sense.

"This was not a mistake. This is not buggy code. This was put into Windows by someone," Gibson said in the podcast Thursday. Gibson went on to hypothesize that Microsoft created this back door as a way to add code to users' machines whenever it wanted to.

"For example, if Microsoft was worried that for some reason in the future they might have cause to get visitors to their website [sic] to execute code, even if ActiveX is turned off, even if security is up full, even if firewalls are on, basically if Microsoft wanted a short circuit, a means to get code run in a Windows machine by visiting their website [sic], they have had that ability, and this code gave it to them," Gibson said.

"I don't see any way that this was not something that someone in Microsoft deliberately put into Windows," he concluded.