Hotmail Users' Security/Privacy at Risk

Posted by Pile (5807 views) Add this story to MyYahoo Add this article to del.icio.us Submit article to Reddit Add story to Furl Add story to StumbleUpon [E-Mail link]


Microsoft took part of its MSN Web site offline over the weekend, after it learned of a flaw that could let an attacker gain access to Hotmail accounts, the company said.

The MSN Web site, http://ilovemessenger.msn.com/, contained a so-called cross-site scripting flaw, a Microsoft representative said on Monday. In its initial review of the issue, the company found that an attacker could use the vulnerability to obtain "cookies" from Hotmail users by getting them to click on a malicious URL. That could then grant access to those e-mail accounts, the representative said.

The Hotmail and MSN flap comes within a week after Microsoft acknowledged that its South Korean MSN Web site had been hacked. Attackers placed malicious software on the news section of MSN Korea in an attempt to steal passwords for "Lineage," a popular online game in Asia.

Details

 

 

Comments

 
Name: (change name for anonymous posting)
Title:
Comments:
   

1 Article displayed.

Pursuant to Section 230 of Title 47 of the United States Code (47 USC § 230), BSAlert is a user-contributed editorial web site and does not endorse any specific content, but merely acts as a "sounding board" for the online community. Any and all quoted material is referenced pursuant to "Fair Use" (17 U.S.C. § 107). Like any information resource, use your own judgement and seek out the facts and research and make informed choices.

Powered by Percleus (c) 2005-2047 - Content Management System

[Percleus 0.9.4] (c) 2005, PCS