This security breach was discovered by an independent searcher in informatics security named Rosario Valotta he said this breach involves « every website and every session cookie and the only limit for the attacker is his imagination».
This vulnerability is called «cookiejacking », and it discloses your session cookies with your accounts' data like usernames and passwords once you drag and drop something to your computer's desktop from this browser.
For the security searcher Rosario Valotta, «cookiejacking » allows hackers to steal your session cookies and using them after to access accounts in any website. However, any user should first drag and drop elements from this navigator to his desktop. This breach involves all internet explorer versions.
Microsoft said that it is not considered as a high risk and user's informations could not be stolen by a hacker until the users visit malicious websites and do a drag dropping to their desktop, then it is not a big problem for microsoft and everything is ok !
0 commentaires