A computer security researcher has found a flaw in Microsoft Corp's widely used Internet Explorer browser that he said could let hackers steal credentials to access FaceBook, Twitter and other websites.
The technique is called cookiejacking
"Any website. Any cookie. Limit is just your imagination," said Rosario Valotta, an independent Internet security researcher based in Italy.
The technique is called cookiejacking
"Any website. Any cookie. Limit is just your imagination," said Rosario Valotta, an independent Internet security researcher based in Italy.
Hackers can exploit the flaw to access a data file stored inside the browser known as a "cookie," which holds the login name and password to a web account, Valotta said via email
Once a hacker has that cookie, he or she can use it to access the same site, said Valotta, who calls the technique "cookiejacking."
The vulnerability has effect on every version of Internet Explorer including IE 9 of windows operating system.
To exploit the flaw, the hacker must persuade the victim to drag and drop an object across the PC's screen before the cookie can be hijacked.
Microsoft said there is little risk a hacker could succeed in a real-world cookiejacking scam.
Courtesy: in.reuters.com
This post is written by Ifham khan you can catch him on
