01:14:00
Latest News
Browse the Web using IE? Beware hackers you reached into yourcookie jar (cookie jar).
Rosario Valotta, an Italian computer security experts discovered asecurity vulnerability in IE, hackers can exploit this vulnerability to steal browser data file - that is commonly referred to as "cookies" -and use them to visit, like facebook, twitter this Loginpassword-protected website.
Valotta Earlier this month (of May) to the Hack in the Box and theSwiss Cyber Storm released a security conference of thevulnerability. He pointed out that the windows platform, all versions of IE browser zero-day attacks are present in the vulnerability thathackers can steal any sites left by the cookie.
"Any website, any cookie. you might imagine. "Valotta said.
The implementation of this attack, hackers need to know the web site user name. To get it, hackers had to trick computer users todrag an object display. Valotta by Facebook to create a jigsaw puzzle (for the beauty of the game allows users to "change clothes") confirmed the vulnerability.
"I put the game less than 3 days posted to Facebook, there aremore than 80 cookie sent to my server, but only 150 of my friends. "Valotta said.
However, Microsoft said the vulnerability will not have too great athreat to the user.
"Taking into account the level of user interaction required to attack, we do not believe that remote code execution would cause too much risk of the user. " Microsoft spokesman Jerry Bryant in a statement sent to CNET said.
"To complete the attack, the user must access a secure site, and was persuaded by clicking and dragging an object on the page, but the attacker must know the user has login the website. "declaration, "we encourage all users Avoid clicking on suspicious links and e-mail to guard against potential threats, while improvingnetwork security level. "
Posted in: 
博文
0 评论:
发表评论