IE Flaw Access to Facebook, Gmail, Twitter Accounts

IE9 IE  [Internet Explorer] Flaw Could Allow Hackers Access to your Facebook, Gmail, Twitter Accounts –  A security researcher discovered a ‘cookiejacking’ flaw in all IE versions that could allow an attacker to steal your session cookies and then log onto your password-protected sites such as Gmail, Facebook or Twitter.

via Privacy and Security Fanatic: IE Flaw Could Allow Hackers Access to your Facebook, Gmail, Twitter Accounts.

Microsoft claims even though Valotta said it was easy to do there is little risk a hacker could succeed in a cookie jacking scam like that and the issue is not one the company calls a high risk.

6 thoughts on “IE Flaw Access to Facebook, Gmail, Twitter Accounts

  1. Oh boy here we go again. As a veteran of the industry I have been asked by parents as well as younger people what I think a good career path in tech would be.

    My #1 answer? IT Security

  2. Seems like it needs to rely on quite a convoluted clickjacking there though. Mind you, I’m always underestimating how easy it is to fall for social engineering hacks – his puzzle was a pretty elegant solution.

  3. Thanks for posting this tt.

    There is/was an almost identical problem with Firefox and a browser add-on called Firesheep. Don’t really know if that issue was resolved by the Mozilla community.

    • I think this is a tip of the iceberg and we are silly if we think that browsers are not leaking information.

      Not so “private browsing” > In light of the “private browsing” claims being made, chrome internet explorerStanford University conducted research to investigate the privacy of the “private browsing” feature on some web browsers (Internet Explorer, Firefox, Chrome and Safari). Apparently, many popular browser extensions and plugins undermine the security of private browsing and many kinds of information can be leaked by browsers when using the “private browsing” mode. http://onecoolsitebloggingtips.com/2010/08/10/not-so-private-browsing/

Comments are closed.