Independent Internet security researcher has found a new vulnerability in Microsoft Internet Explorer

Source: Internet
Author: User
Keywords Hackers can exposed
Tags access calls cookie cookies hackers hackers can hacking internet

According to foreign media reports, an Italian independent Internet security researcher named Rosario Varotta (Rosario Valotta) found a new loophole in Microsoft Internet Explorer, which is said to have exploited the vulnerability to steal cookies that record user names and passwords used to access the site. He calls that hacking technology "cookiejacking".

Varota said: "Any Web site, any cookie can be stolen through the cookiejacking technology." Only you can not imagine, there is no it can not do. ”

Varota in an e-mail message that hackers can exploit this vulnerability to steal data files stored inside the browser called Cookies, which hold user names and passwords for users accessing each site.

Varota says hackers can access the same Web site after stealing access to users, a technology called "cookiejacking."

According to Varota said, all versions of the Windows operating system in all versions of IE have this vulnerability, IE 9 is no exception.

Exploiting this loophole, Varota says, hackers can hijack the IE-browser cookie in the PC by luring a user to drag an object onto the PC screen.

Although this may seem a bit difficult, Varota claims that he can do it fairly easily.

Microsoft says the chances of hackers being successful in real cookiejacking are extremely low.

"Given the cookiejacking need for user involvement, we think the risk is not high," said Jerry Bryant, a spokesman for Microsoft, Jereblent. Users must visit a malicious Web site, be tempted to click and drag objects on the Web page, hackers can steal to record the user login information cookies. ”

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.