Independent Internet security researcher has found a new vulnerability in Microsoft Internet Explorer

According to foreign media reports, an Italian independent Internet security researcher named Rosario Varotta (Rosario Valotta) found a new loophole in Microsoft Internet Explorer, which is said to have exploited the vulnerability to steal cookies that record user names and passwords used to access the site. He calls that hacking technology "cookiejacking".

Varota said: "Any Web site, any cookie can be stolen through the cookiejacking technology." Only you can not imagine, there is no it can not do. ”

Varota in an e-mail message that hackers can exploit this vulnerability to steal data files stored inside the browser called Cookies, which hold user names and passwords for users accessing each site.

Varota says hackers can access the same Web site after stealing access to users, a technology called "cookiejacking."

According to Varota said, all versions of the Windows operating system in all versions of IE have this vulnerability, IE 9 is no exception.

Exploiting this loophole, Varota says, hackers can hijack the IE-browser cookie in the PC by luring a user to drag an object onto the PC screen.

Although this may seem a bit difficult, Varota claims that he can do it fairly easily.

Microsoft says the chances of hackers being successful in real cookiejacking are extremely low.

"Given the cookiejacking need for user involvement, we think the risk is not high," said Jerry Bryant, a spokesman for Microsoft, Jereblent. Users must visit a malicious Web site, be tempted to click and drag objects on the Web page, hackers can steal to record the user login information cookies. ”