Internet Explorer Open to ‘Cookiejacking’

Posted by at 1:53 am on May 26, 2011

An independent security researcher, Rosario Valotta, suggests Internet Explorer is vulnerable to attacks that target the private data stored in HTTP cookies. The flaw is said to leave users open to what Valotta calls “cookiejacking,” a method that hackers can reportedly use to access a cookie and log into victims’ various online accounts.

The vulnerability is said to require users to drag and drop an item across the screen. Volatta claims to have created a Facebook app that exploits the flaw by requiring users to virtually undress a woman, enabling him to amass 80 cookies from his total list of just 150 friends.

Microsoft suggests the requirement for user interaction is unlikely to be used in an actual hacking scenario, company spokesman Jerry Bryant told Reuters .

The vulnerability is said to potentially affect all versions of Internet Explorer running on any Windows edition.

Leave a Reply

Sign Up For Our Newsletter

Sign up to receive breaking news
as well as receive other site updates

Enter your Email


Preview | Powered by FeedBlitz

Log in

Copyright © 2008 - 2020 · StreetCorner Media , LLC· All Rights Reserved ·