Microsoft plugs another passport vulnerability
Spinner
Birmingham, UK
Microsoft has disclosed that the latest vulnerability in its .NET passport system only actually affected a small number of accounts, all of which that were created before August 1999. They also stated that no actual data was compromised, however the fact that they only became aware of the glitch after a hacker informed them about it, doesn't inspire confidence.
The full report:
http://rss.com.com/2100-1009_3-1023032.html?type=pt&part=rss&tag=feed&subj=news
Hotmail accounts that don't have a secret question set for password recovery were vulnerable to being taken over by an attacker. It's the second time in two months that a security issue has been found in Passport's password recover mechanism.
The full report:
http://rss.com.com/2100-1009_3-1023032.html?type=pt&part=rss&tag=feed&subj=news
0