Options
Microsoft patches Hotmail hole
A security hole was discovered in Microsoft's Hotmail Web service a few days ago, which would potentially allow a whole host of nasty people access to Hotmail users email accounts. The vulnerability was detected by the security company Finjan Software Inc and Microsoft have now reported the hole has been plugged. However once again, this news gives Hotmail users around the globe cause for concern.
[blockquote]The new security flaw, known as a cross-site scripting vulnerability, could be used to create an Internet worm that steals e-mail addresses from Hotmail users' accounts, captures credit card numbers or installs Trojan horse programs, Finjan said. The vulnerability exists in the way that Hotmail treats e-mail containing ActiveX controls, which are small, portable pieces of software code that enable programmers to embed sophisticated user interface elements into Web pages for use over a corporate intranet or the Internet. Hotmail content filters do not adequately block e-mail messages containing the controls, Finjan said. [/blockquote]
[link=http://www.infoworld.com/article/03/10/15/HNhotmailpatch_1.html]The full report[/link]
[blockquote]The new security flaw, known as a cross-site scripting vulnerability, could be used to create an Internet worm that steals e-mail addresses from Hotmail users' accounts, captures credit card numbers or installs Trojan horse programs, Finjan said. The vulnerability exists in the way that Hotmail treats e-mail containing ActiveX controls, which are small, portable pieces of software code that enable programmers to embed sophisticated user interface elements into Web pages for use over a corporate intranet or the Internet. Hotmail content filters do not adequately block e-mail messages containing the controls, Finjan said. [/blockquote]
[link=http://www.infoworld.com/article/03/10/15/HNhotmailpatch_1.html]The full report[/link]
0