The Register posted an article about a bug that could cause Internet Explorer to post tweets just by visiting a website like this one. Of course, since the exploit works by stealing the credentials of other active sessions in your browser, Chris' concept can be tweaked to access just about any site where people tend to stay logged in, such as facebook or gmail.
Of course, just about every other browser in existence has already fixed this bug.
What gives with Microsoft not doing anything with IE? They always seem not too interested in securing it.
ReplyDelete