You might want to turn off password manager
Subject: General Tech | November 22, 2006 - 12:08 PM | Jeremy Hellstrom
There is a new login and password vulnerability in both Firefox 2 and IE7. Not quite a phishing attack, nor a full web page spoof, it can nonetheless capture entered user data. Read more at this story on CNET.
Don't feel too singled out though, as there is also a 0-day exploit for Mac OS X floating out there too!
"Mozilla's Firefox 2 and Microsoft's Internet Explorer 7 are vulnerable to a flaw that could allow attackers to
Dubbed a reverse cross-site request, or RCSR, vulnerability by its discoverer, Robert Chapin, the flaw lets
hackers compromise users' passwords and usernames by presenting them with a fake login form. Firefox Password
Manager will automatically enter any saved passwords and usernames into the form.
The data is then automatically sent to an attacker's computer without the user's knowledge, according to the
Chapin Information Services site. "
Here is some more Tech News from around the web:
- New Windows Mobile
"Crossbow" reviews hit the 'Net @ Ars Technica
- Holiday 2006 - Top Five Techie Things That She Wants for Christmas @ Futurelooks
- Nintendo Wii review @ GH
- PlayStation 3 Utilizes
Bluetooth Technology In Its Controllers @ Blue Tomorrow
- eVGA 680i Motherboard GiveAway @ Gamepyre