You might want to turn off password manager

Subject: General Tech | November 22, 2006 - 09:08 AM |
Tagged:

There is a new login and password vulnerability in both Firefox 2 and IE7.  Not quite a phishing attack, nor a full web page spoof, it can nonetheless capture entered user data.  Read more at this story on CNET.
 
Don't feel too singled out though, as there is also a 0-day exploit for Mac OS X floating out there too!

"Mozilla's Firefox 2 and Microsoft's Internet Explorer 7 are vulnerable to a flaw that could allow attackers to

steal passwords.

Dubbed a reverse cross-site request, or RCSR, vulnerability by its discoverer, Robert Chapin, the flaw lets

hackers compromise users' passwords and usernames by presenting them with a fake login form. Firefox Password

Manager will automatically enter any saved passwords and usernames into the form.

The data is then automatically sent to an attacker's computer without the user's knowledge, according to the

Chapin Information Services site. "

Here is some more Tech News from around the web:

Tech Talk


No comments posted yet.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.