Technology news and Jobs 
Information Technology News Firefox flaw enables hackers to steal passwords
Information Technology News Firefox flaw enables hackers to steal passwords | Firefox flaw enables hackers to steal passwords |
|
| by Stan Beer | |
| Thursday, 23 November 2006 | |
|
According to Chapin, the flaw could affect anyone visiting a weblog or forum website that allows user-contributed HTML codes to be added. Basically, what can occur is that a hacker can put up a fake form on a trusted site like MySpace (which has reportedly already occurred) and users simply have to click on the form for their saved passwords to be transmitted to the hacker's website. Worse still, a hacker can put up an invisible form on a page and users can unwittingly transmit their passwords unwittingly by clicking on the part of the page that contains the invisible form. On his website, Chapin says that Internet Explorer 7 users could also be vulnerable to such attacks but less so because passwords will not automatically be transitted in Internet Explorer unless the RCSR form appears on the same page as a legitimate login form. The good news for Firefox users is that the problem is easily fixed until a patch is made available. They can simply untick the remember passwords for sites box which is accessible from the tools menu and selecting options then security.{moscomment}
Get stories like this delivered daily - FREE - subscribe now
|
Tags
| < Next story in category | Previous story in the category > |
|---|
