Microsoft working on fix for IE bug that exposes user credentials

Microsoft is working on a fix for a serious vulnerability in all the latest versions of Internet Explorer (IE) that could be exploited to reveal the login credentials of users.

A proof-of-concept attack (POC) uses a cross-site scripting (XSS) security exploit in which the attacker inserts malicious coding into a link that appears to be from a trustworthy source.

When someone clicks on the link, the embedded programming is submitted as part of the client’s web request and can execute on the victim’s computer, typically allowing the attacker to steal information.

The latest zero-day vulnerability reportedly works on IE11 for Windows 7 and 8.1, allowing attackers to steal login credentials and inject malicious content into users’ browsing sessions.

The POC exploit shows that attackers could use malicious web pages to bypass the same origin policy that prevents one site from accessing or modifying browser cookies set by another site.

The flaw was disclosed on the Full Disclosure mailing list by David Leo, a researcher with security consultancy firm Deusen.

The POC exploit page contains a link that when clicked opens the dailymail.co.uk website in a new window, but after seven seconds the site’s content is replaced with “Hacked by Deusen”.

The rogue page is loaded from an external domain, but the browser’s address bar keeps showing http://www.dailymail.co.uk.

The POC attack could also be used to steal HTML-based data the news site stores in cookies on visitors’ computers.

That means attackers could use the exploit to steal authentication cookies many websites use to grant access to user accounts once a visitor has entered a username and password.

Read more at: Microsoft working on fix for IE bug that exposes user credentials by Warwick Ashford

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s