A security researcher has discovered a vulnerability in all versions of Internet Explorer, including IE9, on all versions of Windows. This vulnerability allows hackers to steal login information for any sites requiring passwords. The theft of one's credentials is achieved by taking advantage of a flaw in how Internet Explorer handles cookies. While it sounds alarming at first glance, this vulnerability does require a fair amount of interaction from a user for it to be successful - thus being another example of social engineering.
The Italian security researcher, Rosario Valotta, shared details of the attack in an interview with Reuters:
http://www.reuters.com/article/2011/05/25/microsoft-security-idUSN2517397120110525 The execution of this attack is done by convincing users to drag and drop an object across the screen to successfully obtain the cookie. Valotta managed to build a successful proof of concept of this flaw by coding a Facebook game which challenges users to undress a woman. According to Valotta: "I published this game online on Facebook and in less than three days, more than 80 cookies were sent to my server. And I've only got 150 friends."
Besides tricking users with sneaky puzzles, the vulnerability has little real world applications to have a greater impact. In a statement, Microsoft spokesperson Jerry Bryant states users should not be too concerned over the findings:
Given the level of required user interaction, this issue is not one we consider high risk. In order to possibly be impacted a user must visit a malicious website, be convinced to click and drag items around the page and the attacker would need to target a cookie from the website that the user was already logged into.
We recommend all users, not just those on Internet Explorer, to be wary of suspicious-looking applications and game requests sent by your Facebook friends.
(NW)