Imperfection of security in Internet Explorer allows robbery of passwords

A researcher of the security area affirmed to Reuters in this thursday (26/5) that an imperfection in Internet Explorer navigator can allow the robbery of passwords of sites as Twitter and Facebook. “Any site. Any cookie. The limit is in its imagination”, affirmed the independent researcher Italian Valotta Rosary. It defined the imperfection as “sequestration of cookies”.

In accordance with Valotta, hackers could get access the archives stored for browser - the calls “cookies” - through the imperfection. Between the archives, they could be the names of users and passwords for accounts of sites of web.

The vulnerability affects all the versions of the navigator, including Internet Explorer 9, launched recently for Microsoft. According to Valotta, hacker must persuardir a victim to drag an object for the screen of the computer so that cookie either sequestrado. Although to seem a difficult task, the researcher affirmed to have obtained 80 cookies in three days applying the technique in the Facebook. “And alone I have 150 friends in my list”, said.

Microsoft, on the other hand, affirmed that it does not have great risk of hacker to get success with the tram. “To be affected, a necessary user to visit a site suspected, to be convinced to drag item for the page and the aggressor would need to have as white coookie of a site which the user was connected at that moment”, it affirmed Jerry Bryant, spokesman of the company.