Microsoft rushes out a password bugfix for Hotmail

HotmailMicrosoft today have fixed a password bug in their Hotmail email service, in which a hacker could gain access to an account and change the users password, thus not only locking the user out of their account, but potentially stealing sensitive data.

“Microsoft says it has fixed a serious vulnerability in Hotmail, that was allowing hackers to reset account passwords, locking out the account’s real owner and giving attackers access to users’ inboxes.

News of the critical bug spread rapidly across underground hacking forums, and Whitec0de reported earlier this week that hackers were offering to break into any Hotmail account for as little as $20.

It appears that the vulnerability existed in Hotmail’s password reset feature. Hackers were able to use a Firefox add-on called Tamper Data to bypass the normal protections put in place to protect Hotmail accounts.”

Read the full article at NakedSecurity blog from Sophos HERE

Advertisements
This entry was posted in Computer and Internet, Hackers, Malware, Microsoft and tagged , , , , . Bookmark the permalink.

Please do leave a comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s