A Google security engineer claims that a bug in Internet Explorer 8 can be used to access users’ data and their web accounts, so that an attacker could do such things as send unauthorized tweet’s from a user’s Twitter account. It’s the CSS cross-origin theft bug that’s been tracked by researchers at Carnegie-Mellon for several years. IE 9 fixes the vulnerability and Microsoft has issued a statement that they’re investigating, but are unaware of any actual attacks that attempt to use the claimed vulnerability. Read more here:
About The Author
Deb Shinder
Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.
Read Next
Netwrix Releases First Ever Hybrid Cloud Visibility Solution
Netwrix Auditor 8.0 enables security threat prevention and increases visibility into data stored both on-premises and in the cloud
How does Windows 10 intrude your privacy?
SoftOrbits is reporting on ways to stop Windows 10 spying on users.
Microsoft might add public-key pinning technology
Public key pinning can help to protect against man-in-the-middle attacks and according to recent reports, Microsoft is considering adding it to IE
Most Devs don’t use a Security Process
According to a study conducted by ComScore and referenced by Microsoft's head of Trustworthy Computing, fewer than half of developers are using a security development…