Wired: MSN Messenger Exposes PasswordsAug 18, 1999, 21:30 (1 Talkback[s])
(Other stories by Andy Patrizio)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
"Anyone can get your MSN Messenger password if you walk away from your computer. ... The exploit can be reproduced by selecting 'Tools' from the menu, then 'Hotmail Inbox.' This will launch the user's browser to connect to Microsoft Hotmail. If the user quickly hits the stop button on the browser and then views the page HTML source, all of the user information is visible, including the password..."
"This exploit is only possible from the user's system. ... There is no risk of someone stealing an MSN Messenger password over the Net."
"By Friday, Microsoft will issue a patch that will block sensitive information being passed from the messenger to Hotmail... The update will add cryptography to the page, so if users try to get at the HTML code, it will appear as garbage characters."
0 Talkback[s] (click to add your comment)