Quick fix for Hotmail password bug

Updated on: 2012-04-27 || Source: bbc.com

Microsoft has rushed out a fix for a serious bug in its Hotmail webmail services.

The bug allowed a hacker to reset the password for a Hotmail account, locking out its owner and giving the attacker access to the inbox.

The fix was put together because the bug was starting to be actively exploited online.

One security news site reported that some hackers were offering to hack Hotmail accounts for $20 (£12).

Computer security researchers discovered the vulnerability in early April and told Microsoft about it soon afterwards. The bug revolved around the way Hotmail handles the data that must pass back and forth when a user wants to reset their password.

Details of the bug leaked out and led to attackers trying to find a way round it.

Using add-on tools for the Firefox browser, hackers realised they could tamper with the data passing between a user and Hotmail servers in a way that handed them control over an account they targeted.

As knowledge of the bug spread, some started offering to hack accounts for cash and others posted YouTube videos of Hotmail accounts being taken over in real time.

It is not clear how many Hotmail accounts have been hacked by attackers exploiting the bug. Those who have fallen victim will know because they will find they are locked out of their Hotmail account.

With the bug being "actively exploited", Microsoft found a way to fix it and updated Hotmail to close the loophole a day or so later. Now Hotmail servers return an error when attackers try to manipulate data exchanges.

Microsoft issued a short statement about the fix and said no further action was needed by customers.

Hotmail is the world's largest web-based email service and Microsoft claims that it has about 350 million users.

News

Blackphone 2 'privacy' Android handset revamped
Security firm Silent Circle has revamped its smartphone that helps people manage personal data.
Chinese smartphones mount massive web attack
More than 650,000 Chinese smartphones have been unwittingly enrolled in a massive attack that overwhelmed a web
Hilton investigates hack claims
The Hilton hotel group has said it is investigating claims its US shops and gift stores may be the source of
Twitter website 'blocked' in Turkey
Twitter users in Turkey report that the social media site has been blocked in the country.

SIGN UP FOR NEWSLETTER

Sign up to received our free newsletter!
Name:
E-mail ID:

MOST READ

Views: 6557 Times
Blue Blocks Menu - CSS Example READ MORE
Views: 2720 Times
Lulzsec: UK men plead guilty to hacking charges READ MORE
Views: 2891 Times
Smartphones top computers for U.S. Facebook time READ MORE
Views: 5458 Times
Creating a user locked folder in Windows 7 READ MORE
Views: 7149 Times
Validating forms with javascript READ MORE

Home|IT News|Computer Tips|Video Tutorials|Download Softwares|Subjects|Contact Us
Copyright © 2018. Jumbo Education (Information Technology). All rights reserved.
Free counter and web stats

Large Visitor Globe