Internet Explorer Loophole Let The Cookie Jacking Monster In

Computers & Technology

  • Author Penny Lee
  • Published August 3, 2011
  • Word count 567

What has a broad user base, tons of glitches and a loophole that lets hackers have access to your personal information including your credit card information? Internet Explorer. Maybe the real question is, why use a browser that puts your system and information at risk?

For a Browser that is commonly known for it's bugs, Internet Explorer continues to enjoy a large user base. Explorer's broad user base and glitchy system make it the perfect target for hackers looking for a loophole to gain access to information. Explorer also dubbed "Exploder" by many web designers has recently gained a lot of attention for one of it's most recent flaws. This flaw, called "cookiejacking", allows hackers to gain access to your passwords, credit card information, and various other data stored in a cookie from any website.

This particular flaw is found in any version of Internet Explorer used in any version of Windows. Clever hackers have found a way to turn a seemingly harmless action into a gateway to your personal information. Hackers are currently able to gain access to users cookies from any website when the system user initiates the drag and drop action. Often times this action is instigated through some devious and fraudulent technique disquised as a legitimate advertisement or query targeted at gaining your personal information.

An Independent researcher, Rosario Valotta, demonstrated proof of "cookiejacking" at the recent Hack in the Box security conference in Amsterdam. Valotta specifically targeted cookies issued by Facebook, Twitter and Google Mail which are the most common targets of scams designed to gain personal information, in his demonstration. Valotta also said, "the technique can be used on virtually any website and affects all versions of Windows. You can steal any cookie," he told The Register.

Microsoft has stated that this type of hack is "low risk" and urges users to be more vigilant about the sites they visit and apparently turning on the "private browsing feature" prevents access to the cookie files saved on disk and in active session memory. Microsoft believes that people will not be easily duped into performing a task that allows entry. I think this is an underestimation on how clever hack schemes can be as well as the common users ability to identify a ploy. Moreover, I'm just plain tired of bugs, patches, fixes and flaws for a such a widely used web browser. With competition ranging from Google Chrome to Firefox, I'm surprised at how many people stay loyal to Internet Explorer. Any of these browsers allow hassle free searching presented in a clear manner and without all the problems or security risks.

With the large amount of business done online today companies and individuals can't afford to be nonchalant about their computer security no matter how "low risk" the threat is. As Microsoft says, If it's easy enough to avoid risky sites, then by applying the same logic, it's easy enough to avoid risky browsers such as Exploder. It only takes one successful attack to put your company and personal information at risk.

As a rule any Business should look into hiring certified computer network techs or an IT support company for additional security support. If you have any concerns as to whether your system or network has been put at risk you should consult a computer repair or support specialist. As with any line of defense the best protection is prevention.

Penny Lee specializes in providing reliable computer support and computer repair to businesses that want to improve productivity and profitability. With IT support and Computer Networking that better maps to your business, you’ll never have to worry about technology again.

Article source: https://articlebiz.com
This article has been viewed 1,248 times.

Rate article

Article comments

There are no posted comments.

Related articles