Google Engineer Finds Serious MS IE8 Flaw

Share: Email Story Twitter Facebook Stumbleupon Add to Any
by alaaron | September 9, 2010 at 05:37 pm
97 views | 0 Recommendations | 0 comments

Microsoft is looking into reports of a security issue in Internet Explorer 8. The problem lies with a CSS cross-origin theft issue that has been fixed in other browsers but remains open in IE, said a Google security engineer.

A description of the vulnerability was posted 3 September to the Full Disclosure mailing list by Google Information Security Engineer Chris Evans.

In a proof-of-concept, Evans demonstrated how the bug - a CSS (Cascading Style Sheets) cross-origin theft issue - could be used to force a victim to send a Twitter message.

Source: eweekeurope.co.uk

Advertisement
Share: email story | add to any | | facebook | stumbleupon

Most RecentMost Recommended Comments (0)

recommend Sign In or Join to post comments
in , , , , , , , , , , , , , , ,

What is NowPublic?

NowPublic lets people work together to cover news events around the world.

Find out more

Related Stories

Track this Story

 

closeSign in to NowPublic

Not a member?

JoinIt's free!

is reporting from
Member
NP Rank: