By Felicity Ussher, 23 September 1998 12:32
NEWS The gang of programmers who discovered a security glitch in Microsoft Hotmail last August, claim that the problem has still not been fixed. Mark Cervantes, also known as "Blue Adept," has posted a program on his Web site that demonstrates the problem. Cervantes claims hackers can send an email attachment to Hotmail users which logs them out of the free email service, simulating a time-out. The attachment, written in Macromedia Shockwave, then offers users a bogus log-in page, which sends their confidential details back to the hacker. A statement on Cervantes' Because-we-can.com Web site said: "We are making information about Web-mail 'attackments' publicly available in order to warn Hotmail users against viewing Hotmail attachments in the short term." Microsoft and Hotmail have denied the allegations.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below