

Another IE fail - joshmlewis
http://www.pcmag.com/article2/0,2817,2386087,00.asp

======
dchest
The title is "Cookiejacking Exploit Hits Internet Explorer, Targets Your Login
Info".

------
jpadvo
Likejacking is already a widespread plague, and this is even worse. Instead of
tricking users into invisibly clicking a like button, they can trick users
into invisibly giving away their login info. Expect to see a lot of Facebook
spam from this in the coming months as the bad guys learn about this.

Especially since it sounds like Microsoft is not going to fix this anytime
soon.

------
pipeline_tux
> Cookiejacking Exploit Hits Internet Explorer, Targets Your Login Info

This makes it sound like they're going to be able to get your password... No
major website will be storing your password in a cookie. At worst the attacker
will have your session id meaning they can log in as you until you log out of
the website in question.

------
thrill
""We encourage all customers to protect themselves against potential issues by
avoiding clicking on suspicious links and e-mails, as well as adjusting
Internet settings to higher security levels."

Let's clarify that ... "we suggest not using Internet Explorer to explore the
internet."

