Flaws in Microsoft Internet Explorer found

By Our Convergence Bureau | 13 Aug 2002

1

San Francisco: Security researchers claim that they have found serious flaws in Microsoft’s Internet Explorer (IE) browser and in PGP, a widely-used data scrambling programme, that could expose credit card and other sensitive information of Internet users.

The IE problem has been around for at least five years and could allow an attacker to intercept personal data when a user is making a purchase or providing information for e-commerce purposes, says Mike Benham, an independent security researcher based in San Francisco.

“If you ever typed in credit card information to a Secure Sockets Layer (SSL) site, there’s a chance that somebody has intercepted it,” he adds. “IE fails to check the validity of digital certificates used to prove the identity of websites, allowing for an undetected, man-in-the-middle attack.”

Digital certificates are typically issued by trusted certificate authorities, such as VeriSign, and used by websites in conjunction with the SSL protocol for encryption and authentication. Anyone with a valid digital certificate for any website can generate a valid certificate for any other website, says Benham. “I would consider this to be incredibly severe.”

Cryptography expert Bruce Schneier, co-founder and chief technology officer at Counterpane Internet Security, a California-based network monitoring firm, agrees: “This is one of the worst cryptographic vulnerabilities I’ve seen in a long time. What this means is that all the cryptographic protections of SSL don’t work if you’re a Microsoft IE user.”


Business History Videos

History of hovercraft Part 3 | Industry study | Business History

History of hovercraft Part 3...

Today I shall talk a bit more about the military plans for ...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of hovercraft Part 2 | Industry study | Business History

History of hovercraft Part 2...

In this episode of our history of hovercraft, we shall exam...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Hovercraft Part 1 | Industry study | Business History

History of Hovercraft Part 1...

If you’ve been a James Bond movie fan, you may recall seein...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Trams in India | Industry study | Business History

History of Trams in India | ...

The video I am presenting to you is based on a script writt...

By Aniket Gupta | Presenter: Sheetal Gaikwad

view more
View details about the software product Informachine News Trackers