If you have a Hotmail account, be very afraid (serious bug)

Edited/Distributed by HURINet - The Human Rights Information Network
## author     : declan@well.com
## date       : 30.08.99

                     Hotmail Accounts Exposed to All by
                     Declan McCullagh

                     8:05 a.m.  30.Aug.99.PDT

                     A catastrophic security flaw in
                     Microsoft's Hotmail service lets anyone
                     read the private correspondence of
                     about 50 million subscribers.

                     The bug appears to affect all customers
                     of what Microsoft says is "the world's
                     largest provider of free Web-based
                     email." ...

                     The exploit, verified by Wired News,
                     works this way: A Web page with nine
                     lines of HTML code can connect to a
                     Hotmail server without requiring a user
                     to enter a password.


Send mail for the 'huridocs-tech' list to 'huridocs-tech@hrea.org'.
Mail administrative requests to 'majordomo@hrea.org'.
For additional assistance, send mail to: 'owner-huridocs-tech@hrea.org'.
Archives of previous messages posted to the list can be found at:

[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]