A software security researcher has warned that the password manager features of Mozilla’s open source, Firefox 2.0 and Microsoft’s (Nasdaq: MSFT), Internet Explorer (IE) Web browsers could be exploited, placing unsuspecting users at risk.
Users of Firefox or Explorer, both of which may be vulnerable to the attack known as “Reverse Cross Site Request” (RCSR), are not fooled directly by the password theft exploit. Instead, it provides a fake login site that fools a browser’s saved password feature into automatically providing the information, Robert Chapin, president of Chapin Information Services, reported.
Microsoft and Mozilla acknowledge about this probem. While waiting for the next update for this security issue, please disable Passwod Manager in your Firefox.
[via TechNewsWorld][tags]firefox, ie, security, vulnerable[/tags]
Cypher: Btw incase you don’t know yet, you also can discover saved passwords in Firefox. It is really dangerous if your computer use by multiple users.