IE “cookiejacking” security hole discovered, affecting all versions

Posted 28 May 2011 08:00 CEST by wconeybeer

A new Zero-Day exploit has been discovered to exist in every version of Internet Explorer, and, with the help of a little social engineering, it has the potential to get a hold of personal data by stealing a user’s cookies.

Italian security researcher Rosario Valotta discovered the vulnerability and recently demonstrated a successful exploit at Swiss Cyber Storm and Hack in the Box security conferences.

“Any website. Any cookie. Limit is just your imagination,” Valotta told Reuters about the exploit technique he refers to as “cookiejacking.”

The problem lies in the fact that IE cookies are exempt from a security zone mechanism in the browser that prevents webpages from being able to access locally stored content. To get a hold of a user’s data in this way, however, a cyber-criminal must find a way to get the person to drag and drop the cookie information into their main browser window.

While that sounds like a convoluted way to steal data, it’s not as difficult as one would think.

“I published this game online on FaceBook and in less than three days, more than 80 cookies were sent to my server. And I’ve only got 150 friends,” Valotta says. A video of his “game,” which lures users to make the required drag and drop moves by promising users a picture of a naked woman for solving a simple puzzle, can be viewed on YouTube.

Microsoft, however, does not feel that the threat is very serious.

“Given the level of required user interaction, this issue is not one we consider high risk,” said Microsoft spokesperson Jerry Bryant. “In order to possibly be impacted a user must visit a malicious website, be convinced to click and drag items around the page and the attacker would need to target a cookie from the website that the user was already logged into.”

It honestly sounds to me that Microsoft is underestimating the craftiness of cyber-criminals, while overestimating the common sense skills of IE users that would prevent them from falling victim to these socially-engineered exploits. Hopefully a patch will be issued soon to close this vulnerability.



Jeffrey_P
MyCE Member
Posted on: 28 May 11 22:29
Wow this is news . Haven't used IE 6,7,8 with good reason.
Jeff
0 Agree

tmc8080
MyCE Resident
Posted on: 30 May 11 22:07
Are cookies even used anymore? You should be able to limit the kinds of info that cookies track.. at least push in false tracks so that etailers can't gouge you when your interesting in buying something and they gauge how much your willing to pay by your cookies... that's just abuse. Example: airlines
0 Agree

DrageMester
Retired Moderator
Posted on: 30 May 11 22:11
Quote:
Originally Posted by tmc8080
Are cookies even used anymore?
Your browser just used a cookie to tell the MyCE server who you are, so that you stay logged in on this forum.
0 Agree

Jeffrey_P
MyCE Member
Posted on: 30 May 11 22:38
Quote:
Originally Posted by tmc8080
Are cookies even used anymore? You should be able to limit the kinds of info that cookies track.. at least push in false tracks so that etailers can't gouge you when your interesting in buying something and they gauge how much your willing to pay by your cookies... that's just abuse. Example: airlines
Of course cookies are still used.
How do you think target advertising works?
I block as many as possible.. Still there's workarounds to keep spamming us.
Jeff
0 Agree

Reactions closed

Sorry, you can't comment on this item anymore. It's either too old or comments are disabled for this post.

Myce.com settings

Several settings at Myce.com can be changed, they are stored in cookies, which means they will be reset if you clear Myce.com cookies

Background

Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here

Layout

Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page

×