Slashdot Mirror


Yahoo and Hotmail Filter Flaw

gandam writes "Israeli computer security firm GreyMagic Software has detected a serious security flaw in Yahoo's Web e-mail service and Microsoft Corp.'s Hotmail service, which could allow hackers to run malicious scripts on users' computers. I tried sending a mail to my yahoo account and it never reached my mailbox. According to the website, all attempts to contact Yahoo unfortunately failed. Mail was sent to security and secure at yahoo.com and at yahoo-inc.com. No replies were received to date. Works only in IE5, though."

1 of 250 comments (clear)

  1. Yahoo failure, or MS plot? by jettoblack · · Score: 1, Redundant

    Its nice that MS has fixed this already... and annoying that Yahoo hasn't acknowledged it yet... ...but when will MS address this problem at the true source, i.e. by patching the bug in IE that allows this exploit to work? Or are they just trying to make Yahoo look bad?

    MS, having the IE and Hotmail source code, knows the exact details of the bug. By fixing it only on the Hotmail side, they've left other competing webmail providers vulnerable, who will have a hard time fixing the bug without access to the IE source code? Just a wild guess...