Security News > 2016 > April > Microsoft plugs online services account hijacking vulnerability (Help Net Security)

Microsoft plugs online services account hijacking vulnerability (Help Net Security)
2016-04-06 14:31

London-based security researcher and bug hunter Jack Whitton has discovered a serious cross-site request forgery flaw affecting Microsoft’s authentication system for online services. A successful exploitation of the vulnerability could allow attackers to collect users’ login tokens and use them to impersonate users on Microsoft’s services, but the good news is that the Redmond giant took only two days to plug the security hole once they knew about it. “Microsoft, being a huge company, have … More →


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/1kvGgeaGiBg/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774