Thanks Don Williams for the heads up.
The recent exploit allowing hackers to bypass the country, state and zip code part of the password reset feature in Hotmail has been fixed. Hackers used this exploit to get desired E-Mail addressess from Hotmail by guessing easy secret questions after the bypassing of the country, state, and zip code. Many people used easy questions allowing their account to be compromised. The "hack" or exploit was done by entering a valid country, state, and zip code to your own account then going to the next stage, after that you had to save the html to your computer and simply change the E-Mail address in the html coding. Then when you opened the file and clicked next, the users secret question would show. All you had to do was guess the correct answer and give a new valid password and the account password would be reset. I have had no word on how many knew the exploit or how many accounts were compromised as of yet. As far as I know Microsoft has not gone public with the fix.
News source: Datakill
-1 Comments - Add comment