A huge security flaw in Microsoft's Passport system was disclosed late on May 7th and has apparently already been fixed by Microsoft. The flaw allowed an attacker to change a passport account's password by typing in a simple URL into his browser. I just tried the exploit on my own passport account and I didn't receive a password change email from the server, so it's probably fixed. Scary though.
In any language, Microsoft does not equal security. I guess that could be written as Microsoft <> security, or Microsoft != security, or Microsoft == insecurity, etc. Sorry, I am in the middle of a programming course right now so please excuse the geek out on alternative logical operator syntax.
In any language, Microsoft does not equal security. I guess that could be written as Microsoft <> security, or Microsoft != security, or Microsoft == insecurity, etc. Sorry, I am in the middle of a programming course right now so please excuse the geek out on alternative logical operator syntax.
Another Microsoft security flaw....so? What else is new?