ICANN, which stands for the Internet Corporation for Assigned
Names and Numbers, will meet next week at a conference focusing on
the security of the domain name system. Specifically, the
conference will question whether the directories which house the
information which controls the direction of internet traffic are
water-tight in their security.
Meanwhile, Microsoft has warned that versions 5.5 and 6.0 of its
Internet Explorer can be exploited to expose the personal data
contained in cookies. Cookies are small files used by web sites to
store user information or preferences. Many sites use cookies to
store passwords and some use them to store credit card details. The
risk means that these details could fall into the wrong hands.
According to Microsoft:
“A vulnerability exists because it is
possible to craft a URL that can allow sites to gain unauthorised
access to user’s cookies and potentially modify the values
contained in them. Because some web sites store sensitive
information in a user’s cookies, it is also possible that personal
information could be exposed.”
The company is preparing a patch to address the problem. In the
meantime, it recommends that users protect their systems by
disabling active scripting.
Further concerns have been raised in relation to personal
firewalls, software that is designed with the aim of heightening PC
security. A report published by Robert Keir, chief software
engineer for security services company Foundstone has demonstrated
that manipulation of a Microsoft Windows facility which allows one
program to control another can circumvent a firewall’s protection
system.
Creators of firewall software have pointed the finger at
Microsoft and maintain that the security hole has been demonstrated
to Microsoft in the past.
