Microsoft has moved to fix a ‘0-day’ security flaw in the software giant’s Hotmail online email service following widespread hacking of accounts.
ProWorld editor Hotmail ‘disaster’. This time moving to fix a flaw in Hotmail’s password reset scheme which allowed anyone the ability to reset the password of someone else’s Hotmail account.
The flaw was reported by security researchers Vulnerability Lab but has also reportedly been exploited by Saudi hackers as early ago as the first week of April.
Last week PC Pro editor Barry Collins was invited by Microsoft to check out the current state of Microsoft’s online email service. Collins, a long time user of Google’s rival Gmail, came away impressed with a number of features of the service.
However in the last few days of the ‘experiment’, Collins’ Hotmail account was hacked and all of his email contacts spammed a malicious link.
It’s not known if Collins’ Hotmail was hacked using the same exploit Microsoft recently fixed but the timing is suggestive.
At the time Collins said: "I simply can’t trust Hotmail anymore."