ICANN, which stands for the Internet Corporation for Assigned Names and Numbers, will meet next week at a conference focusing on the security of the domain name system. Specifically, the conference will question whether the directories which house the information which controls the direction of internet traffic are water-tight in their security.
Meanwhile, Microsoft has warned that versions 5.5 and 6.0 of its Internet Explorer can be exploited to expose the personal data contained in cookies. Cookies are small files used by web sites to store user information or preferences. Many sites use cookies to store passwords and some use them to store credit card details. The risk means that these details could fall into the wrong hands.
According to Microsoft:
“A vulnerability exists because it is possible to craft a URL that can allow sites to gain unauthorised access to user’s cookies and potentially modify the values contained in them. Because some web sites store sensitive information in a user’s cookies, it is also possible that personal information could be exposed.”
The company is preparing a patch to address the problem. In the meantime, it recommends that users protect their systems by disabling active scripting.
Further concerns have been raised in relation to personal firewalls, software that is designed with the aim of heightening PC security. A report published by Robert Keir, chief software engineer for security services company Foundstone has demonstrated that manipulation of a Microsoft Windows facility which allows one program to control another can circumvent a firewall’s protection system.
Creators of firewall software have pointed the finger at Microsoft and maintain that the security hole has been demonstrated to Microsoft in the past.