Is Wang Jing , a doctoral student at Nanyang Technological University in Singapore has seen a bug that allows hackers to use phishing techniques in an attempt to steal user details logil unnoticed . Similarly, as quoted PULSAonline via CNET .
The bug basically allows cyber criminals to use a real web authentication to turn a popup phishing , instead of the more common ways to make a fake domain . Well , in the process , the hacker will receive a user login credentials .
Cracks vulnerability is said to have plagued many famous sites , including Facebook , Google , Yahoo , LinkedIn , PayPal , and Microsoft .
Google ( which uses OpenID ) said it amid the problem track . While LinkedIn says that the company has published a blog related issues being talked about this . The software giant , Microsoft , claims to have conducted an investigation while the associated vulnerability exists in the domain of a third party and not on his site .
To patch the vulnerability gap Wang said not as easy to say . However , Wang also said that if all third-party applications are strictly adherent use the white list , there is no space for an attack .
" Patching the vulnerability gap is easier said than done . If all third-party applications are strictly adherent using a white list , there will be no room for an attack , " said Wang .
Furthermore wang said , because in the real world , the majority of third-party applications do not adhere to it , making OAuth 2.0 based system or OpenID becomes very vulnerable .
No Comment to " Watch out! New Cracks Discovered Vulnerability in Some Famous websites "