Security 10812 Published by

Microsoft has patched a zero-day flaw in its Hotmail email service which hackers were using to steal emails and details of the victims' contacts, according to researchers at security firm Trend Micro.



From v3.co.uk:
In a Monday blog post, threat response engineer Karl Dominguez explained that the victim needs only to open the specially crafted message for it to execute an embedded script. The URL to which the script connects varies according to the Hotmail user's ID and a pre-defined number, indicating that the attacks are highly targeted, Dominguez said.
  Microsoft patches information-stealing Hotmail bug