BBC Sci/Tech reports that members of the security group 2600 have been investigating this problem since coming across it on Friday. They found a different hole to one reported several months ago involving a specific computer port.
Using the Morpheus program, they found a way of getting a random list of people using the service.
They could then obtain details of the files on a user's hard drive and make copies of any file. This includes software installed on a computer or a list of websites that person visited.
Read more...
"We're not sure what it is that makes some Morpheus members vulnerable to this," said one, who asked to remain anonymous. "Potentially this could make every user's computer available to anyone who wants to have a look at it. "All we know is that there's a major gap that's allowing certain users to become vulnerable."
Using the Morpheus program, they found a way of getting a random list of people using the service.
They could then obtain details of the files on a user's hard drive and make copies of any file. This includes software installed on a computer or a list of websites that person visited.
Read more...
"We're not sure what it is that makes some Morpheus members vulnerable to this," said one, who asked to remain anonymous. "Potentially this could make every user's computer available to anyone who wants to have a look at it. "All we know is that there's a major gap that's allowing certain users to become vulnerable."
