Microsoft has rushed out a fix for a critical security flaw in its Hotmail email service's login process, in a bid to stop hackers taking control of users' accounts.
Microsoft's security team confirmed it has fixed the password security flaw in a message on Twitter.
On Friday we addressed a reset function incident to help protect Hotmail customers, no action needed— Security Response (@msftsecresponse) April 26, 2012
The flaw was originally discovered by Vulnerability Lab researchers who explained that the flaw allowed hackers to hijack Hotmail users' accounts.
"The vulnerability allows an attacker to reset the Hotmail/MSN password with attacker chosen values. Remote attackers can bypass the password recovery service to setup a new password and bypass in place protections," read the research note.
"Successful exploitation results in unauthorised MSN or Hotmail account access."
Hacker and security groups have previously warned that there is a second "critical vulnerability" in Hotmail being exploited by hackers - though as noted by the WhiteC0de security blog, no evidence has emerged to prove this rumour.
"[R]umour has it that there exists another critical vulnerability but its knowledge is limited to only the hackers who frequent the dark web," read the blog post.
V3 has contacted several leading security researchers to try and verify the authenticity and plausibility of the second critical security flaw rumour, but at the time of publication had received no reply.
The exploit follows warnings from PriceWaterhouseCoopers (PwC) that the threat from cyber crime in the UK is rising, with the number of attacks targeting British company's doubling over the last year.
Dust storm on Titan only the third Solar System body where such storms have been observed
New technique could enable quantum computers to scale-up to millions of qubits
Systrom and Krieger taking time off "to explore our curiosity and creativity"
Comcast's £29.7bn winning bid more than twice the £13.7bn Rupert Murdoch valued Sky at just eight years ago