followup to the MSN hotmail and .Net passport change post

[Dan Hanson <dhanson () securityfocus com>]

There are differing reports on the effectiveness of this attack. Our
testing here indicates that an older hotmail account is vulnerable, but a
newer one is not. It is unclear what the difference is, other than when
the account was created.




----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place. http://www.securityfocus.com/BlackHat-incidents 
----------------------------------------------------------------------------