News.com’s Joe Wilcox reports that
a flaw in Microsoft’s cryptography software opens users to the possibility of credit card fraud, and it can potentially affect Mac users.
Under certain circumstances digital certificates used to validate Web sites can be manipulated using the Microsoft software flaw to transmit data that would otherwise be securely encrypted. If exploited, this flaw could lead to the transmission of credit card data or otherwise secure information to a location where it could be manipulated for other nefarious purposes. Wilcox said that no one has exploited the hole yet, but it’s possible.
Apparently, the problem affects not only Windows software but Mac software too — Microsoft said that Office v. X, Internet Explorer for Mac OS 8 and 9, and Internet Explorer for Mac OS X are all subject to the problem. Microsoft expects to release patches for these products soon.