Microsoft is trying to fix a problem in Internet Explorer that is considered "serious" by security experts. There is a loophole in the program that can be used by hackers to recover passwords and credit card numbers.

IE 5.0, 5.5 and 6.0 have the loophole. If a hacker has a valid digital certificate, he can create one for another website and attack. Users don't notice they are surfing a Website that is not legitimate.

It was programmer Mike Benham who found out the hole. "This is one of the worst cryptographic vulnerabilities I've seen in a long time", declared Bruce Schneier from Counterpane Internet Security. Microsoft and VeriSign are trying to fix the problem.

http://news.bbc.co.uk/2/hi/technology/2190448.stm