Security researcher Chris Evans has released details of the data-stealing bug in Internet Explorer 8 that he publicized earlier this month. Evans said that the flaw can be used to force victims to post messages on Twitter and that the bug appears to be no closer to being fixed. The bug, which has been known for a couple of years now, involves the way that IE 8 handles CSS. The same bug has been fixed for some time in Firefox, Google Chrome, Opera and Apple Safari. The attacker also could steal sensitive data from the victim s browser.
Source: https://threatpost.com/details-emerge-ie-8-data-stealing-bug-092910/74529/