This story first appeared Mon, 1 Sep 1997 09:51:44 GMT

Netscape plans to post a fix to a bug plaguing two versions of its Navigator browser by the end of next week.

The bug, which affects Navigator versions 4.01 and 4.02, allows a malicious hacker to track an Internet surfer's activities through a flaw in the JavaScript code, Netscape's programming language for developing Web pages.

It was discovered by Andre dos Santos, a graduate student working on Net security issues at the University of California at Santa Barbara.

Through the glitch, a malicious hacker could create a "tracker" applet that stays with a browser and can track the user's surfing habits and retrieve information the user types, like credit card numbers and passwords, the company said. The applet, most likely in the form of a second, invisible window, then swipes information from the larger window and sends it back to another Web site.

Netscape officials said Web surfers should watch out for additional screens popping up on their computer and should close any that appear.

The bug so far only affects Windows 95 and Windows NT, the company said.

Copyright © 1995-2008 CNET Networks, Inc. All rights reserved
ZDNET is a registered service mark of CNET Networks, Inc. ZDNET Logo is a service mark of CNET Networks, Inc.