Spoofing bug found in IE 7

by admin October 26, 2006 at 3:50 am
0 Comment

Security experts have found a weakness in Internet Explorer 7 that could help crooks mask phishing scams, the type of attack Microsoft designed the browser to thwart.

IE 7, released last week, allows a Web site to display a pop-up that can contain a spoofed Web address, security monitoring company Secunia said Wednesday. An attacker could exploit this weakness to trick people into believing they are on a trusted Web site when in fact they are viewing a malicious page, Secunia said in an alert.

“This makes it possible to only display a part of the address bar, which may trick users into performing certain unintended actions,” Secunia said. The company has created a demonstration that shows a Microsoft Web address in the pop up window, but displays content from Secunia.

The problem lies in the way Web addresses are displayed in the IE 7 address bar, a Microsoft representative said in an e-mailed statement. An attacker could exploit the issue by tricking a user to click on a specially formatted link, the representative said.

Full story: CNET News.com

Related Content
Realme C15 Launching in India on August 18: Everything We Know So Far
Facebook’s CEO to meet PM Modi today
Firefox 4 Beta 1: A Visual Tour
Now, access Facebook on mobile devices for free
more news from the blog
Microsoft readies four security bulletins for Patch Tuesday
Twitter Takes on Phishing with New Security Features
Microsoft Warns of New Excel Vulnerability
Windows Server 2008 Trial
Do you AOL-Yahoo? Maybe you will, if they merge
Viruses ‘hit 1m China computers’
Apple unveils new iPod touch, “fat” iPod nano at special event
Misfit Model 3D 1.3.4 Beta
AudioPaint 2.1
Sony opening up the PlayStation Network
Gpg4win 2.0.4 / 2.1.0 Beta
Mac Mini alive and kicking, may get revamp
DVDSmith Movie Backup 1.0.4
Auslogics System Information 2.0.4.40
Trillian 3.1.14.0
Open-source leader leaving Novell for Google
Hackers debut Mac OS X adware
Microsoft releases Zune update
YouTube Monetization: Let Users Sell Ads
HD Tune 2.55
You’re the Backup: Pirate Bay Archive Available for Download
Linux NTFS Tools and Library 1.13.0
Microsoft preps seven July security patches
Microsoft Office 2010 tech preview hits torrent sites
Aqualung 0.9 Beta 10
ZSoft Uninstaller 2.4.1
TinyPDF 1.0.2195
juicyPlayer (HDngn) 0.8.6
Snowl 0.3
Second-hand Microsoft licences take off
Opera files EU complant against Microsoft
nVIDIA FX Composer 2.5
Another Vista Activation Crack Appears