IE hole allows site spoofing
By Matt Whipp
Posted on 11 Dec 2003 at 13:13
Danish security experts have identified a flaw in the Internet Explorer browser that allows a malicious website to display a trustworthy URL in the address field.
Security firm Secunia rates the hole as moderately critical and has been tested and found in version 6 of the browser, but has not been tested for earlier versions.
The hole can be exploited by inserting syntax characters after the URL you wish to be displayed, but before the actual domain name.
Microsoft has said it is looking into the problem but knows of no known exploits being used or of any affected users. Earlier this week Microsoft announced in its monthly security update there would be no security bulletins to release this month.
More information can be found at the Secunia website.
From around the web
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Why virtualisation hasn't slowed the growth of data
- How to make Google AdWords work for your business
- The curse of sloppily written software
- Paying for your crimes with Bitcoin
- Behind the scenes: tech support for Formula 1
- The security risk of fat fingers
- Why Windows Phone 7 isn't quite ready for business
- When will Microsoft stop fiddling with Windows 8?
- Flash down the pan?
- Metro Style apps vs desktop applications
advertisement
Printed from www.pcpro.co.uk