Thursday, December 11, 2003


Internet Explorer Spoofing Vulnerability Found  

Internet Explorer Spoofing Vulnerability Found: "Internet Explorer Spoofing Vulnerability Found
By Matt Hicks
December 10, 2003

Users could be lulled into providing sensitive information through a Internet Explorer browser vulnerability that allows fake URLs to obscure the real domain.

A new vulnerability discovered this week in Internet Explorer could allow for the spoofing of URLs in the Web browsing, potentially putting users' sensitive information at risk.
Security researchers confirmed a vulnerability in Internet Explorer 6 that could let an attacker display a fake URL in the browser's address bar in an attempt to disguise the real domain, according to a security bulletin released on Tuesday by Danish security company Secunia Ltd.
Using the security hole, an attacker could trick users into providing sensitive information or download malicious software by leading them to think that they are visiting a trusted site, the advisory said. "

This gigantic threat was rated "Moderatley Critical" by Microsoft. I think that it's a whole lot more like "Don't do ANY 'secure' transactions with IE6 until this is fixed or you'll probably regret it as long as it takes you to get your money and your identity back. In other words, MUCH longer than you'll be alive. It's quite possible for your heirs to regret your stupidity after you're safely dead.

It's about like calling the hole in the Titanic "moderately critical".

Comments: Post a Comment

This page is powered by Blogger. Isn't yours?