IE phishing exploit..



There is ANOTHER IE vulnerability that’s come across the news in the last week. It seems that this is currently only a Proof of Concept, I’ll have to check and see if anyone’s reported seeing this in the wild…, but essentially a race condition between a Macromedia flash file and web content can allow a forged address bar location… in other words it might say www.google.com in the address bar, but you’re actually looking at www.evilhackerplayground.org….


Turning off active scripting is a workaround at this point. (Or alternative browsers I suppose…)

Related Posts

Blog Traffic Exchange Related Posts
  • Leading browser coders get together on internet security This is one of those stories that you never thought you'd see (especially after the Microsoft-Netscape "wars")... Developers from four of the most prominent web browsers, Internet Explorer, Mozilla/Firefox, Opera and Konqueror (much of the foundations for Safari are in the Konqueror codebase)... have got together and talked about different......
  • The Google Problem Part 2 If you know me.... you know I have a HARD time putting down a problem that's unsolved. Even if it's a problem that really doesn't have a solution (in my control at least)... I have a tendency to look and analyze, turn it over and try and find out as......
  • IE 7 address bar spoofing issue Another issue was reported with the new IE 7 and confirmed by Microsoft. It seems that it's possible for a malicious link to spoof the information in the address bar (make it look like you're at a site that you're NOT at.) Incidents.org gives the following possible workaround... As a......
Blog Traffic Exchange Related Websites
  • The Shopping Channel The Shopping Channel is Canada's only 24-hour broadcast retailer. We have the pleasure of servicing hundreds of thousands of Canadians each year by providing a wide product selection at competitive prices. We carry common, brand-name items as well as unique items new to the market that cannot be found......
  • MonaVie Sends a Second Cease & Desist On Friday afternoon, MonaVie sent Corey Whitlaw an "official-ish" Cease and Desist Order (CDO) to my Lazy Man and Money e-mail address on the basis of his use of their trademark in my metatag keywords. I had an idea that the CDO might be coming. MonaVie had publicly tipped their......
  • Make Blogging Work for Your Business pt 3 Are you ready to make blogging work for your business? If you already know the benefits associated with corporate blogging, then the next step is to put these concepts to work by creating your own corporate blog and sharing your company with the world. This is part 3 in a......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site