XP Repair Site

Solving PC Problems with Windows XP Systems

IE7 Vulnerability to Phishing Attack

Security researchers at Secunia have discovered and reported another vulnerability with the newest version of Internet Explorer – IE7, as reported in heise Security‘s blog.

On the day of its release, Secunia reported a vulnerability where phishers were able to spy on the content of other open windows. As usual, the recommendation was to disable Active Scripting (Microsoft’s name for its implementation of JavaScript). [How to turn Active Scripting back on again, later]

Microsoft quickly announced that this was not an IE6 and IE7 vulnerability, it was a problem with Outlook Express code that was in Windows. According to the heise Security article, Microsoft has known of that vulnerability for about six months.

Gee, isn’t that reassuring?

In the latest vulnerabilty reported by Secunia, malicious web sites could fake the data in the “address bar” of a popup window. This despite Microsoft’s touting of the new anti-phishing, high-security IE7 and its new address bar display in each window.

By spoofing the address of a legitimate site into its popup window, phishers could convince unsuspecting visitors to reveal personal information such as userIDs, passwords and credit card data.

By: terry | 2006/10/26 | Anti-adware - Anti-spam - Anti-spyware - Communications - Operating System - Security - Web browsing | Trackback | Comments [RSS 2.0]

Comments are closed



Disclosure: Products and services discussed, recommended or linked from my site
may pay me a referral commission for your visit or your purchase.

XP Repair Site is proudly powered by WordPress
WP Theme "Fast Lane" design by: beng hafner
XP Repair Site is hosted at HostGator