Fully Patched IE Still Vulnerable

Discussion in 'Computer Support' started by TechNews, Jun 14, 2004.

  1. TechNews

    TechNews Guest

    URL Parsing Bug in IE Invites Phishing Attacks
    Larry Seltzer June 11 2004


    A bug in fully patched versions of Microsoft's Internet Explorer Web
    browser allows violations of the browser's security zones, with the
    result that an unknown malicious site could assume the privileges of
    more trusted zones.

    Researchers on several security mailing lists have been discussing the
    bug since yesterday and appear still to be learning about it.

    The same vulnerability could be used for phishing attacks, in which the
    URL in the address bar appears to be for one site but is in fact a link
    to a different site. Both of these problems rely on certain
    misconfigurations of the DNS and Web server on the malicious Web site ...

    http://www.eweek.com/article2/0,1759,1611292,00.asp


    [For security, switch to Netscape or Opera - Ed.]


    --
    Reliability:Speed:Security:Linux
     
    TechNews, Jun 14, 2004
    #1
    1. Advertising

  2. TechNews

    Duane Arnold Guest

    TechNews <> wrote in
    news:80bbdd16c534433c12b0e84487cc064c@news.1usenet.com:

    > URL Parsing Bug in IE Invites Phishing Attacks
    > Larry Seltzer June 11 2004
    >
    >
    > A bug in fully patched versions of Microsoft's Internet Explorer Web
    > browser allows violations of the browser's security zones, with the
    > result that an unknown malicious site could assume the privileges of
    > more trusted zones.
    >
    > Researchers on several security mailing lists have been discussing the
    > bug since yesterday and appear still to be learning about it.
    >
    > The same vulnerability could be used for phishing attacks, in which the
    > URL in the address bar appears to be for one site but is in fact a link
    > to a different site. Both of these problems rely on certain
    > misconfigurations of the DNS and Web server on the malicious Web site

    ....
    >
    > http://www.eweek.com/article2/0,1759,1611292,00.asp
    >
    >
    > [For security, switch to Netscape or Opera - Ed.]
    >
    >


    I don't use the secuirty zones in IE and I am not being compormised
    either.

    Duane :)
     
    Duane Arnold, Jun 14, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. lbbss
    Replies:
    6
    Views:
    574
    Timothy Timbrook
    Aug 17, 2004
  2. bumbling along
    Replies:
    4
    Views:
    3,453
    bumbling along
    Mar 12, 2005
  3. Au79

    Exploits threaten patched Windows flaws

    Au79, Jul 27, 2006, in forum: Computer Support
    Replies:
    0
    Views:
    395
  4. Au79

    IE flaw bypasses fully patched systems

    Au79, Sep 20, 2006, in forum: Computer Support
    Replies:
    6
    Views:
    467
    Tree Air Freshener
    Sep 21, 2006
  5. Au79
    Replies:
    0
    Views:
    515
Loading...

Share This Page