Friday, 27 October 2006
Microsoft Investigates IE 7 Address Bar Flaw |
| |
|
| |
Microsoft has confirmed a vulnerability in the address bar of Internet Explorer 7 (IE7). First reported by security firm Secunia, the issue occurs in popup windows. It is possible to display a somewhat spoofed address bar, the company said.
"This is the kind of spoofing vulnerabilities which IE7 was supposed to be better at protecting against than its predecessor," said Thomas Kristensen, Secunia's chief technology officer, in an e-mail to TechWeb. "While the issue isn't clear cut since the vigilant user might be able to spot that something isn't quite right, [others may be] easily fooled by this trick, despite the built-in anti-phishing mechanism being enabled [in IE 7]," he added.
"The Microsoft Phishing Filter online service is designed to allow us to update it fairly quickly with information as sites are reported and confirmed by us," Christopher Budd of the Microsoft Security Response Center Blog said.
Microsoft currently has the issue under investigation. Once the investigation is complete, the company said it would take appropriate steps to protect customers.
|
| |
|
|
| |
|
|
| |
|
|
| |
|
