| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 40666 | 2003-12-14 09:08:00 | Vulnerability in IE announced | Kiwitas (514) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 200392 | 2003-12-14 09:08:00 | I just found this on another forum(yes there are others like PressF1)and thought it worth taking a look at! Just thought I'd let everyone know about a vulnerability in Internet Explorer that was announced today. Basically, when presented with a certain character, Internet Explorer stops displaying any further characters. What this means is that someone can send you a link, make you think you're at a site you trust (eBay, Paypal, Amazon, etc) and fool you into entering personal information. This information then can be used for anything from hijacking your account to stealing your identity. Alternatively, the malicious individual can get you to download and run a program (since it appears to be on a site you trust) which can infect your system with a trojan. For example, check out this page: i.dslr.net You don't need JavaScript or ActiveX enabled and there is currently no patch or workaround. You can go to File->Properties to see the real URL. Just thought I'd warn everyone to be careful about the links you click. For more information on this, check out DSLReports.com: www.dslreports.com Cheers,Kiwitas,;-) |
Kiwitas (514) | ||
| 200393 | 2003-12-14 09:42:00 | thanks for that warning häzz |
hazza (2704) | ||
| 200394 | 2003-12-14 10:39:00 | Seriously cool! Thanks for the advanced warning. It says there's currently no patch for it.. Any idea's when MS plan on Fixing this? I'm currently running Gentoo Linux 1.4 with MozillaFirebird as my Browser of choice, but decided to have a look anyways. Very interesting indeed....! Didnt work of course ;-) Clicking on the Legal Notice was good re-assurance for a friend who tried it using IE though :p Many thanks Chill. |
Chilling_Silently (228) | ||
| 1 | |||||