Actualites, NTIC

lundi, février 21, 2005

Microsoft Internet Explorer Popup Title Bar Spoofing Weakness
bitlance winter has discovered a weakness in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.

Description:
bitlance winter has discovered a weakness in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.

Windows XP SP2 has a security feature, which forces the URL of a popup to the present in the title bar when a popup has been opened without the address bar.

The problem is that the title bar can be spoofed via an overly long hostname. This can e.g. be exploited by a malicious web site to trick a user into entering sensitive information in a popup placed over a trusted site.

The weakness has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2.

Solution:
Do not enter sensitive information in popups after following links from untrusted sources.

0 Comments:

Enregistrer un commentaire

<< Home

Les emails sont protegés par la solution de sécurité
antivirus et anti intrusion Kaspersky (http://antivirus-france.com)
Miroir Opera France - http://opera.eurenet.net/

lundi, février 21, 2005

0 Comments:

Qui êtes-vous ?

Previous Posts

<a href="http://www.eurenet.com/cgi-bin/pg-bannierespro.cgi?type=clic&amp;pool=defaut" target="_blank"> <img src="http://www.eurenet.com/cgi-bin/pg-bannierespro.cgi?type=img&pool=defaut" border="0" /></a>

lundi, février 21, 2005

0 Comments:

Qui êtes-vous ?

Previous Posts