Slashdot Mirror


New Phishing Flaw in Internet Explorer

JimmyM writes "Secunia reports on a new vulnerability in Internet Explorer. From the piece: 'This can be exploited to spoof the address bar in a browser window showing web content from a malicious web site.' According to several (german) media outlets this is already being exploited by phishing sites. Secunia has a test you can try to see if you are vulnerable."

2 of 274 comments (clear)

  1. Which Version? by kid-noodle · · Score: 3, Interesting

    Judging from my own quick go on the test as well as the /. comments, the advisory that this affects 6.x versions is wrong. It would be more useful if there was information on which 6.x versions it affects - is this an issue intoduced in a recent patch, or is it pre-whatever versions only? (And an undetermined number of IE7 versions)

    Is this related to the flash player version?

    More data needed!

    --
    fortune -o
  2. Re:Why?? by Nazo-San · · Score: 3, Interesting

    My father is similar. He has built systems for each of us in the past until I knew enough to build my own. He got a computer engineer degree way back when and started out at least playing around with home systems like those little atari PC-type things that used basic. Later on DOS and such with tools such as Lotus for obvious reasons.

    Despite having spent more than a decade and a half on systems, even starting out before mice were even conceived of, he is not a completely mouse oriented person who doesn't know even simple keyboard shortcuts like CTRL+S. He works extensively with MS products like .NET, was the first to switch to NT among us (I had hardware issues for the longest time even with Win2K and liked 98SE better since it was more suitable to gaming/etc) and he hasn't even so much as dabbled in some live linux distro where you almost can't screw up (at least, so long as you don't do some moron stunt like dd if=/dev/zero of=/dev/hda or something... But, lol, you deserve what you get then.) This is a computer engineer user who had to start out knowing how to design curcuits and even build his own PC and having to write stuff like machine code. He WILL NOT consider alternatives to IE, Outlook, and other such tools. To my knowledge he has never even attempted another. I constantly tell him how great Opera is (and now that it's 100% free with no ads there's not any excuse not to at least try it anymore) and that Firefox with it's extentions is pretty neat as well, but, he won't even try them.

    If we can't convert people like him, how in the heck are we going to convert people like Mr Average Joe Farmer who doesn't have the vaguest idea how to actually install another browser? They don't want to be bothered with having to do such things.

    I have managed to convert my grandmother to Opera though. I had my aunt, but, a while back there was trouble with a really important site and she ended up using IE. I can't seem to get her back now that Opera is compatible with even most of IE's proprietary crap and can fool braindead servers into thinking it is IE so they won't refuse to work anymore. I think I've managed to almost force my mother to switch to Firefox because there were problems with IE (surprise surprise.) I'm working as hard as I can, but, when I step into the computer labs at my school, I see some of the people there using IE, I still can't convert my dad, and, among those people who know even less about things like web browsers I haven't managed to reach anyone but my grandmother.

    Someone needs to run an ad campaign for Opera or something. Actually, come to think of it, my first thought was that the opensource Mozilla wouldn't have enough money for marketing, but, then again, considering how much they just donated to a good cause I wonder about that. Right now they rely a bit more than I like on word of mouth (well, ok, Opera is well known in the mobile segment, so many mobile users who enjoy having a browser that runs about as smoothly as you're going to get on a mobile device would be aware of the PC browser perhaps.) Then again, I guess the question is, can you get Average Joe to understand and care that IE is secretly installing backdoors on their system and sending all of their credit card info to some thirteen year old in New Jersey with too much free time? So far they just don't understand and keep on using it.