Microsoft Responds to IE7 Popup Address Bar Spoof

Bink has reported the following 'less-critical' exploit over at Secunia and Microsoft promptly responded the same day.

A weakness has been discovered in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks. Secunia have a demo of the exploit online.

Christopher Budd responded over at the Microsoft Security Response Center Blog by saying "First, this is an issue with how URLs are displayed in the address bar. Specifically, we've seen that this occurs in a pop-up window after a user clicks a specially formed link on an untrusted website or in an untrusted e-mail.

Now, while the full URL is actually present in the address bar, the left part of the URL is not initially displayed. But, you can see the full URL if you either click in the browser window or in the address bar and then scroll within the address bar." Nice to see Microsoft responding so quickly to even minor bugs affecting IE7.

View: Full Response @ Microsoft Security Response Center Blog

Report a problem with article
Previous Story

Microsoft Decries Vista PatchGuard Hack

Next Story

Batteries Push Sony to Q2 Operating Loss

13 Comments - Add comment