JohnsonBox Posted January 25, 2004 Share Posted January 25, 2004 (edited) Last updated at 09:54am, Jan 25 (Translated by JB) Microsoft has admitted that for the present it cannot offer patch for a security leak in IE browser. The leak can be made use of by hacker to clone web site. The fatalness of web site being cloned by hacker, is that hacker can steal security information and password via this phony site. For example, if the web site of a bank were cloned, hacker can lure the users of the bank to visit the false site and get all their information, including password, and then turn to log on to that legal site to cheat money from the victims' accounts. In fact, Visa, National city Bank of New York, Lloyds, TSB, Barclays and eBay have ever been cloned by hackers. But when on earth will MS offer its patch for this almost deadly flaw of IE? Stuart Okin, the chief security official of MS branch in UK, just said:"We have known this question, and we are making our effort to offer patch to resolve this flaw." http://tech.sina.com.cn/s/n/2004-01-25/0954285341.shtml Edited January 25, 2004 by JohnsonBox Link to comment Share on other sites More sharing options...
eXclusive Posted January 25, 2004 Share Posted January 25, 2004 Why do you post sources ? a chinese website. Hardly anyone understands that **** Link to comment Share on other sites More sharing options...
JK1150 Posted January 25, 2004 Share Posted January 25, 2004 how can they resolve copying and pasting a whole website? or using the offline viewer to download that (I use that for my PDA a lot... don't want that taken away)? Link to comment Share on other sites More sharing options...
JohnsonBox Posted January 25, 2004 Author Share Posted January 25, 2004 Why do you post sources ? a chinese website. Hardly anyone understands that **** At least you can google relative info following my introduction. :laugh: @JK1150, that is different. Since the tech is fatal, so security officials of MS would not leak the detailed info about it... Link to comment Share on other sites More sharing options...
demorgoron Posted January 25, 2004 Share Posted January 25, 2004 time to start using mozilla Link to comment Share on other sites More sharing options...
xmr Posted January 25, 2004 Share Posted January 25, 2004 I made a page to show off the vulnerability in IE to my windows friends who still use it.... http://www.rastachops.com/hacks/ If you're in IE the location bar changes to that of the 'fake' site and everything appears to be that site. In other browsers you can quickly see that you're not really there at all. Link to comment Share on other sites More sharing options...
Blaise Veteran Posted January 26, 2004 Veteran Share Posted January 26, 2004 moved to internet, network & security Link to comment Share on other sites More sharing options...
MxxCon Posted January 26, 2004 Share Posted January 26, 2004 ignore that post. it's more than chinese spin on "phishing" scam. Link to comment Share on other sites More sharing options...
jack_canada Posted January 26, 2004 Share Posted January 26, 2004 If Microsoft would not leak any detail, how did that chinese website know so much about it? Link to comment Share on other sites More sharing options...
neouser Posted January 27, 2004 Share Posted January 27, 2004 I made a page to show off the vulnerability in IE to my windows friends who still use it....http://www.rastachops.com/hacks/ If you're in IE the location bar changes to that of the 'fake' site and everything appears to be that site. In other browsers you can quickly see that you're not really there at all. nice going this page sends a trojan to my machine when opening the site. Beware ppl Link to comment Share on other sites More sharing options...
area91 Posted January 27, 2004 Share Posted January 27, 2004 i think its fixed in xp sp2...when u try to go to a page with the hack under xp sp2 it weill say there was a error Link to comment Share on other sites More sharing options...
tagerd0g Posted January 27, 2004 Share Posted January 27, 2004 i think myie2 has a fix for this in version 0.9.11 Link to comment Share on other sites More sharing options...
xmr Posted January 27, 2004 Share Posted January 27, 2004 nice going this page sends a trojan to my machine when opening the site.Beware ppl Urm, well I must have uncovered another vulnerability caus I only added the invisible links bit and did it all in notepad. What trojan are you alledging that I've sent to you? I wouldn't mind knowing. :ninja: Yes, beware, beware of IE :devil: (go check the site in mozilla (the source) theres nothing more than the modified links). Link to comment Share on other sites More sharing options...
mm3h Posted January 27, 2004 Share Posted January 27, 2004 n00b could fall for that so easy :/ Link to comment Share on other sites More sharing options...
blackice912 Veteran Posted January 27, 2004 Veteran Share Posted January 27, 2004 nice going this page sends a trojan to my machine when opening the site.Beware ppl Uh huh. I just went there. No trojan. Hardly five lines of code. :rolleyes: Link to comment Share on other sites More sharing options...
Recommended Posts