IE URL Spoofing Bug; SP2 Users Not Affected

Users of Microsoft's popular web browsing software, Internet Explorer, should be aware of a problem relating to the way it handles table code inside URL links.

A malicious coder could create a website with a "spoofed" link, sending users to what they might believe is a legitimate site, when it is in fact not (See example below). Sites that "phish" information from users in this manner are growing in number, and are an increasing source of concern for e-businesses and users alike.

Users of Internet Explorer patched with Windows XP Service Pack 2 are un-affected; as are Outlook Express users. Users of the open source Firefox browser are unaffected, as are users of Opera. No current patch solves the issue for non XP+SP2 users; users are urged to be cautious of links they follow from un-trusted sources.

View: Bugtraq Report | IE Homepage

View: Discussion @ Neowin

Report a problem with article
Next Article

NASA Aims for May Space Shuttle Launch

Previous Article

Medal of Honor: Pacific Assault multiplayer demo

-1 Comments - Add comment