IE7 Security Flaw: Popup Address Bar Spoofing Weakness.

Researchers at Secunia have discovered a second security flaw in IE7 . This new vulnerability allows a Web site to display a pop-up that can contain a spoofed Web address, allowing an attacker to exploit this weakness by tricking people into believing they are on a trusted Web site when in fact they are viewing a malicious page.

Microsoft confirms howevet than an won’t work if a Web site is known to be part of a phishing scam. The IE 7 phishing shield will identify such sites and warn the user.

Secunia have created a test page demonstrating this weakness.

Accoring to Microsoft, an earlier problem, disclosed a day after the IE 7 release, lies in Outlook Express, not IE 7 and a browser patch maybe provided to fix it.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: