Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Microsoft Confirms IE7 Address Bar Flaw

  • Please log in to reply

Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Microsoft confirmed a vulnerability Thursday in the address bar of Internet Explorer 7. First reported by security firm Secunia on Wednesday, the issue occurs in popup windows. It is possible to display a somewhat spoofed address bar, the company said.

Due to this issue, a specially crafted URL with special characters may hide portions of the address. This could open the user up to attacks, including performing actions that it may not be aware of. Secunia has rated the issue as "less critical," its second lowest rating.

No attacks using this flaw are currently known, Microsoft said. It also recommended users make use of the Microsoft Phishing Filter that is included within IE7.

"The Microsoft Phishing Filter online service is designed to allow us to update it fairly quickly with information as sites are reported and confirmed by us," Christopher Budd of the Microsoft Security Response Center Blog said.

"We do have this issue under investigation and as always, once we complete our investigation we'll take appropriate steps to protect our customers," he continued.

However, Budd downplayed the flaw, saying Microsoft's research showed the full URL can still be displayed by clicking in the browser windows or address bar, or scrolling within the address bar.
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP