Second flaw in IE7, claimes security firm Secunia

Microsoft has already responded to the news of a bug

Second flaw in IE7, claimes security firm Secunia. Software, PC software, Browsers, Secunia, Viruses And Malware, Microsoft, Internet Explorer 0

26 October 2006 12:01 GMT / By Amber Maitland

Danish security company Secunia has found its second flaw in IE7, to which Microsoft has responded swiftly.

The flaw lets hackers put a fake web address in a pop-up window, and could trick users into downloading from what looks like a secure website. The hacker can add special characters to the end of the web address so that only a part of the URL is displayed.

Microsoft's Christopher Budd has quickly posted an entry to the Security Response Center Blog, agreeing that there is an “issue with how URLs are displayed in the address bar. Specifically, we've seen that this occurs in a pop-up window after a user clicks a specially formed link on an untrusted website or in an untrusted email”.

He explains further: “Now, while the full URL is actually present in the address bar, the left part of the URL is not initially displayed. But, you can see the full URL if you either click in the browser window or in the address bar and then scroll within the address bar”.

The flaw is rated as “less critical” by Secunia, and Budd writes that Microsoft isn't aware of any attacks exploiting this flaw, but that the team is keeping an eye on it. He uses the rest of the entry to explain Microsoft's Anti-Phishing filter in IE7 and how it can protect against attacks exploiting flaws like the one Secunia has found.

Related
Full tags
Software, PC software, Browsers, Secunia, Viruses And Malware, Microsoft, Internet Explorer
UK Shopping
Amazon.co.uk, play.com, pixmania.co.uk, Currys.co.uk, Dixons.co.uk, 7dayshop.com, ebay.co.uk
US Shopping
Amazon.com, bestbuy.com, ebay.com

share Subscribe to RSS feeds email story save story print story pdf

Comments

(Will not be published)

  (Next time sign in to bypass captcha)

Latest in Software

Latest on Pocket-lint.com

About Pocket-lint

Pocket-lint is your one stop shop for gadgets, technology and consumer electronics, bringing you the low-down on the latest televisions, cameras, phones, GPS and much more. Whether it's learning about what's hot in the world of Apple, finding out about the latest home cinema kit from Samsung and Sony or merely seeing what not to buy, we have you covered. So check out our reviews, news, comment, hands-on photo galleries and videos. Enjoy.

Pocket-lint.com poll

Q. Do you still buy CDs?

Vote YES Vote NO

» LAST TIME
When asked Do you want the Droid by Motorola? 53% said yes and 47% said no

Top 10 Broadband

Compare 50+
broadband packages

Home Broadband »

Top products

tip us on news

Rss feed

Follow us on Twitter