« In Other Tech News…
Poll: Google Apps vs. MS Office vs. OpenOffice »

Hacker exposes phishing hole in IE7

by DJ Neawedde | 23rd February 2007

IE7 Phishing HoleA newly found flaw in Internet Explorer 7 lets you mask the display of the current website, and get around IE7’s phishing filter. Both Windows XP and Windows Vista operating systems are affected according to Michal Zalewski, the guy who uncovered the flaw.

Microsoft says they’re still working on an internal assessment of the reported hole. Zalewski has provided a demo to allow people to test the flaw.

More via heise Security and Secunia


Related Posts

  • Where would you be if you dug a hole to the center of Earth?
  • Hacker breaks into Pentagon email system
  • 44 ways to protect yourself against phishing scams
  • PhishTank anti-phishing collaboration
  • Top 10 Wii-Related Accidents
  • ‘Biggest ever’ online phishing heist nabs $1.1m over 15 months

    • Subscribe



    One Response to “Hacker exposes phishing hole in IE7”

    1. Sam Spade Says:

      This is not a phishing exploit. First you need to get the person to visit a dangerous web site.

      Then you have to get the person to go to the site you want to phish by typing the address into their address bar instead of doing what is “normal”, that is, clicking on a hyperlink in a Web page.

      THe vulnerability works, but only if you get people to act outside the norm.

      February 23rd, 2007 at 9:55 pm

    Leave a Reply

    XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

    « In Other Tech News…
    Poll: Google Apps vs. MS Office vs. OpenOffice »
    « In Other Tech News…
    Poll: Google Apps vs. MS Office vs. OpenOffice »

    Hacker exposes phishing hole in IE7

    by DJ Neawedde | 23rd February 2007

    IE7 Phishing HoleA newly found flaw in Internet Explorer 7 lets you mask the display of the current website, and get around IE7’s phishing filter. Both Windows XP and Windows Vista operating systems are affected according to Michal Zalewski, the guy who uncovered the flaw.

    Microsoft says they’re still working on an internal assessment of the reported hole. Zalewski has provided a demo to allow people to test the flaw.

    More via heise Security and Secunia


    Related Posts

  • Where would you be if you dug a hole to the center of Earth?
  • Hacker breaks into Pentagon email system
  • 44 ways to protect yourself against phishing scams
  • PhishTank anti-phishing collaboration
  • Top 10 Wii-Related Accidents
  • ‘Biggest ever’ online phishing heist nabs $1.1m over 15 months

    • Subscribe



    One Response to “Hacker exposes phishing hole in IE7”

    1. Sam Spade Says:

      This is not a phishing exploit. First you need to get the person to visit a dangerous web site.

      Then you have to get the person to go to the site you want to phish by typing the address into their address bar instead of doing what is “normal”, that is, clicking on a hyperlink in a Web page.

      THe vulnerability works, but only if you get people to act outside the norm.

      February 23rd, 2007 at 9:55 pm

    Leave a Reply

    XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

    « In Other Tech News…
    Poll: Google Apps vs. MS Office vs. OpenOffice »