Fully Patched IE Still Vulnerable

Fully Patched IE Still Vulnerable: Posted by TechNews on June 14th, 2004; URL Parsing Bug in IE Invites Phishing Attacks
Larry Seltzer June 11 2004

A bug in fully patched versions of Microsoft's Internet Explorer Web
browser allows violations of the browser's security zones, with the
result that an unknown malicious site could assume the privileges of
more trusted zones.

Researchers on several security mailing lists have been discussing the
bug since yesterday and appear still to be learning about it.

The same vulnerability could be used for phishing attacks, in which the
URL in the address bar appears to be for one site but is in fact a link
to a different site. Both of these problems rely on certain
misconfigurations of the DNS and Web server on the malicious Web site ...

http://www.eweek.com/article2/0,1759,1611292,00.asp

[For security, switch to Netscape or Opera - Ed.]

--
Reliability:Speed:Security:Linux; Posted by Duane Arnold on June 14th, 2004; TechNews <tc@nospam.null.com> wrote in
news:80bbdd16c534433c12b0e84487cc064c@news.1usenet .com:

I don't use the secuirty zones in IE and I am not being compormised
either.

Duane

Similar Posts

Win XP SP2 Security Center says my PC may be vulnerable (Security & Administration) by wrswldo
Patched XP Pro SP1 vs. XP Pro SP2 (Security & Administration) by JackG62
XP SP2 fully patched ACL bugs (Microsoft Windows) by edavid3001@gmail.com
Vulnerable IP address (Security & Administration) by Carey Frisch [MVP]
Software suggestions? I am getting rid of MS security-vulnerable CRAP!! (Computers & Technology) by hugh jass