Options
Microsoft releases major patch!
Yesterday, February 2, 2004, Microsoft put up on its Windows Update site a fix for the bug\vulnerability type problem in IE that allows users to see one site name while being at another site entirely. John D' (A.K.A Ageek from our forums) suggests all IE users Windowsupdate their boxes with this critical fix.
[blockquote]The vulnerability has to do with the way IE parses URLs, specifically those that contain special characters. Using this weakness, an attacker can create a link that looks like it will send a user to a legitimate site, such as www.eweek.com. However, once the user clicks on the link, the attacker can cause content from another site to appear in the window. [/blockquote]
[link=http://eletters.eweek.com/zd1/cts?d=79-457-2-3-185173-53997-1]Info here[/link]
[blockquote]The vulnerability has to do with the way IE parses URLs, specifically those that contain special characters. Using this weakness, an attacker can create a link that looks like it will send a user to a legitimate site, such as www.eweek.com. However, once the user clicks on the link, the attacker can cause content from another site to appear in the window. [/blockquote]
[link=http://eletters.eweek.com/zd1/cts?d=79-457-2-3-185173-53997-1]Info here[/link]
0