• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Internet Explorer 7 vulnerable to a 'spoofing bug'.

zekrahminator

zekrahminator

McLovin
Joined
Jan 29, 2006
Messages
9,066 (1.28/day)
Location
My house.
System Specs
Processor AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard Gigabyte sumthin-or-another, it's got an nForce 430
Cooling Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory 2GB G.Skill DDR2 800
Video Card(s) Sapphire X850XT @ 580/600
Storage WD 160 GB SATA hard drive.
Display(s) Hanns G 19" widescreen, 5ms response time, 1440x900
Case Thermaltake Soprano (black with side window).
Audio Device(s) Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply ThermalTake 430W TR2
Software XP Home SP2, can't wait for Vista SP1.
Whenever Internet Explorer 7 encounters a suspected forged website, or something that might contain a phishing scam, it alerts the user through the information bar. In Internet Explorer 6, the information bar overlapped whatever browsing window the user has open. In Internet Explorer 7, there is a potential flaw that would let an attacker hide the information bar, leaving users clueless when they come upon a possibly forged website. Microsoft says that it knows of no website that performs such a trick, and when Internet Explorer 7 encounters a known forgery, it doesn't load the page at all.


View at TechPowerUp Main Site
 
I don't like the idea of sending info on every site I visit to M$ myself.
 
This might sound a bit "strange" as an outlook to have on this, but I think this being discovered is a GOOD thing - one less thing to worry about when the next "patch tuesday" comes (because hopefully by then, MS issues a patch for this).

I think that in a weird way the "hacker/cracker" types that do this type of "IE Hacking/Cracking" for vulnerabilities is MS' best buddy, doing the "R&D" testing needed.

APK
 
If they make it public that there is a fault and M$ fix it quickly there isn't too much of a problem.
 
Yea the only thing that makes me weary is that these hacks/exposures get seen by the public.
So some people will try to exploit these since they now know about it.
I agree and hope the MS fixes it soon, but wouldnt be suprised if they dont.

They have been pushing back everything lately (which is the MS way).
 
bruins004 said:
Yea the only thing that makes me weary is that these hacks/exposures get seen by the public.
So some people will try to exploit these since they now know about it.
I agree and hope the MS fixes it soon, but wouldnt be suprised if they dont.

They have been pushing back everything lately (which is the MS way).
Click to expand...

Yea, but usually? YOU as the end-user, CAN fully seal yourself against a good 90-95% I would say of WHAT you can be 'invaded' by, even in IE, it's SIMPLE: Disable ActiveX & Active Scripting, Java, & JavaScript... it tends to work, though @ a sacrifice of some abilities on some websites!

APK

P.S.=> Sure, I don't LIKE "losing some functionalities" but, I'd rather THAT, than get something like the W32Pinfi virus, which was nigh impossible for me & one of my relatives to pull of his system (it WAS truly one of those "nuke it from orbit" & repave deals, backup of data, virusscans of it, & then reformat main disk)... apk
 
You must log in or register to reply here.
Back
Top