YANIEB (Yet Another Nasty Internet Explorer Bug)
A new, potentially critical flaw in Microsoft’s Internet Explorer Web browser has been disclosed throughout public forums, while Redmond has yet to issue a single security bulletin for the month of December.
Oh heck Redmond, no need to rush…
The basic premise behind the IE flaw is “URL Obfuscation”
“Normally when this attack is executed, the URL looks similar to: http://www.microsoft.com@www.foobar.com/index.html. The spoofed URL makes the Web page appear to be from www.microsoft.com, when it is actually located on www.foobar.com,”
This means URLS’s can be faked, fooling the unwary into, say, giving a credit card number.
Published reports indicate that only Internet Explorer is affected by the attack.
Omigod, you mean IE has gaping security holes? Who knew???
Dunno about you, but I’m tired of endless problems of their own making that Microsoft never seems to fix or accept blame for. Sort of like the Bush Administration, come to think of it…
I’m currently testing Opera, a full-featured browser, available in pay and free versions. Mozilla also has a nice browser. Neither has security issues anywhere near the magnitude of IE. Anyone know of others?