Microsoft Addresses IE7 Address Vulnerability

Microsoft has addressed reports of a vulnerability in Internet Explorer 7 that could possibly lead people to believe a website is safe, when it could actually be a malicious website looking to exploit browsers. The security site Secunia posted a vulnerability in IE7 address bar, here yesterday.

A weakness has been discovered in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.

The problem is that it’s possible to display a popup with a somewhat spoofed address bar where a number of special characters have been appended to the URL. This makes it possible to only display a part of the address bar, which may trick users into performing certain unintended actions. Source: Secunia

They have posted a test page to let you know if you are vulnerable or not, here. Microsoft’s response is posted here, but they pretty much say all they can, you can actually see the whole address if you click on the popup and scroll left or right, and they recommend turning on the Microsoft Phishing Filter, to help block phishing sites who might try to exploit this vulnerability.

Now, our general guidance as far as things you can do to help protect yourself against phishing attacks can help protect here. Specifically that you should never enter personal information into a website unless you’ve verified the server?s name by using SSL. We talk about this on our website here.

The other thing I wanted to mention is that in IE 7, the Microsoft Phishing Filter can help protect should any phishing sites attempt to exploit this issue in a couple of ways.

First, the Phishing Filter’s browser-based heuristics can help to protect you. These heuristics analyze Web pages in real time and then can warn you about suspicious characteristics if it finds any on the page. If someone attempts to use this issue in a phishing site, the Phishing Filter’s heuristics may detect that site as such and warn you.

Another way the Phishing Filter can help protect you is through our online service. If a site that attempts to exploit this issue is reported to us and confirmed to be a phishing site, we will add it to the Microsoft Phishing Filter?s online service and it will be flagged as a phishing site when viewed in IE7. Source: Microsoft Security Response Center Blog

The phishing filter should definitely help, although it did appear to slow my machine down when I first looked at it, so I may turn it back on and let it run some more to see if it actually gets any faster.