Third IE7 Vulnerability Found
Secunia has posted another vulnerability in Internet Exlorer 7, this one is called Internet Explorer 7 Window Injection Vulnerability, and this is related to a previous vulnerability from IE 6.0, here.
A vulnerability has been discovered in Internet Explorer 7, which can be exploited by malicious people to spoof the content of websites.
The problem is that a website can inject content into another site’s window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website. Source: Secunia via Faill.com
They have constructed a vulnerability test here, and this has been tested on a fully patched system running Windows XP SP2 and IE7.
Time for a rant; how many sites are pointing out that many web browsers are vulnerable to the window injection vulnerability?…
Edit: fix title. Come on guys – are people really so determined to find bad news about IE7 that they…
[...] Microsoft responds to the latest vulnerability report from Secunia, we covered it here yesterday, in a post at the Microsoft Security Response Center Blog titled Information on New Address Bar Issue. Apparently, this was a known issue with the way browsers are designed in that browsers are allowed to load pages in browser windows from other sites, this allows them to reuse windows. You’ve all seen it, you click a link, it opens in another window, you go back to click another link, or go to another page and click a link and it opens in the same window, unless you’ve closed it. Like we always do, we investigated that claim thoroughly in 2004. We found that in all cases, for this to represent a threat for phishing or spoofing attacks, a user would have to decide to trust the authenticity of the page without verifying the page?s address (because there was no address bar) and without verifying an SSL connection (like we recommend on our website). In other words, the scenario requires that you intentionally not use the security features specifically put in place to help protect against phishing and spoofing attacks. Because of that, we said in 2004 that this issue doesn?t represent a security vulnerability as we have defined it on our website. Source: Microsoft Security Response Center Blog [...]