Re: Firefox & IE subject to phishing trick
From: Yash (no.yashagarwal_india_at_msn.nospam.com)
Date: 12/11/04
- Next message: Torgeir Bakken \(MVP\): "Re: XP Pro - How'd I get hacked"
- Previous message: Bob S: "Re: Remove "Log off as ..." from Start menu"
- In reply to: Trent©: "Re: Firefox & IE subject to phishing trick"
- Next in thread: Jock Strap: "Re: Firefox & IE subject to phishing trick -- and Opera, Safari, Konqueror"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 11 Dec 2004 04:44:58 -0000
well, it is always advisble not to view un-trusted sites esp. while online
transactions or using e-commerce functions
Yash
"Trent©" <trentsauder@hotmail.com> wrote in message
news:7tikr05no3m2popi5krtdeih5061iu04tc@4ax.com...
> On Fri, 10 Dec 2004 11:16:16 -0800, "CZ" <CZ@no99spam.com> wrote:
>
>>From
>>http://www.theregister.co.uk/2004/12/09/secunia_browser_exploit_warning/
>>"Many popular browsers are affected by a vulnerability that makes it easy
>>to
>>spoof the content of websites, security firm Secunia warns.
>>Features built into browsers makes it possible for malicious websites to
>>change the content of pop-up windows created by trusted websites such as
>>online banks. Users would have no inkling that potentially hostile content
>>has been injected into a pop-up window. Exploits rely on misusing browser
>>functionality rather than taking advantage of a software bug. Thomas
>>Kristensen, Secunia's chief technology officer, described the problem as
>>"perhaps the simplest phishing trick yet."
>> Secunia has confirmed the vulnerability on fully patched versions of
>>Internet Explorer 6.0 and Windows XP SP1 and SP2 (advisory here), Mozilla
>>1.7.3, Mozilla Firefox 1.0, Netscape 7.2, Apple's Safari 1.2.4, Opera
>>7.54,
>>and KDE's Konqueror 3.2.2-6. Other versions of these browsers might also
>>be
>>affected. Secunia has issued five advisories (summary here) and an on-line
>>test.
>>Secunia describes the vulnerabilities as "moderately critical". It advises
>>users not to browse untrusted sites while browsing trusted sites."
>>
>>Here is the URL for the online test:
>>http://secunia.com/multiple_browsers_window_injection_vulnerability_test
>>
>>My test results:
>>Firefox v1.0 is vulnerable to the above spoofing.
>>IE with PopUpCop is not vulnerable.
>>
>
> Any windows didn't open up for me...good, I guess.
>
> But, then again, I had java scripting turned off...which is the way I
> always surf the Net.
>
> Not the best solution...granted. But works for me.
>
> Thanks for the heads-up.
>
>
> Have a nice one...
>
> Trent
>
> Budweiser: Helping ugly people have sex since 1876!
>
- Next message: Torgeir Bakken \(MVP\): "Re: XP Pro - How'd I get hacked"
- Previous message: Bob S: "Re: Remove "Log off as ..." from Start menu"
- In reply to: Trent©: "Re: Firefox & IE subject to phishing trick"
- Next in thread: Jock Strap: "Re: Firefox & IE subject to phishing trick -- and Opera, Safari, Konqueror"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
