Bug Spoofs Internet Explorer Addresses

Microsoft's Internet Explorer, already stunned with a bug currently being used by hackers to infect PCs with spyware, suffers from yet another vulnerability, a researcher said Tuesday.

The bug affects how the browser loads Flash files, which use the ".swf" extension. Attackers can use a Flash file to spoof the address bar in IE to disguise the true URL of the site being viewed. Address bar spoofing is a long-time phishing tactic that's used to masquerade the bogus URL.

(Oddly enough, recent research by a trio from Harvard and Berkeley shows that few surfers use the browser address bar to detect fake sites.) TechWeb | News | Bug Spoofs Internet Explorer Addresses

Linked by shanmuga Wednesday, 5th April 2006 3:49AM