A new vulnerability in Internet Explorer (IE) can be exploited to spoof the address bar in the browser window, leading users to believe they are visiting a legitimate page and exposing them to online fraud.
This issue arises when Microsoft’s browser loads web pages and Macromedia Flash animations. The Danish security company Secunia has rated this problem as “relatively serious” and has created a dedicated page for users to check if their systems are affected.
Secunia reported that the vulnerability affects IE 6.0 running on Windows XP that has all patches installed. It even poses a risk to the beta version of the new generation browser, IE 7.0. Microsoft is currently investigating the issue and has stated that no exploitation cases have been reported yet.
This marks the fourth vulnerability of IE disclosed within just a few weeks. At least one flaw, related to how IE handles the “createTextRange()” tag, has been exploited to install spyware, remote control software, and Trojans on victims’ computers. The American software company plans to release an upgrade on April 11, in line with its monthly schedule.
T.N
