OT-News IE bug lets fake sites look real, from Roger
- Subject: OT-News IE bug lets fake sites look real, from Roger
- From: "Roger Swalley" r*@colfax.com
- Date: Thu, 11 Dec 2003 12:02:52 -0800
- List-archive: <http://www.hort.net/lists/pumpkins/> (Web Archive)
News: IE bug lets fake sites look real
Hardware | Software | Security | Commentary | Headline Archives
| Briefs
News Security
IE bug lets fake sites look real
By Paul Festa
CNET News.com
December 10, 2003, 2:53 PM PT
Add your opinion
Forward in Format for
Microsoft on Tuesday said it was looking into reports of a
potential bug in its Web browser that could help malicious hackers design
convincing Web site spoofs.
The bug, according to security alerts by a bug hunter and a Danish
security company, Secunia, could let hackers use a technique to display a
false Web address on a fake site.
Secunia credited the bug to "Zap the Dingbat," who posted an alert
to the Bugtraq security mailing list. That alert links to a demonstration of
the exploit, and says Microsoft was informed of the bug Tuesday.
[Click Here.]
Malicious hackers frequently lure victims to convincing replicas
of e-commerce sites such as eBay, where they're tricked into handing over
financial and other private information. The method is said to be a key tool
in credit card and identity theft.
Savvy Web surfers often figure out the ruse from irregularities in
the Web address. But in the method described by Secunia, IE could allow the
address bar for the spoofed eBay site, for example, to read "ebay.com."
"Microsoft is investigating new public reports of a possible
vulnerability in Internet Explorer," the company said in a statement. "We have
not been made aware of any active exploits of the reported vulnerabilities or
customer impact at this time, but we are aggressively investigating the public
reports."
Microsoft did not set a timetable for its investigation, but said
it may eventually release a patch to address the problem. Meanwhile, the
company recommended that people follow basic security procedures, including
the use of firewalls, software updates and antivirus software.
Microsoft faulted security mavens for publicizing the flaw,
implying that they hadn't given Microsoft sufficient time to craft a patch.
"Microsoft is concerned that this new report of a vulnerability in
Internet Explorer was not disclosed responsibly, potentially putting computer
users at risk," the statement reads. "We believe the commonly accepted
practice of reporting vulnerabilities directly to a vendor serves everyone's
best interests, by helping to ensure that customers receive comprehensive,
high-quality patches for security vulnerabilities with no exposure to
malicious attackers while the patch is being developed."
Secunia was not immediately available for comment.
Secunia's advisory faulted IE for an "input validation error" that
let a certain character sequence mask the actual Web address and substitute a
fake one.
It recommended using a proxy server or firewall to filter the
character sequence out of Web addresses, and urged people not to "follow links
from untrusted sources."
Forward in Format for
Related Links:
> Microsoft: No patches this month
> New flaws reported in IE 6
> Microsoft finds flaw in server software
Add Your Opinion
TalkBack: Post your comment here
Click on a top-level comment to explore tree (60 total
replies - 60 NEW )
Use Mozilla or Firebird *NEW* richman555 -- 12/10/03
Dang it!! Didin't they get the memo? *NEW* Jose
Jimenez -- 12/10/03
Make sure you get to real Viagra sites *NEW* FilledOut
-- 12/10/03
No, no, tell me it aint so, another negative artical
about MS security. *NEW* DonnieBoy -- 12/10/03
Holee Software Batman! *NEW* 0utasite -- 12/10/03
IE bug lets fake sites look real *NEW* Loverock
Davidson -- 12/10/03
two points *NEW* ZZ -- 12/10/03
The exploit didn't work for me when I tried it *NEW*
toadlife -- 12/10/03
You mean you paid MS *NEW* FilledOut -- 12/10/03
Overlooking a basic fact *NEW* master of illusion --
12/10/03
Hmm...here's an idea *NEW* jdane -- 12/10/03
Similar to *NEW* michael-t -- 12/10/03
Wow, watching the holiday hate flow *NEW* FilledOut --
12/10/03
The Last Cumulative Patch for I.E. *NEW* The Real
Bitch -- 12/10/03
Help ??? *NEW* Watcher -- 12/11/03
Opera is immune *NEW* bmeacham -- 12/11/03
spoofs are as bad *NEW* JWatson77 -- 12/11/03
Doesn't work on Mac OS X 10.2 on IE 5.2.2 *NEW*
ppflanz -- 12/11/03
The problem is a business matter too *NEW* labnuke --
12/11/03
How Do I Know? *NEW* BlackDiamond -- 12/11/03
PayPal email spoofs will be lucrative now... *NEW*
ejhonda -- 12/11/03
Stop the madness *NEW* Jaded old guy -- 12/11/03
IE Bug *NEW* dfyfe -- 12/11/03
Microsoft
Windows Server 2003: Get trial software demos, benchmarks,
checklists and more.
Aging hardware: The CIOs money pit?
Rob Schafer, Program Director, META Group
Dell: "We're actually a two-trick pony."
Michael Dell, CEO, Dell
On Demand: Building a competitive edge
Corey Ferengul, VP, Meta Group
More Webcasts...
BRITTAN
Remove the bull's-eyes for hackers
SCHNEIER
Did Blaster cause the blackout?
NOREAULT
Web services: Handle with care
IBM tools revamp targets Microsoft
11:24AM
Microsoft: Extra patching a precaution
11:23AM
Microsoft workers cash options for $382 million
10:54AM
Microsoft gets Windows XP update ready
10:49AM
Big Blue pulls in more outsourcing deals
10:49AM
Hitachi to squeeze fuel cell into PDAs
10:09AM
PC shipments on the upswing
09:35AM
More...
TECH UPDATE TODAY DAILY:
Dan Farber and David Berlind deliver daily insights on the
business and technology news that matters to enterprise IT.
Enterprise Alerts
IT Management
IT Professionals
Networking Communications
Webmasters
Software Developers
Manage My Newsletters
Help | Advertisements | Feedback | Reprints | Newsletters
CNET.com | CNET Download.com | CNET News.com | CNET Reviews | CNET
Shopper.com
GameSpot | mySimon | Search.com | TechRepublic | ZDNet | International
Sites
About CNET NetworksCopyright )2003 CNET Networks, Inc. All Rights
Reserved. Privacy Policy | Terms of Use
[demime 1.01d removed an attachment of type image/gif which had a name of b.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of t_home_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of t_news_home.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of t_itd_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of t_wp_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of t_dl_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of reviews_reg_top3.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of faded.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of sp_talk_reg.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of sp_email.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of sp_print.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of advertisement.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of spacer.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of treeItem.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of treeLastItem.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of b.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of powerbox_header.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of powerbox_03.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of dotclear.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of dotclear.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of zdnn_webcastbx_top.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of 1103aginghardware.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of pvid.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of 1120dell.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of ondemand2.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of zdnn_webcastbx_bttm.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of zdnn_comntbx_top.gif]
[demime 1.01d removed an attachment of type image/jpeg which had a name of 091203pbrittan_ms.jpg]
[demime 1.01d removed an attachment of type image/jpeg which had a name of 120903bscheier_ms.jpg]
[demime 1.01d removed an attachment of type image/gif which had a name of promo_bullet.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of morecmmtry.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of zdnn_comntbx_bttm.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of zdnn_latestbx_top.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of zdnn_latestbx_bttm.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of vert_hdr.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of specoffers2.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of divgray.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of b_home_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of b_news_home.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of b_itd_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of b_wp_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of b_dl_off.gif]
[demime 1.01d removed an attachment of type image/gif which had a name of reviews_reg_bttm3.gif]
[demime 1.01d removed an attachment of type application/octet-stream which had a name of c.gif?ts=1071172879&edId=2&prtnr=CNET%20Networks,%20Inc.&oid=2100-1105_2-5119440&ptId=2100&onId=1105&sId=2&asId=5119440]
---------------------------------------------------------------------
Pumpkin-growing archives: http://www.hort.net/lists/pumpkins/
To sign-off this list, send email to majordomo@hort.net with the
message text UNSUBSCRIBE PUMPKINS
