Web Browsers
  1. Home
  2. Computing & Technology
  3. Web Browsers
Scott Orgera
Scott's Web Browsers Blog

By Scott Orgera, About.com Guide to Web Browsers

Government Releases Details of IE Vulnerability

Tuesday July 1, 2008

US-CERT, the Department of Homeland Security's Computer Emergency Readiness Team, has released details of a security flaw in Microsoft's Internet Explorer browser. According to the report, IE does not properly restrict access to a document's frames. By tricking a user into viewing a specially crafted HTML document, a hacker could then access non-domain-specific elements (i.e., an onmousedown event) from a Web page that exists in another domain. Since the victim does not realize that they are interacting with a different domain at this point, the attacker can then exploit the flaw in several malicious ways including capturing keystrokes.

Internet Explorer 6, 7, and even IE8 Beta 1 are at risk here. The only workaround available at the moment is to disable Active Scripting in the Internet Zone.

(Photo © altvisor - #628229/stockxpert)

Comments

No comments yet. Leave a Comment

Leave a Comment

Line and paragraph breaks are automatic. Some HTML allowed: <a href="" title="">, <b>, <i>, <strike>

Explore Web Browsers
About.com Special Features

The Best Web Trends of the Decade

A look back at the best innovations, ideas and technologies over the last 10 years, More >

Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Web Browsers
  1. Home
  2. Computing & Technology
  3. Web Browsers

©2010 About.com, a part of The New York Times Company.

All rights reserved.