1. Home
  2. Computing & Technology
  3. Web Browsers
photo of Scott Orgera
Scott's Web Browsers Blog

By Scott Orgera, About.com Guide to Web Browsers

Government Releases Details of IE Vulnerability

Tuesday July 1, 2008

US-CERT, the Department of Homeland Security's Computer Emergency Readiness Team, has released details of a security flaw in Microsoft's Internet Explorer browser. According to the report, IE does not properly restrict access to a document's frames. By tricking a user into viewing a specially crafted HTML document, a hacker could then access non-domain-specific elements (i.e., an onmousedown event) from a Web page that exists in another domain. Since the victim does not realize that they are interacting with a different domain at this point, the attacker can then exploit the flaw in several malicious ways including capturing keystrokes.

Internet Explorer 6, 7, and even IE8 Beta 1 are at risk here. The only workaround available at the moment is to disable Active Scripting in the Internet Zone.

(Photo © altvisor - #628229/stockxpert)

Comments

No comments yet. Leave a Comment

Leave a Comment

Line and paragraph breaks are automatic. Some HTML allowed: <a href="" title="">, <b>, <i>, <strike>

Explore Web Browsers
About.com Special Features

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Easy ways to connect two computers for networking purposes. More >

  1. Home
  2. Computing & Technology
  3. Web Browsers

©2009 About.com, a part of The New York Times Company.

All rights reserved.