New phishing hole in Internet Explorer 7
Michal Zalewski has discovered a vulnerability in Internet Explorer 7 that makes it easy for phishers to do their dirty work and takes the usual advice always to enter URLs manually to an absurd extreme. Just after Internet Explorer 7 was released last October, a flaw was detected that allows the address bar of a window to be incorrectly displayed.
While victims still have to visit a malicious web site for an attack to succeed, once they have done so they cannot be sure that further web sites can be trusted. If, however, the next web site is visited via a bookmark, the address of the manipulated site is still displayed.
Secunia says that it discovered the hole on January 5 and reported it to Microsoft. The firm says that it wanted to wait to publish its own security advisory until Microsoft had provided its assessment. However, Secunia has now decided to release information because Zalewski has also done so. Internet Explorer 7 and Windows XP and Vista are affected.
- MSIE7 browser entrapment vulnerability (probably Firefox, too), Michal Zalewski's security advisory
- Internet Explorer 7 "onunload" Event Spoofing Vulnerability, Secunia's security advisory
- Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Secunia's security advisory