New IE Bug Hides Real Site Address 683
Norman at Davis writes "ZDNet is running a story on a new security flaw in Microsoft's Internet Explorer which could let hackers use a technique to display a false Web address on a fake site according to an advisory from the Danish security company Secunia. The Danes report that 'the vulnerability is caused due to an input validation error, which can be exploited by including the "%01" URL encoded representation after the username and right before the "@" character in an URL.' PC World reports that 'Microsoft says it is investigating reports of the vulnerability. When that inquiry is complete, the company will take whatever steps it deems necessary, such as issuing a new patch, a spokesperson says.' And for good measure, here's what Google news is covering on it right now."
Re:This bodes ill (Score:5, Funny)
See also (Score:5, Funny)
That would explain a lot (Score:5, Funny)
Word from the Microsoft Information Minister (Score:5, Funny)
I don't really get them sometimes, honestly. Is this sort of like their being a SARS outbreak in New York and the CDC saying that they won't look into it for a month?
MicrowhocaresjustuseandOSOS (Score:4, Funny)
lets just hope they release the patch on purpose this time
moderately critical (Score:4, Funny)
How long will it be before someone finds a "critically critical" uber-flaw.
Re:Not patching this month...... (Score:5, Funny)
Re:This bodes ill (Score:2, Funny)
Re:The patch they should issue! (Score:0, Funny)
Re:A demonstration (Score:2, Funny)
So how do I know it's real?
Re:Not patching this month...... (Score:1, Funny)
Re:Word from the Microsoft Information Minister (Score:2, Funny)
Re:Crap like this..... (Score:2, Funny)
That's pretty elite - can you post your config files on how to do that?
Re:Works fine on IE (Score:5, Funny)
Re:Not a problem in Opera (Score:0, Funny)
Well then I guess most things are a mystery to you buddy!
Comment removed (Score:5, Funny)
So Happy It's Thursday (Score:1, Funny)
So
Happy
It's
Thursday
is upheld by Microsoft security bugs.
And of course, now that Microsoft is releasing patches on Tuesday, we also have
So
Happy
It's
Tuesday
as well.
Kudos to Microsoft!
No it isn't (Score:2, Funny)
Now go away, you are taking up the space of the Microsoft apologists and I can use a good laugh.
Re:That isn't much better though! (Score:0, Funny)
Why would you do that, since only IE is affected. It would be like Open Office popping up a window saying: "If this were MS Office you'd be infected by a VBR virus." While I agree that such a site would be suspicious, such a feature would add no functionality to the browser.
Internet Explorer download link (Score:2, Funny)
Re:This bodes ill (Score:1, Funny)
It's a Windows XP server and it works almost everyday. Because it's not up all the time means my staff gets more done because they're not surfing the web on those 'off' days. Also because it's actually off more than on it must be more resistant to viruses: after all one cannot infect a machine that's not running! Oh, I'm happy with my DNS server.
Hang on, I just need to submit this bid before it closes.
There I now have a brand new in the box Lamborghini for only $258.79: this eBay stuff is great.
I feel sorry for you guys out there that don't run Windows servers.
Face it (Score:2, Funny)
Re:This bodes ill (Score:3, Funny)
Re:Not patching this month...... (Score:2, Funny)
Re:This bodes ill (Score:2, Funny)
Re:This bodes ill (Score:1, Funny)
Re:This bodes ill (Score:2, Funny)
Patch Just Released! (Score:4, Funny)
www.microsoft.com/ie/download%01@ftp.mozilla.or
Re:IE Mac is fine (Score:1, Funny)
That's funny. I erased IE that day I bought my G4 because of its "High Brand Recognition".
M$ purchases Slashdot (Score:1, Funny)
http://petard.freeshell.org/ms-announce.html
(be sure to use IE)
Microsoft Patching Condom (Score:1, Funny)
Squinting closely at my monitor I see it actually says:
"Microsoft's Patching Conundrum"
I really need to get new glasses.