Common Tasks

Recent Posts


Email Notifications

Personal Links


Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Internet Explorer 7 Window Injection Vulnerability

My settings are a little more secure than the IE 7 defaults.  So far, IE 7 has passed 2 of the 3 tests noted for IE 7 at Secunia.  The one area related to an Outlook Express vulnerability is not in the wild and would be mitigated through phishing controls and best practices. 

Secunia: Internet Explorer 7 Window Injection Vulnerability

QUOTE: A vulnerability has been discovered in Internet Explorer 7, which can be exploited by malicious people to spoof the content of websites.  The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.

TEST for vulnerabilities



Spyware Sucks said:

Edit: fix title. Come on guys - are people really so determined to find bad news about IE7 that they
# October 30, 2006 6:34 PM