Microsoft denies spoofing is a security flaw
Source: zdnet.co.uk - Posted by Vincenzo Ciaglia   
Hacks/Cracks Microsoft has denied that a spoofing technique available on its Internet Explorer browser is a security vulnerability. The software giant accepted the possibility that spoofing could occur on version six of IE, but rejected claims that this was a security flaw.< . . . Microsoft has denied that a spoofing technique available on its Internet Explorer browser is a security vulnerability. The software giant accepted the possibility that spoofing could occur on version six of IE, but rejected claims that this was a security flaw.

In a prepared email statement from the company, a spokesperson said: "Microsoft is aware of a security issue reported last week that could allow spoofing the URL a user sees in Internet Explorer's status bar. Users could see a URL in the status bar when the mouse hovers over the link on a webpage, but clicking the link would take the user to a different URL. Our investigation has indicated that this is not a security vulnerability."

Last week, a researcher in Germany, Benjamin Tobias Franz, posted warnings on bulletin board Web site Bugtraq, stating that Internet Explorer could spoof links if users put two URLs and a table inside an HTML href tag.


The result, Franz claimed, was that malformed links to URLs, could take users to an entirely different Web site without their knowledge.

Read this full article at zdnet.co.uk

Only registered users can write comments.
Please login or register.

Powered by AkoComment!