New IE vulnerability

Sorry if this has been posted, my time on the board has been sporadic of late, but I came across this post and thought it was worth posting:

http://www.techworld.com/news/index....ews&NewsID=944

Basically, it's a spoof in IE that can make you think that after you click a link, you're opening one file type (ie. pdf) when you're really opening another (ie. html, executable etc.). The article links to a security site with a test link for the vulnerability.

Savvy users might catch it (ie. IE would normally just load a pdf file into the browser window automatically without user intervention, and the preceding "..." in the filename would seem suspicious) but the average user probably wouldn't. The slant of the warning is that you should always save files and then open them manually via Explorer etc. vs. opening them in IE. At least Explorer will show you the true file type.

Anyways, just wanted to throw this out there, might help someone avoid problems down the road...

Cheers,

KV

ps. FWIW, my beloved Firebird browser recognized the file download in the test for what it was... Not an MS bash, but just a reminder that there are alternatives...

Yet another reason to go to an alternate browser: Mozilla, Opera etc. or better yet try Linux.