|
-
January 29th, 2004, 11:58 PM
#1
New IE vulnerability
Sorry if this has been posted, my time on the board has been sporadic of late, but I came across this post and thought it was worth posting:
http://www.techworld.com/news/index....ews&NewsID=944
Basically, it's a spoof in IE that can make you think that after you click a link, you're opening one file type (ie. pdf) when you're really opening another (ie. html, executable etc.). The article links to a security site with a test link for the vulnerability.
Savvy users might catch it (ie. IE would normally just load a pdf file into the browser window automatically without user intervention, and the preceding "..." in the filename would seem suspicious) but the average user probably wouldn't. The slant of the warning is that you should always save files and then open them manually via Explorer etc. vs. opening them in IE. At least Explorer will show you the true file type.
Anyways, just wanted to throw this out there, might help someone avoid problems down the road...
Cheers,
KV
ps. FWIW, my beloved Firebird browser recognized the file download in the test for what it was... Not an MS bash, but just a reminder that there are alternatives...
-
January 30th, 2004, 01:09 AM
#2
Yet another reason to go to an alternate browser: Mozilla, Opera etc. or better yet try Linux.
The true test of character is not how much we
know how to do, but how we behave when we don't know what to do
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
