Yet another security flaw has been found in Internet Explorer (versions 5.01, 5.5 and 6). Gee, what a surprise. 🙂
This flaw is related to Phishing, which is the art of replacing the contents of a “trusted” web page with content from an untrusted source, and doing it without changing the address bar URL to reflect the new content source.
This sort of thing is used to trick people into thinking they are logging into their online banking site (for example), when instead they are handing their username and password to some nasty souls who will use it to put all your money into their pockets.
You can read about it here: Secunia. Secunia have also released a demo of the flaw that you can try here.
Any machine that has been patched with Service Pack 2, is immune to this one, (I’ve read). But SP2 is not widely installed yet, mostly due to the potential problems it may cause and the fact that it hasn’t shown up in “auto updates” yet.
As always, you best bet is to install and use Firefox and save yourself all the future stress. This is FAR from the first IE flaw and it won’t be the last.
Regards
Franki
