Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Spoofed Flaws in the Web Browsers

As per the news by heise-security.co.in July 16, 2007, security expert, Michael Zalewski, said that new flaws have been found in IE and Firefox. Further, the hackers can misuse these holes through URL spoofing. Konqueror and Opera are reported to have such flaws.

Senior director of market strategy at Patchlink, Paul Zimski, said that Mozilla is still working on the problem and meanwhile, companies should adopt a constructive approach to lower the amount of risk by suggesting the users to visit only trusted sites, as published by Vnunet.com on July 13, 2007.

Through Fire fox, web pages can use content in browser cache through URIs. Though the access to this browser is strictly prohibited, various ways have already been introduced to surpass it.

As per the news by Vnunet.com, Zimski said that companies should tackle the active scripting inside the Java Browser in order to restrict the visit of users to exploited sites. He added that there are exactly three patches that the administrators of IT have to settle down, but the companies should categorize and deploy the flaw immediately for this exploit when it is released.

Both Konqueror and Opera have some flaws which can be used to view arbitrary material through specially crafted URLs. This problem can arise when handling "data" URLs, which, in turn, can be used by hackers to spoof the URL by fooling a user into clicking on a specially designed link. Further, Opera's weakness results in exploited harmful websites and enables to conduct phishing and spoofing attacks.

Robert Swiecki, security researcher, has disclosed a vulnerability in these browsers, which comes into the form while depicting data: URIs. It allows the web pages to slot in content like images directly into HTML code. The bugs activated as soon as address line is shown while such web pages are processed may cause the concerned browsers to reveal the last characters of address. The URI are padded with whitespaces to make it appear more genuine.

Related article: September Suffers Sky-high Phishing & Virus Attacks

» SPAMfighter News - 7/27/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page