Internet Explorer Fights URL Spoofing Attacks

How many browsers have you tried using? Did you prefer one over the other? Did you keep one browser as your permanent browser? The majority of internet users all have their own ideas and opinions with regard to what browser is the best to use. This is not the only issue when it comes to browsers, the element of computer security is an important one. The safety of using a browser is another factor that is often taken into consideration; it is also a big topic of both debate and opinion amongst computer security experts. The vulnerability which I am going to be talking about today is related to the Microsoft Internet Explorer browser.

It has recently been confirmed that a vulnerability exists within Internet Explorer. This weakness unfortunately allows malicious online attackers to adequately spoof the Internet Explorer address bar. This involves malicious attackers creating false looking sites that appear the same as the authentic site. The online attacker may use this fake site to obtain highly confidential information, such as a victims online banking details. As we all know by now, once a malicious online attacker has gained access to your information, the results are going to be disastrous.

The next question that may be asked is: What caused this vulnerability to take place? This vulnerability is a result of an error which takes place when users open a new window. It is when the new window is opened with the use of "window. open ()", that the problem occurs. Malicious online attackers may proceed to exploit this issue in order to display spoofed content within the window of the browser. This all happens in process, while the address bar displays an arbitrary path on a host which is possibly trusted. Can you see the clever manner in which these vicious online attackers operate? With vast amounts of skill and precision, is how they do it.

This vulnerability has been confirmed in certain versions. I am sure you are dying to know which versions have been affected, so I won't keep you in suspense any longer. This vulnerability has been confirmed in the following versions:

• Internet Explorer 6

• Internet Explorer 7

• Internet Explorer 8

Some of the files of Internet Explorer 6 include the following: CREATE.BAT, and CHMOD.EXE. It is vital for users to be aware of the factor that other versions may also be affected.

In order for this vulnerability to be exploited in the correct manner certain requirements need to be met. The requirements are that it needs to be a site trusted by the victim; otherwise the victim may not access it, which would ruin the plan of the attacker. This could be anything from a social networking site, to a banking site. The solution for this vulnerability at this current point in time, is for users to never navigate for sensitive web pages under any circumstances, but  rather type the URL in manually. At the end of the day if something feels wrong, it probably is. If you can apply this concept to your entire browsing experience on a daily basis, you may just save yourself from becoming the next victim.