If you use IE6, swing by this site and see just how bad this one is. It can be
used for phishing and is VERY effective:
http://secunia.com/advisories/13482/
Be sure to run the test on that page if you are unconvinced.
HTH
Tom
-
If you use IE6, swing by this site and see just how bad this one is. It can be
used for phishing and is VERY effective:
http://secunia.com/advisories/13482/
Be sure to run the test on that page if you are unconvinced.
HTH
Tom
-
Dangerous IE6 vulnerability - not yet patched - MORE INFORMATION
Wow, this vulnerability is both trivial to implement and extremely effective.
The example on the Secunia page points places non-Paypal text on a page that
not only shows the actual Paypal https address in the address bar:
https://www.paypal.com
but it also displays the padlock icon which, when clicked, DISPLAYS PAYPAL'S
SSL CERTIFICATE DETAILS.
This is an extremely dangerous vulnerability and can be easily fixed by
setting IE's Internet-zone security level to HIGH, by disabling the vulnerable
ActiveX control in IE through "Tools->Manage Add-Ons" (XP SP2 only) or by
disabling ActiveX support.
Anyway, HTH
Tom
> -----Original Message-----
> From: [email protected] [mailto:[email protected]]On
> Behalf Of Tom
> Sent: Saturday, January 15, 2005 7:27 PM
> To: [email protected]; [email protected]
> Subject: [meu] Dangerous IE6 vulnerability - not yet patched
>
>
> If you use IE6, swing by this site and see just how bad this one
> is. It can be
> used for phishing and is VERY effective:
>
> http://secunia.com/advisories/13482/
>
> Be sure to run the test on that page if you are unconvinced.
>
> HTH
> Tom
>
>
-
Dangerous IE6 vulnerability - not yet patched - MORE INFORMATION
On Sat, 15 Jan 2005 22:13:08 -0600, Tom <[email protected]> gave utterance
to the following:
> Wow, this vulnerability is both trivial to implement and extremely
> effective.
>
> The example on the Secunia page points places non-Paypal text on a page
> that
> not only shows the actual Paypal https address in the address bar:
>
> https://www.paypal.com
>
> but it also displays the padlock icon which, when clicked, DISPLAYS
> PAYPAL'S
> SSL CERTIFICATE DETAILS.
>
> This is an extremely dangerous vulnerability and can be easily fixed by
> setting IE's Internet-zone security level to HIGH, by disabling the
> vulnerable
> ActiveX control in IE through "Tools->Manage Add-Ons" (XP SP2 only) or by
> disabling ActiveX support.
>
Or I can continue feeling smug that I installed Windows sans ActiveX and
use Opera for all my browsing. My system is unusually stable and free of
spyware.
--
Richard Grevers
Between two evils always pick the one you haven't tried
Comment
-
Dangerous IE6 vulnerability - not yet patched
Everybody should be using Firefox or Opera. IE is obsolete if you ask =
me.
Anybody tired of IE security flaws?
Ben
-----Original Message-----
From: [email protected] [mailto:[email protected]] On =
Behalf
Of Tom
Sent: Saturday, January 15, 2005 7:27 PM
To: [email protected]; [email protected]
Subject: [meu] Dangerous IE6 vulnerability - not yet patched
If you use IE6, swing by this site and see just how bad this one is. It =
can
be
used for phishing and is VERY effective:
http://secunia.com/advisories/13482/
Be sure to run the test on that page if you are unconvinced.
HTH
Tom
Comment
Comment