[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] more on MSFT: don't click on links, type them in by hand
Delivered-To: dfarber+@ux13.sp.cs.cmu.edu Date: Thu, 29 Jan 2004 21:48:52 -0300 From: Claudio Gutiérrez <gutierrezclaudio@terra.cl> Subject: Re: [IP] [Boing Boing Blog] MSFT: don't click on links, type them in by hand To: dave@farber.netanother example of an Internet Explorer issue was reported yesterday and can be summarised as "don't automatically open files with IE":
"http-equiv has identified a vulnerability in Internet Explorer, allowing malicious web sites to spoof the file extension of downloadable files. The problem is that Internet Explorer can be tricked into opening a file, with a different application than indicated by the file extension. This could be exploited to trick users into opening 'trusted' file types which are in fact malicious files".
you can test the vulnerabilty of your browser from this page http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/
If your browser is IE, it is tricked. Mozilla isn't. ------------------------------------- To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC