An address bar spoof can be conducted by a malicious phisher taking advantage of a race condition in Internet Explorer.
The Secunia security advisory website advised IE users of a moderately critical vulnerability in the browser. Secunia created a test that can show if the user's browser is vulnerable.
IE 6 on fully patched Windows XP SP1/SP2 machines, and the IE 7 Beta 2 preview (March edition) demonstrate this vulnerability. In my testing, the vulnerability was present on IE 6, but not in Firefox 1.5 or Opera 9 TP2.
Like a previously reported critical issue about IE, Secunia noted that users can disable Active Scripting in the browser until Microsoft releases a patch. Secunia provided more details and a link to the test demonstrating the vulnerability:
The vulnerability is caused due to a race condition in the loading of web content and Macromedia Flash Format files (".swf") in browser windows. This can be exploited to spoof the address bar in a browser window showing web content from a malicious web site.
- Display of a spoof vulnerable IE -
- Display of a spoof proof IE -
This is how your browser should look like! Check your browser!
Secunia has constructed a test, which can be used to check if your browser is affected by this issue: Click Here to Test your Browser!
Verify:
If u have doubts on a certain page u are browsing thru and wish to verify if its legitimate or not here’s somethin u can do ! just copy the code below and place it on the address bar u are viewing the page of doubt hit enter that will display the original page location!
<copy>
javascript:alert("The Real URL address: " + location.protocol + "//" + location.hostname + "/");
</copy>
Fix / Solution :
if u want a tool that can alert you wen there is a spoof like this then use the following toolbars they come in different flavors for different browsers :)
http://toolbar.netcraft.com/
http://toolbar.trustwatch.com/
http://www.corestreet.com/spoofstick/index.html
http://pages.ebay.com/toolbar/accountguard_1.html
http://addins.msn.com/addins_category_toolbar.aspx
No comments:
Post a Comment