Jump to content
xisto Community
sujith

Ld Window Injection Flaw Reappears In Ie 7 Flaw reappeared again

By sujith, in Security issues & Exploits

Recommended Posts

sujith    0

sujith
Posted

I just read an article on eWEEK about a vulnerability that was in 2004 is still present in the latest Internet Explorer 7.The flaw is rated as moderately critical by Secunia.
Here is a short discription about the problem

"The problem is that a Web site can inject content into another site's window if the target name of the window is known," said Secunia, in Copenhagen, Denmark.

Quote From eWeek.

Do you think IE is going to be a secure browser?

Share this post

Link to post
Share on other sites

Deegatron    0

Deegatron
Posted

I just read an article on eWEEK about a vulnerability that was in 2004 is still present in the latest Internet Explorer 7.The flaw is rated as moderately critical by Secunia.

Here is a short discription about the problem

Quote From eWeek.

 

Do you think IE is going to be a secure browser?

 

Im afraid it doesnt matter how much security they put into the new browsers, people WILL find a way to attack your computer. Just dont spend your nights surfing porn and warez, get yourself a good virus checker and perhaps a firewall and that's about all that can be done.

Share this post

Link to post
Share on other sites

vhortex    1

vhortex
Posted

I just read an article on eWEEK about a vulnerability that was in 2004 is still present in the latest Internet Explorer 7.The flaw is rated as moderately critical by Secunia.

Here is a short discription about the problem

Quote From eWeek.

 

Do you think IE is going to be a secure browser?

 

hmm.. so it was not only on my side.. actually.. if you got the windows live patch that gives you tabs for IE6, that flaw goes back..

 

and i also encountered that flaw on IE.. have been doing lots of websites lately and i use to get lazy in window naming.. i have installed IE7 and bing! if two websites uses the same named window, they overlap each other. so much for popups and spawned windows..

 

no problem with Mozilla and pre IE7, what i did, reinstalled IE7 and the flaw was gone.. since i love the tabs i downloaded windows live tabs control and whoops.. the flaw was back..

 

********************

 

IE wont be secure anymore.. my wise guess.. darn.. if only IE follows webstandards, then i wont need to test my pages on it anymore.. and i hope i can remove this software out of my pc since it cannot be uninstalled, what was uninstalled was only the clickable explorer.exe and the rest of its engine was still present and will reinstall without your approval..

Share this post

Link to post
Share on other sites

sujith    0

sujith
Posted

In my opinion Opera is the most secure browser out there not even Mozilla Firefox is safe.Mozilla do have more security holes than IE at a time Symantec has reported this.But Firefox is just marginally better, but it will also become more vulnerable to attacks as people will use it more but we have hope that as it is an Open Source project people will come with updates quicker than Microsoft does.I am an Opera user and really happy about that.. :)--

Share this post

Link to post
Share on other sites

vhortex    1

vhortex
Posted

In my opinion Opera is the most secure browser out there not even Mozilla Firefox is safe.Mozilla do have more security holes than IE at a time Symantec has reported this.But Firefox is just marginally better, but it will also become more vulnerable to attacks as people will use it more but we have hope that as it is an Open Source project people will come with updates quicker than Microsoft does.
I am an Opera user and really happy about that.. :D

--


that was on firefoxs early days when it was detached from mozilla.
firefox updates was faster and only takes 2 or 3 days for a fix. that is what i remember..

i dont have any complains with opera, just its early days where it was a paid browser and was flooded by a free version with ads..

********************

faster response on IE as i remember was 3 months.. :)

Share this post

Link to post
Share on other sites

sujith    0

sujith
Posted

But how many users update the browser regularly (to minor updates).If you are a technicjal user there is a chance you will update your browser regularly...say if your neighbour who is a non geek got Firefox installed by you..he will not probably update it.But at the current figure about 75% of Firefox users are tech savvy users so currently no problem but I think as more non advanced users come they on't understand the importance of updationof the software regularly.

 

Only thing I hate about Opera is many toobars addons are not there.

 

that was on firefoxs early days when it was detached from mozilla.

firefox updates was faster and only takes 2 or 3 days for a fix. that is what i remember..

 

i dont have any complains with opera, just its early days where it was a paid browser and was flooded by a free version with ads..

 

********************

 

faster response on IE as i remember was 3 months.. :)

 


--

Share this post

Link to post
Share on other sites

DrK3055A    0

DrK3055A
Posted

There's another flaw at the new IE7. From secunia again, there is a critical bug in IE 6 & 7 that breaks the "same origin policy" when redirecting a page that is using the mhtml protocol, as IE bypass this check so any content from an arbitrary website can be retrieved from another.

Proof of concept (and a test for your browser):
http://secunia.com/Internet_Explorer_Arbiterability_Test/

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept