Internet Explorer Spoofing Weakness

Firefox 1.0 was released yesterday – it’s time to switch.

Roozbeh Afrasiabi has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar.

This weakness is a variant of: SA13015

The problem has been confirmed in version 6.0 on a system running Windows XP with SP2 installed. Other versions may also be affected.

Solution: Never follow links from untrusted sources.

Disable the “Run ActiveX controls and plug-ins” setting for all but trusted sites.