Multi Browser Security Flaw

[Aaron]

Absolutely not and is the reason I don't do online banking ;o)

My philosophy is simple......... I don't go anywhere near things I do
not trust ;o) (tis much safer, hehe)

All well and good until "the things you trust" get hacked, as some
websites running IIS were :0)

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

Aaron (my email is not munged!)

 

[Aaron]

I must be really missing it .... first, the demonstration page
look just like the secunia.com page (not with the MS fram) and
with this message in the middle:

What are your security settings. Also I suspect the tab browsing in
Greenbrowser (with the right settings) might have messed up the exploit.
I understand Myie2 users experience the same.



Aaron (my email is not munged!)

 

[R. L.]

What are your security settings. Also I suspect the tab
browsing in Greenbrowser (with the right settings) might
have messed up the exploit. I understand Myie2 users
experience the same.

In fact, both a possible. I do have a pretty safe setting.

(Anyhow, no banking or purchasing online ever myself here
anyway).



--
RL
Unofficial Adaware Updater; Little (File) Backer Upper; Uptime
Quickie; Tray Quickie; Google Quickie; Lefty Animated
Cursors;
http://home.earthlink.net/~ringomei/page2.html
*******************************************
Places that list the Pricelessware annual voting results and
information:
http://www.pricelessware.org,
http://lesspriceware.netfirms.com/

 

[R. L.]

According to this page

http://www.securitypipeline.com/news/22103560;jsessionid=MDN
GDZXNPT1A4QSNDBCCKHY

"It's not a code vulnerability," said Secunia's Kristensen,
"but a design flaw."

and

"Internet Explorer users can stymie such spoofing attacks
by disabling the "Navigate sub-frames across different
domains" setting under Tools/Internet Options/Security."

Yes, I disabled that. No wonder....

--
RL
Unofficial Adaware Updater; Little (File) Backer Upper; Uptime
Quickie; Tray Quickie; Google Quickie; Lefty Animated
Cursors;
http://home.earthlink.net/~ringomei/page2.html
*******************************************
Places that list the Pricelessware annual voting results and
information:
http://www.pricelessware.org,
http://lesspriceware.netfirms.com/

 

[Matt]

From a friend:
-------------------------------------------------------------------------------------------------------
The research security group Secunia has found a flaw in versions of
Internet Explorer, Mozilla, Netscape and other browsers. This flaw
allows hackers to spoof content from legitimate Web sites.

This means you could potentially download malicious code thinking
it was a legitimate update or program.

Microsoft says that this flaw has been patched. Secunia counters that
this flaw exists even with the patch installed. Secunia has a test to
see if you're at risk:
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test

I ran the test. My fully patched version of Internet Explorer was
vulnerable, but Mozilla was not.

This problem occurs if you have two Web sites open, and one of them
is run by hackers. If you continue to use Internet Explorer, keep only
one Web site open.

IE5.5sp2 on Win98SE - vulnerable

With security for the zone (Internet) set to CUSTOM, and the setting:

Miscellaneous
Navigate sub-frames across different domains

at "Prompt" - the attempt results in a prompt


I'll leave that setting at prompt for a while, and see how irritating
it is in normal use - if it doesn't hurt, I may even throw it to
disable.


Time I had another look at my settings - already greater than default,
but there are probably some others that could be tougher as well.

 

[Glev Zarriontal]

I was drunk and paranoid. The site seems overwritten for so little
content. Just been back and run the test.
My default configuration of Opera identifying itself as Opera passes

Why would anyone want to have Opera identify itself as anything other than
Opera I will have problems understanding.

the test; identifying as IE6 it fails.
I have a mind to continue to identify as Opera.

You are aware Opera 7.5.2 is out yes?

The change log states this version exists because of the flaw found as I
read it.

This site is a nice reason for continuing to be paranoid:

http://www.symantec.ar.nu/ (NEWBIES BEWARE)

I don't know how long it has been up, but it is over two weeks.
Downloading and running the cleaner file would be a trifle foolish.

IMO, It would be cyber suicide.