IE (and You) Vulnerable to iFrame Vulnerability
Posted 07/02/08 at 03:38:58 PM | by Mark Edward Soper
Researchers may have discovered that 637 million users are running outdated browsers, but when it comes to handling iFrame-based attacks, it doesn't matter how up to date your copy of Internet Explorer is: ZDNet's Zero Day security blog reports that exploit code is now available online to demonstrate how to perform malicious attacks against IE7 as well as IE6 and even IE8 beta 1.
The exploit code can take over an inline frame (an iFrame is an HTML element that enables the embedding of one HTML document inside another one) and subsequently capture keystrokes. Imagine the implications for online banking, e-commerce, and other "secure" uses of the Web. Scary!
Digging Deeper
The full US-CERT advisory is available here, and you can try a harmless proof-of-concept from a link here. For more about how iFrame attacks work, see this April 2008 article from UK's Guardian.
What Say You?
Have you been hit by an iFrame exploit? Do you avoid frames in websites? Tell us about it!
Image courtesy of Zero Day.
Comments
Print
Email
RESOURCE CENTER
KICK ASS OFFERS
MOST RECENT COMMENTS
THIS MONTH's ISSUE 
FEATURE Awesome Upgrades: The best PC upgrades in every price range.HOW TO Connect your PC to your surround-sound audio systemProtect Your PC We put 10 of the most popular antivirus programs to the test to see which will protect you best. Android Revealed Find out how the Google-powered HTC G1 stacks up against its rivals.
Technology News
Computer Cooling Fans
Computer Cases
PC Game Controllers
PC Games
Computer Hardware
Headphones
MP3 Players
Stream Video
Computer Mouse
Monitors
Motherboards
NAS Storage
Networking
Laptop Computers
DVD Burner
Digital Cameras
Portable Storage
Computer Accessories
Smartphone
Antivirus Software
Sound Cards
Speakers
Computer Systems
Thumb Drives
Video Cameras
Video Card Reviews
Water Cooling
Gadgets
- Keyboards
© 2008 Future US, Inc. All Rights Reserved.